IT Policy and Risk Management Strategist - 26582

About The Position

Requirements

• 5 years relevant experience with Bachelors in related field; 3 years relevant experience with Masters in related field; 0 years experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 9 years relevant experience.
• Requires deep knowledge of IT policy development lifecycle.
• Proven experience in policy drafting in federal or highly regulated environments, and a thorough understanding of relevant laws and regulations.
• Excellent attention to detail, organizational skills, and the ability to work collaboratively in a team-oriented environment are essential.
• Strong analytical and writing skills, and the ability to clearly communicate complex policy concepts to technical and non-technical audiences.
• Clearance: Must have and maintain and active secret security clearance.

Nice To Haves

• Ability to maintain a network with key players influencing regulatory development.
• Ability to incorporate new information back into agency standard operating procedures, forms, and/or training materials.
• Manage regulatory intelligence information to facilitate efficient use and re-use of information and analyses.
• Be able to to build out and maintain a centralized SharePoint policy portal to provide IT and agency personnel with access to IT policies, guidance, templates, and related policy-development resources.
• DHS Section 508 Training Certificate

Responsibilities

• Ensure a comprehensive understanding of existing regulatory requirements and continuously monitors industry trends to anticipate the impact of new regulatory requirements.
• Inventory, document, and maintain standard operating procedures (SOPs), policies, and related governance artifacts across the IT domain.
• Research, analyze, and interpret complex laws, regulations, and regulatory guidance (e.g., FISMA, PRA, Section 508, NIST frameworks) to inform policy development and updates.
• Draft, revise, and review IT policy and procedure documents, ensuring accuracy, completeness, and effective communication of policy intent and nuances.
• Collaborate with the Senior IT Policy & Risk Management Strategist to translate strategic risk and compliance priorities into actionable policies, standards, and implementation guidance.
• Provide expert analysis and recommendations on policy implications, identifying gaps, ambiguities, or conflicts in existing documentation.
• Support policy issuance processes, including coordination with stakeholders, version control, and communication of changes to affected parties.
• Assist in compliance assessments by providing policy interpretation, evidence collection, and documentation support.
• Establish and operationalize IT policy communication and maintenance programs.
• Develop tools and resources, including policy socialization plans, issuance reference guides, checklists, and templates, to assist IM&T personnel in creating and maintaining IT policies and procedures.

Benefits

• best-in-class medical, dental and vision plan choices
• wellness resources
• employee assistance programs
• Savings Plan Options (401(k))
• financial planning tools
• life insurance
• employee discounts
• paid holidays and paid time off
• tuition reimbursement
• early childhood and post-secondary education scholarships