Cybersecurity Policy Analyst

We are committed to helping our clients navigate the complex world of technology and security ensuring that they have the tools and expertise needed to protect critical government assets and data. We develop and execute a strategy for our clients to realize mission goals with the strongest effectiveness possible. We are looking for a knowledgeable and skilled Cybersecurity Policy Analyst to join our team and support our work with the United States federal government. This role is essential in ensuring that our agency leverages technologies and tools while maintaining compliance with federal regulations and safeguarding sensitive information. This is your chance to work with a distinguished federal law enforcement agency committed to maintaining the highest standards of security and integrity.

As a Cybersecurity Policy Analyst you will help shape our policies and procedures in the everevolving landscape of IT security and technology. You will work with senior leaders and clients to assist in the development of enterprise polices standards and standard operating procedures governing applications and technologies. You will help our partners navigate the complex world of technology and security ensuring that they have the tools and expertise needed to protect critical government assets and data. Collaborating with leadership and stakeholders to create comprehensive cybersecurity policies and guidelines that align with federal regulations security standards and best practices.

• Monitoring and ensuring compliance with policies regulations and standards.
• Conducting research and synthesizing information from various sources and preparing detailed reports briefings and presentations.
• Ensuring policies are comprehensive clear and aligned with industry standards and regulatory requirements.
• Contribute to discussions and planning sessions
• Manage multiple projects and deadlines efficiently with a strong attention to detail and exceptional organizational skills. This includes setting goals timelines and tracking progress.
• Understand and share the legal and ethical implications of policies especially in terms of user privacy data protection and artificial intelligence.
• Working closely with IT teams security teams legal teams and other relevant stakeholders to ensure that cybersecurity policies align with the organizations goals and security requirements.

• Ability to hold a position of public trust with the US government.
• Masters Degree and 3 years of relevant experience in policy analysis government relations or related fields with a focus on data policy technology policy cybersecurity AI ethics compliance etc.; OR
  • Bachelors Degree and 5 years of relevant experience; OR
  • No degree and 9 years of relevant experience
• Possesses at least one professional certification relevant to the technical service provided. Maintain a certification relevant to the product being deployed and/or maintained.
• Missiondriven teamplayer mindset.
• Experience writing cybersecurity policies technical standards and standard operating procedures. Desire to get in the weeds of technical policy development.
• Experience applying cybersecurity and data protection frameworks and regulations such as NIST 80053 HIPAA GDPR state privacy regulations etc.
• Demonstrated ability to independently strategize and implement crossfunctional policy initiatives that address complex technology risks.
• Strong project management skills including developing work plans/project plans conducting resource planning delegating tasks mitigating risks managing stakeholder feedback and communicating project progress to executives.
• Excellent written and verbal communication skills for communicating policies and procedures to employees management and stakeholders can convey complex information clearly to diverse audiences.
• Understanding of change management best practices and bridging gaps between policy and behavior change.
• Knowledge of current and emerging cybersecurity and data protection risks threats and vulnerabilities.
• Knowledge of technology risk management best practices.
• Flexibility to adapt to changing priorities and evolving policy landscapes and quickly learn and apply new information.
• Ability to assess and weigh current and evolving security threats in an operational environment

Preferred:

• Demonstrated knowledge of a variety of IT concepts practices and procedures to ensure the secure integration and operation of technology systems.
• Experience implementing NIST controls.
• Experience developing updating and managing policies for a federal organization. DHS preferred.

Identity Statement

As part of the application process you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Steampunk is a Change Agent in the Federal contracting industry bringing new thinking to clients in the Homeland Federal Civilian Health and DoD sectors. Through our HumanCentered delivery methodology we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges. As an employee owned company we focus on investing in our employees to enable them to do the greatest work of their careers and rewarding them for outstanding contributions to our growth. If you want to learn more about our story visit .

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race color religion sex national origin disability status protected veteran status or any other characteristic protected by participates in the EVerify program.