Cybersecurity Policy Analyst Job at SPECIAL AEROSPACE SECURITY SERVICES INC, Washington DC

ZHR1Sk40ZjBhbFVtd1h4OE1RWW9pczNSclE9PQ==
  • SPECIAL AEROSPACE SECURITY SERVICES INC
  • Washington DC

Job Description

Job Description

Job Description

Cybersecurity Risk Policy Analyst

Location : Remote
Clearance Required : Minimum Secret
Employment Type : Full Time, Regular

Job Description:

Special Aerospace Security Services, Inc. (SASSI) is seeking a Cybersecurity Risk Policy Analyst to support a United States Government client. The Analyst will join a collaborative multi-disciplinary team focused on strengthening cybersecurity governance and compliance across Federal environments. This role emphasizes writing, reviewing, and implementing cybersecurity policies and procedures aligned with RMF (Risk Management Framework), NIST guidance, and broader Governance, Risk, and Compliance (GRC) strategies.

Work Environment:
This is a remote position; however, the selected candidate is expected to maintain a full-time presence during normal business hours. The employee must be consistently available and responsive to the team and client during core business hours of 8:30 AM to 3:30 PM EST, Monday through Friday (flexible working hours between 7:00AM to 6:00PM). Participation in virtual meetings, collaborative working sessions, and prompt communication via Microsoft Teams, email, and other platforms is required to ensure alignment with other (GRC) team members and project stakeholders.

Primary Responsibilities:

  • Lead and support the development, implementation, and governance of cybersecurity policies and procedures.
  • Collaborate with stakeholders, mission organizations, and technical teams to define security requirements and align governance objectives.
  • Develop and update policies and documentation supporting RMF controls, including System Security Plans (SSPs), Vulnerability Management, Configuration Management, Change Management, and Incident Response.
  • Provide expert knowledge in Federal cybersecurity regulations, including NIST SP 800-53/37, FISMA, OMB guidance, and RMF processes.
  • Perform qualitative and quantitative security risk assessments to identify gaps, evaluate threats, and recommend mitigation strategies.
  • Guide the implementation of Zero Trust Architecture and contribute to cyber resilience strategies.
  • Assist in Continuous Monitoring, A&A documentation, policy lifecycle management, and GRC tool support.
  • Engage in technical and non-technical report writing, including risk analysis reports and governance briefings.
  • Write, edit, and format formal cybersecurity documentation, policies, and procedures to meet Customer standards and ensure clarity, consistency, and compliance.
  • Ensure all deliverables follow professional documentation standards including proper grammar, formatting, structure, and version control.
  • Deliver training and advisory support to stakeholders on cybersecurity governance, policy compliance, and RMF processes.
  • Ensure consistent high-quality deliverables and communication with clients.

Basic Qualifications:

  • US Citizenship
  • Must pass a background investigation
  • Active Secret clearance (minimum)
  • 5+ years of information security experience
  • 2+ years developing and maintaining cybersecurity policies and procedures
  • 2+ year of RMF implementation experience focused on cybersecurity controls
  • Exceptional attention to detail and accuracy in all documentation and analysis
  • Proven ability to navigate and influence complex organizations and deliver policy initiatives to senior leadership and technical teams.
  • Strong knowledge of security governance, compliance, and risk management frameworks.
  • Demonstrated ability to perform technical writing, editing, and document formatting in compliance with GRC documentation standards
  • Familiarity with:
    • NIST, ISO, FISMA, OMB, COBIT, FAIR, SIG, CCM, SOC-2, HITRUST, PCI, GDPR
  • Proficient in tools and processes to:
    • Facilitate meetings, organize virtual collaboration, and deliver presentations via Microsoft Teams
  • Excellent analytical, communication, and technical writing skills
  • Ability to engage with client leadership on daily operational and strategic matters

Desired Tools & Platforms:

  • RMF Tools
  • Governance, Risk, & Compliance Tools (e.g., ServiceNow Xacta, RSA Archer)
  • DISA STIGs, CIS Benchmarks
  • ServiceNow
  • RedSeal, Tenable, Splunk, Cortex XDR
  • Phishing simulation tools
  • Penetration testing tools: Nmap, Wireshark, Nessus, Metasploit, Burp Suite

Desired Skills:

  • Drafting government policies, RMF SSPs, and A&A documentation
  • Risk analysis techniques (qualitative and quantitative)
  • Technical and non-technical report writing
  • Document formatting best practices (headers, styles, templates, tables, TOCs)
  • Technical writing methodologies
  • Zero Trust Architecture (ZTA) principles
  • Cyber Resilience Assessment Methodology

Certifications:

  • Required : DoD 8570.01 IAM Level II (e.g., CAP, CASP+, CISM, CISSP [Associate], GSLC)
  • Preferred : CISSP, CISA, or other advanced cybersecurity certifications

Education:

  • Preferred : Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related discipline

Job Tags

Full time, Remote work, Flexible hours, Monday to Friday,

Similar Jobs

Securitas

Waikiki Area - Hotel Security Officer (Overnights) Job at Securitas

 ...Queen Kapiolani Hotel Security Officer Shift: 10pm - 6am ( Fri - Tues) Salary: $21 / Hourly We help make your world a safer place. Securitas is a global company that offers the most advanced and sustainable security solutions in the industry... 

Uline, Inc.

Senior Investment Analyst Job at Uline, Inc.

 ...Senior Investment Analyst Corporate Headquarters 12575 Uline Drive, Pleasant Prairie, WI 53158 Take the lead in shaping Ulines investment strategy! As a Senior Investment Analyst, youll research and evaluate market opportunities, manage portfolio performance... 

Bardi Heating, Cooling and Plumbing

Call Center Manager Job at Bardi Heating, Cooling and Plumbing

 ...communication, adaptability, and a team-first mindset. Position Overview: We are seeking a motivated and experienced Call Center Manager to lead our inbound and outbound call center team. This role will oversee daily operations, coach and develop call center representatives... 

Advance Local : Cleveland.com

Life & Culture Managing Producer Job at Advance Local : Cleveland.com

 ...Strengthening and empowering all of the communities we serve. Life and Culture Managing Producer Cleveland.com and The Plain Dealer , is seeking an innovative, passionate editor and managerto lead our award-winning team of veteran journalists covering Greater... 

Marin City Health and Wellness Center

Behavioral Health Provider (Licensed Clinical Psychologist or LCSW), Hybrid Remote Schedule Job at Marin City Health and Wellness Center

 ...Consistently attend and actively participate in all BH department and clinic meetings Other duties and/or special projects as assigned...  ...: Education and/or Experience: ~ Licensed Clinical Psychologist or LCSW Language Skill: Must possess excellent...