Job Description
Job Title: Cybersecurity Policy Analyst
Type: Contract to Hire
Location: Tampa, FL
JOB SPECIFIC COMPETENCIES
- Work with technology and business partners on their requirements and provide insight, interpretation and guidance on information security policies and standards
- Maintain strong understanding of inherent and residual risk along with information security controls
- Analyze policy exceptions to determine risk and impact to company and communicate the resulting information in both written and verbal formats to stakeholders
- Act as a subject matter expert in governance risk and compliance systems to document and record risks and decisioning to provide holistic risk perspective
- Act as an information Security Policy subject matter expert (SME) for reviewing, analyzing, and recommending changes to existing agency information security policies based on trends, industry standards, and best practices
- Act as the primary point of contact (POC) for policy analysis and facilitate policy discussions as needed
- Develop strategies for recognizing security governance needs and embedding them into our company processes and procedures
- Partner with business stakeholders to educate our staff and evangelize security policies, standards and principles at all levels of the organization
- Interface with various teams and departments to identify the security controls needed to protect their valuable data, and create strategies for implementing or maintaining these controls in our environments
- Research best practices, identify gaps and areas for improvement, and develop and maintain the information security policies
- Maintain strong knowledge of security-related regulations and standards
- Demonstrates detailed knowledge of NIST, HIPAA, PCI DSS, COBIT, risk assessments, security audits, incident response, and policy governance.
- Manages the communication of issues to key stakeholders. Stakeholders include development teams, IT personnel, management, and the customer.
- Performs critical thinking as required.
- Performs post-resolution follow-ups to ensure successful resolution of issues.
- Research and enlist in training programs to stay current on latest industry trends.
- Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement and automation.
- Ability to communicate effectively with all levels of the organization, including technical teams and high-level stakeholders.
- Strong documentation and technical writing skills required.
- Perform other duties as assigned.
MINIMUM EDUCATION AND EXPERIENCE REQUIREMENTS
A bachelor's degree (or higher) and a minimum of six (6) years of experience in cyberSecurity Policy creation and analysis. Must have extensive experience in continuity of operations, disaster recovery, incident response, and risk mitigation plan creation and maintenance.
Please note: Degree is preferred but will consider candidates with an equivalent combination of education, training and experience that would reasonably be expected to provide the job-specific competencies noted below
An equivalent combination of education, training and experience that would reasonably be expected to provide the job-specific competencies noted below.
CERTIFICATION, LICENSE AND SPECIAL REQUIREMENTS
One or more of following certifications are preferred: CISA, CISSP, CISM, CRISC, or CompTIA Security+
Dexian is a leading provider of staffing, IT, and workforce solutions with over 12,000 employees and 70 locations worldwide. As one of the largest IT staffing companies and the 2nd largest minority-owned staffing company in the U.S., Dexian was formed in 2023 through the merger of DISYS and Signature Consultants. Combining the best elements of its core companies, Dexian's platform connects talent, technology, and organizations to produce game-changing results that help everyone achieve their ambitions and goals.
Dexian's brands include Dexian DISYS, Dexian Signature Consultants, Dexian Government Solutions, Dexian Talent Development and Dexian IT Solutions. Visit https://dexian.com/ to learn more.
Dexian is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status.