Cybersecurity Policy SME

Recruiter
Gunnison Consulting Group Inc
Location
United States
Salary
Competitive
Posted
29 Sep 2024
Closes
27 Oct 2024
Job Type
Cyber Security
Employer Sector
Technology, IT & Telecoms
Contract Type
Permanent
Hours
Full Time

Work Location: Hybrid/Washington, DC.

We are seeking a motivated and customer–oriented cybersecurity professional to support our Department of State client. The candidate will support maturation of the customer's cybersecurity program to enact cyber policy, roles, operations, and compliance.

Duties and responsibilities include:

  • Leverage your expertise with existing Government IT Framework to create and implement robust cybersecurity policies tailored to a specific government bureau.
  • Design and deliver comprehensive cybersecurity training programs for various roles (SO, ISSO, ISSM), ensuring personnel are equipped with essential knowledge and skills.
  • Analyze and meticulously document existing cybersecurity processes and procedures. Identify areas for optimization and provide actionable recommendations for improvement.
  • Establish and maintain a rigorous compliance tracking system for artifacts such as POA&M, ATO, and ISA.
  • Work closely with software development teams to integrate cybersecurity considerations throughout the software development lifecycle.

Required Qualifications:

  • Minimum of bachelor's degree in Cybersecurity, Computer Science, Information Technology, Public Policy, or a related field OR Equivalent combination of education and relevant experience.
  • Minimum of 3 years of experience as a Policy SME with a demonstrated focus on cybersecurity frameworks and compliance within the US government or government contracting environment.
  • Proven track record in developing and implementing policies aligned with NIST standards (specifically NIST 800–53 and related Special Publications).
  • Experience with the Risk Management Framework (RMF) process and associated documentation (SSP, SAR, POA&M, etc.).
  • In–depth knowledge of NIST 800–53, and other relevant cybersecurity standards and regulations (e.g., FISMA, FedRAMP).
  • Understanding of how to tailor cybersecurity policies to meet specific agency and mission requirements.
  • Analyze complex processes and workflows related to authorization, assessment, and continuous monitoring.
  • Identify inefficiencies and compliance gaps, recommending data–driven improvements.
  • Exceptional written and verbal communication skills, including the ability to translate technical concepts for non–technical audiences.
  • Ability to collaborate effectively with cross–functional teams, including stakeholders at various levels within the government.

Desired Qualifications:

  • Familiarity with Department of State FAM/FAH: Experience with our internal framework is highly advantageous.
  • Contracting Acumen: Familiarity with government contracting processes, terminology (FAR, DFARS, etc.), and how policy decisions impact contract compliance.
  • Industry Certifications: Relevant cybersecurity certifications (e.g., CISSP, CISM, etc.) are a significant plus.
  • Software Development Background: Understanding of the software development lifecycle and the integration of security principles within it.

Clearance Requirement: Active Secret clearance.

Why Join Gunnison?

  • Gunnison takes on ambitious projects. We target fun, challenging work that requires creative thinking and innovation.
  • Quality is our top priority.
  • Gunnison employee benefits meet or exceed what other companies in the Washington, D.C. metropolitan area offer.
  • There is a great sense of camaraderie at Gunnison. This is an atmosphere we will maintain as we continue to grow.
  • We are growing rapidly and the opportunity for individual professional growth with Gunnison is outstanding.
  • We hire for careers at Gunnison, not to fill a position.

Employee Benefits

Gunnison employee benefits meet or beat other companies in the Washington, D.C. metropolitan area, including:

  • Bonuses AND profit–sharing
  • 401k Matching
  • Certifications and training allowance $2,500/year
  • 3 weeks of personal leave your first year (160 hours can roll over every year)
  • 5 days of Flex–Time–Off per year

Equal Opportunity/Affirmative Action Employer. Must be eligible for employment in the United States. We are unable to sponsor candidates at this time.

In 1994 Gunnison Consulting Group began serving the greater Washington, D.C. metro area, focused on tackling our customers' most ambitious technology projects. By creating a culture dedicated to enabling our customers and employees to achieve more than they ever thought they could, the company has thrived for over 25 years.