Cybersecurity Policy Subject Matter Expert, SME

Job not on LinkedIn

🕒 April 10

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of MBL Technologies Inc.

MBL Technologies Inc.

11 - 50 employees

MBL Technologies Inc. is a Service-Disabled Veteran-Owned Small Business (SDVOSB) that specializes in Digital Solutions, Risk Management, Compliance and Advisory, and Management Consulting. As a small business, MBL’s growth comes directly from our deep understanding of business, project, and information security industries; experienced and dedicated staff; and MBL’s investment in its employees. The MBL environment is expressly designed to inspire all employees to put forth their best. MBL leadership and staff continuously recognize individual successes, milestones, and contributions, and make a point to celebrate these achievements together. MBL maintains an active calendar of company and community-based events to strengthen our unity, skills and expertise, and continue the unique MBL work-life-fun balance that makes MBL a great organization to be a part of and place to work.

📋 Description

• Track and analyze cybersecurity policy updates and directives from NIST, OMB, HHS, Cybersecurity and Infrastructure Security Agency (CISA), and other sources. • Lead the review and update of agency cybersecurity policies. • Perform gap analyses between current policies and new/revised federal requirements and develops remediation recommendations. • Develop implementation plans and rollout strategies for new or updated policies. • Draft policy memos, white papers, and briefings for both technical and non-technical audiences. • Support the development of security control overlays and tailored baselines aligned with the NIST RMF. • Advise agency leadership and program offices on cybersecurity policy interpretation and compliance. • Assist with the Federal Information Security Modernization Act (FISMA) reporting and audit support related to policy compliance. • Participate in working groups, policy review boards, and governance meetings. • Develop briefings and status updates on cybersecurity policy trends and contractor.

🎯 Requirements

• 10 years of cybersecurity policy development experience in a federal setting. • Experience reviewing and writing enterprise-level security policies for a federal agency. • Working knowledge of the NIST SP 800 series (especially 800-53 Rev. 5 and 800-37) • Experience with FISMA compliance, continuous monitoring, and Security Assessment and Authorization (SA&A) processes. • Familiarity with Executive Orders, OMB Memoranda (e.g., M-22-09 Zero Trust), and CISA Binding Operational Directives. • Strong writing and editing skills; ability to take complex policy concepts and put them into plain language. • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or CompTIA Cybersecurity Analyst (CySA+) (highly desired). • US citizenship (required) • BA/BS degree • Public Trust Clearance or the ability to obtain a clearance.

🏖️ Benefits

• robust benefits package (medical, dental, vision, STD, Accident, Life, Hospital Insurance, FSA, HSA, 401K match, professional development stipend, etc.) • employee discounts • learning and development reimbursement

Apply Now

Similar Jobs

🕒 April 10

Frost & Sullivan

1001 - 5000

🤝 B2B

🤖 Artificial Intelligence

🏢 Enterprise

Industry Analyst role focusing on cybersecurity market research and client engagement within Frost & Sullivan's Security division.

🕒 April 9

Harness

501 - 1000

☁️ SaaS

🔒 Cybersecurity

Senior Product Security Engineer at Harness securing software delivery with AI automation and integrity from design to deployment. Collaborate with engineering to proactively identify vulnerabilities.

🕒 April 9

SHI International Corp.

5001 - 10000

🤝 B2B

🔧 Hardware

☁️ SaaS

Security Solutions Advisor at SHI responsible for generating security business opportunities. Engaging with customers to identify needs and close security deals across various accounts.

🕒 April 9

Akumin®

1001 - 5000

⚕️ Healthcare Insurance

💊 Pharmaceuticals

🔬 Science

Security Engineer I role at Akumin, focused on securing IT infrastructure and managing security solutions. Responsibilities include incident response, vulnerability management, and security controls implementation.

🕒 April 8

Upstart

1001 - 5000

Senior Security Engineer at Upstart responsible for identifying risks and building security solutions. Collaborating with teams to enhance security practices and support innovation.