|
Tharros is seeking a Senior Security Governance and Policy Analyst to support a DHS Intelligence and Analysis cybersecurity program in the National Capital Region.
This role will support cybersecurity governance, policy, compliance, and executive communications across a complex mission environment. The ideal candidate can translate Federal, DHS, and Intelligence Community cybersecurity policy into practical implementation plans and help senior cybersecurity leaders drive consistent governance across cloud, on-premise, classified, and unclassified environments.
Responsibilities:
- Serve as a senior cybersecurity governance and policy advisor supporting cybersecurity leadership.
- Analyze cybersecurity requirements derived from policies, directives, standards, and guidance.
- Develop and update cybersecurity policies, standards, governance documentation, and implementation recommendations.
- Support governance activities related to RMF, FISMA, CNSSI standards, NIST 800-53, security control catalogs, supply chain risk management, AI/ML security considerations, and cybersecurity compliance.
- Review changes to Federal, DHS, Intelligence Community, and other applicable cybersecurity policies and recommend practical implementation approaches.
- Support updates to security policy manuals, supply chain risk management policy, security control catalogs, and related governance artifacts.
- Coordinate with governance, risk, and compliance stakeholders to support accurate control mapping and policy implementation.
- Research new or updated cybersecurity Executive Orders, Intelligence Community policies, national security guidance, and related requirements.
- Support cybersecurity audit response activities, including inspection, compliance, and oversight-related efforts.
- Prepare executive summaries, reports, talking points, briefings, stakeholder communications, and senior-leader presentation materials.
- Support cybersecurity governance working groups, taskers, data calls, trackers, repositories, and policy reference updates.
- Help identify opportunities to improve governance processes, streamline policy implementation, and increase consistency across cybersecurity compliance activities.
- Active TS/SCI
- 10+ years of experience supporting cybersecurity projects of similar size and complexity.
- Knowledge of Federal, DHS, and Intelligence Community cybersecurity policy and guidance.
- CISSP or CISM certification, or equivalent.
- Experience with cloud and on-premise environments.
- Experience translating cybersecurity policy into implementable plans.
- Strong written and verbal communication skills.
- Experience developing cybersecurity policy, governance documentation, executive briefings, reports, and stakeholder communications.
- Familiarity with RMF, FISMA, CNSSI, NIST 800-53, GRC processes, security control catalogs, and cybersecurity compliance.
- Ability to work onsite at a Government-approved location as required.
- Strong written and verbal communication skills.
Preferred Qualifications:
- Prior DHS, Intelligence Community, CISO office, ISSM, Authorizing Official, or national security cybersecurity governance experience.
- Experience with classified cybersecurity policy, SCI systems governance, DHS 4300-series guidance, ICD 503, CNSSI 1253, or related security frameworks.
- Experience with cloud security governance, hybrid environments, AI/ML policy considerations, Zero Trust policy implementation, or supply chain risk management.
- Experience preparing senior-leader briefings, audit responses, governance materials, working group updates, and stakeholder communications.
|