Policy Consultant

About The Position

Requirements

• A strong understanding of NIST 800-53 information security principles, guidance, and regulations.
• Ability to validate Cybersecurity Policy mapping to NIST 800-53 and implement information security requirements for IT systems through the RMF and CSF processes.
• Gathering and organizing technical information about an organization's existing security products, and ongoing programs.
• Excellent written and verbal communications skills including the ability to communicate effectively with internal stakeholders.
• Strong interpersonal skills to interact with clients to provide Cyber Security Policy and Program advice and guidance.
• Ability to work in a flexible environment where requirements and procedures continuously evolve.
• Ability to work under pressure with efficiency and accuracy.
• Proficiency with Office 365 skills including Word, PowerPoint, Excel.
• Completed Bachelor’s degree from an accredited university, preferably in an IT related field.
• Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered.
• One or more of the following: CISA, Security+, CASP, CEH, Network+, or equivalent indusry recognized certification
• Minimum 5 years of overall experience in information security, security program, security operations or similar role - including at least 3 years serving as an Information System Security Officer (ISSO) responsibilities, such as:
• Risk Management Framework (RMF) and Cybersecurity Framework (CSF) practices, Security Technical Implementation Guides and associated National Institutes of Standards and Technologies (NIST) 800 series security publications.
• Developing and documenting enterprise Information Assurance Policy, Procedure, Standards, and Guidelines.
• Experience with NIST 800-53 rev. 5

Nice To Haves

• CISSP or CISM Certification

Responsibilities

• Support the ISSO in carrying out their roles and responsibilities by researching and evaluating the current Cybersecurity Policy and Minimum Requirements.
• Providing support for facilitating and helping identify current enterprise security infrastructure and implementation of security related documentation.
• Review, evaluate and provide recommended updates to enterprise level Policy, Procedures, Standards, and Guidelines and providing recommendations on areas for improvement with content and structure.
• Provide support to plan, prioritize, coordinate, and implement the organization’s information security program, leveraging existing Cybersecurity Governance processes.

Benefits

• Our people make Coalfire Federal great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve.
• Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more.
• You’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support memberships, and comprehensive insurance options.