Cybersecurity Governance Analyst

Booz Allen Hamilton•Usa, VA

1d•Remote

About The Position

The Cybersecurity Governance Analyst will be responsible for supporting strategic policy development in the nation's cyber security efforts. This role involves assessing current cyber policies, identifying coverage gaps and risks, and evaluating policies against regulations, best practices, and industry standards. The analyst will guide clients in understanding acceptable risk and availability, and contribute to the development of a strategic cyber roadmap to ensure secure operations in an evolving IT environment. This position supports the security of critical national infrastructure through strategic cyber policy development.

Requirements

10+ years of experience in services for the Federal government or Federal advising within a professional work environment.
Experience drafting executive or senior-level correspondence or material to support decision-making.
Experience in the cybersecurity or information assurance field.
Experience supporting Federal organizations.
Experience facilitating meetings including working groups and conferences and associated pre and post meeting activities such as agenda development and meeting minutes.
Knowledge of Department of War cybersecurity programs such as RMF, CMMC, or Cloud.
Secret clearance.
Bachelor’s degree.
CISM or CISSP Certification.

Nice To Haves

Experience drafting technical documents, including technical policies and strategies, at the organization level.
Experience with NIST SP 800 series publications such as 800-37, 800-53, 800-171, 800-171A, or 800-172.
Experience incorporating requirements from laws, regulations, and/or government-wide policies into operational cybersecurity programs.
Experience with intelligence analysis or risk analysis including assessing threats, vulnerabilities, and operational impacts in support of decision-making processes.
Ability to effectively apply their concepts and requirements in both technical and strategic discussions.
Possession of strong verbal and written communication skills.
Possession of strong organizational, problem solving, and interpersonal skills.
CMMC Certified Assessor (CCA) or CMMC Certified Professional (CCP) Certification.

Responsibilities

Lead the assessment of client's current cyber policies, their coverage, and areas of risk.
Evaluate or audit how policies stack up to regulations, best practices, and industry standards.
Guide clients through understanding acceptable risk and availability.
Advance the development of a strategic cyber roadmap.
Ensure the client operates securely as they navigate an evolving IT environment.
Perform Action Officer duties and utilize staffing processes or tools.
Facilitate meetings including working groups and conferences.
Manage pre and post-meeting activities such as agenda development and meeting minutes.