Cybersecurity Policy Subject Matter Expert, SME

Job not on LinkedIn

🕒 April 10

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

MBL Technologies Inc.

WebsiteLinkedInAll Job Openings

11 - 50 employees

MBL Technologies Inc. is a Service-Disabled Veteran-Owned Small Business (SDVOSB) that specializes in Digital Solutions, Risk Management, Compliance and Advisory, and Management Consulting. As a small business, MBL’s growth comes directly from our deep understanding of business, project, and information security industries; experienced and dedicated staff; and MBL’s investment in its employees. The MBL environment is expressly designed to inspire all employees to put forth their best. MBL leadership and staff continuously recognize individual successes, milestones, and contributions, and make a point to celebrate these achievements together. MBL maintains an active calendar of company and community-based events to strengthen our unity, skills and expertise, and continue the unique MBL work-life-fun balance that makes MBL a great organization to be a part of and place to work.

📋 Description

• Track and analyze cybersecurity policy updates and directives from NIST, OMB, HHS, Cybersecurity and Infrastructure Security Agency (CISA), and other sources. • Lead the review and update of agency cybersecurity policies. • Perform gap analyses between current policies and new/revised federal requirements and develops remediation recommendations. • Develop implementation plans and rollout strategies for new or updated policies. • Draft policy memos, white papers, and briefings for both technical and non-technical audiences. • Support the development of security control overlays and tailored baselines aligned with the NIST RMF. • Advise agency leadership and program offices on cybersecurity policy interpretation and compliance. • Assist with the Federal Information Security Modernization Act (FISMA) reporting and audit support related to policy compliance. • Participate in working groups, policy review boards, and governance meetings. • Develop briefings and status updates on cybersecurity policy trends and contractor.

🎯 Requirements

• 10 years of cybersecurity policy development experience in a federal setting. • Experience reviewing and writing enterprise-level security policies for a federal agency. • Working knowledge of the NIST SP 800 series (especially 800-53 Rev. 5 and 800-37) • Experience with FISMA compliance, continuous monitoring, and Security Assessment and Authorization (SA&A) processes. • Familiarity with Executive Orders, OMB Memoranda (e.g., M-22-09 Zero Trust), and CISA Binding Operational Directives. • Strong writing and editing skills; ability to take complex policy concepts and put them into plain language. • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or CompTIA Cybersecurity Analyst (CySA+) (highly desired). • US citizenship (required) • BA/BS degree • Public Trust Clearance or the ability to obtain a clearance.

🏖️ Benefits

• robust benefits package (medical, dental, vision, STD, Accident, Life, Hospital Insurance, FSA, HSA, 401K match, professional development stipend, etc.) • employee discounts • learning and development reimbursement