Information Security Policy Analyst
Fivesky
·
Posted:
August 28, 2023
·
Onsite
About the position
Fivesky is seeking an Information Security Policy Analyst with extensive experience in cybersecurity and a focus on writing security policies, particularly in the area of IAM. The ideal candidate will have a proven track record of leading policy development and governance, as well as strong communication and negotiation skills. Responsibilities include creating and maintaining policies and standards content, analyzing and rewriting policies using the FFIEC CyberSecurity Tool, and supporting policy adoption through education and training programs. Knowledge of NIST guidelines and experience with technology policies and standards are also desired.
Responsibilities
- Assess, guide, and rewrite policies and standards related to cybersecurity
- Collaborate with global cybersecurity teams and stakeholders at all levels within the organization
- Enhance policies, ensure compliance, and support policy adoption efforts
- Lead policy development and governance of access technology and information security
- Analyze security policies for a regulated industry
- Develop and maintain policies and standards content
- Utilize the FFIEC CyberSecurity Tool to analyze and rewrite policies
- Engage in discussions with subject matter experts, policy counterparts, and senior management to enhance policies and standards based on NIST
- Support and contribute to policy adoption through education, training, and awareness programs
- Assist in monitoring policy compliance across technology divisions
- Contribute to centrally coordinated activities such as strategy, planning, project/program management, and management reporting
- Develop policies and procedures applying the latest industry cybersecurity guidelines, specifically NIST SP 800-63 Digital Identity Guidelines
- Familiarity with FFIEC Cybersecurity Assessment Tool and Cyber Risk Institute's Financial Services Profile
- Experience in IAM (Identity and Access Management)
Requirements
- 5-7+ years of experience working in cybersecurity with a focus on writing security policies, preferably in IAM
- Proven track record of leading policy development and governance of access technology and information security
- Ability to interface with people at all levels within the organization
- Knowledgeable in analyzing security policies for a regulated industry
- Exposure to adoption and development of technology policies and standards
- Strong communication skills and ability to negotiate and influence others
- Expertise in creating and maintaining policies and standards content
- Familiarity with the FFIEC CyberSecurity Tool and NIST guidelines
- Ability to support and contribute to policy adoption through education/training and awareness programs
- Experience in monitoring policy compliance across technology divisions
- Proficiency in developing policies and procedures based on industry cybersecurity guidelines, specifically NIST SP 800-63 Digital Identity Guidelines
- Familiarity with the FFIEC Cybersecurity Assessment Tool and Cyber Risk Institute's Financial Services Profile
- IAM experience (Identity and Access Management)
Benefits
- Competitive compensation plans
- Long-term career opportunities
- Vacation, holiday pay, and sick days
- Equal-opportunity employer
- Full-time, direct employment opportunity
- Salary based on experience and qualifications