Cybersecurity Policy Analyst

Cybersecurity Policy Analyst

AGE Solutions is looking for a cybersecurity policy analyst to lead the review, consolidation, and development of cybersecurity policies in alignment with government standards. The analyst ensures that policies strike a balance between security imperatives and operational efficiency, and regularly briefs senior management on initiatives, fostering an informed and proactive leadership approach.

• Develop, refine, and integrate cybersecurity policies and governance frameworks in accordance with government requirements while supporting organizational security objectives and operational effectiveness.
• Maintain, update, and improve Cyber Security Service Provider (CSSP) processes, policies, and procedures with an emphasis on enterprise-level incident response operations supporting the government work environment.
• Conduct ongoing assessments and revisions of the government's Cyber Security Standard Operating Procedures (SOPs) and Tactics, Techniques, and Procedures (TTPs) to ensure alignment with evolving operational requirements, cybersecurity standards, and organizational objectives.
• Monitor, assess, and validate compliance within the government's cybersecurity directives, standards, and regulatory requirements to support secure and compliant enterprise operations.
• Support government adherence to Cyber Defense directives through the coordination, tracking, and validation of recurring and long-term cybersecurity compliance requirements and implementation efforts.
• Coordinate the distribution and communication of critical cybersecurity and compliance‑related information to support organizational reporting, validation efforts, and regulatory requirements.
• Support preparation activities for Cyber Security Service Provider (CSSP) evaluations, audits, and performance assessments while assisting with compliance validation against established cybersecurity metrics and standards.
• Compile, analyze, and report on Cyber Security Service Provider (CSSP) artifacts, inspection data, and performance metrics to support cybersecurity assessments, compliance initiatives, and organizational reporting requirements.
• Support the coordination, planning, and execution of cybersecurity exercises, including tabletop and operational readiness activities, for government programs, systems, and enterprise applications to strengthen incident response and security preparedness capabilities.
• Develop post‑exercise reports and documentation, including after‑action reviews and lessons learned, to support continuous improvement of cybersecurity readiness, response procedures, and operational effectiveness.
• Provide support to government programs and enterprise applications in the development, coordination, and maintenance of Risk Management Framework (RMF) packages to support cybersecurity authorization and compliance requirements.
• Assist government personnel with preparation activities for Cyber Security Service Provider (CSSP) evaluations, cybersecurity inspections, and compliance audits to support operational readiness and regulatory adherence.
• Coordinate the collection, organization, and compilation of cybersecurity data and supporting documentation for Cyber Security Service Provider (CSSP) metrics, assessments, and reporting requirements.
• Prepare, maintain, and update cybersecurity training materials to support the implementation and transition of incident response and analysis procedures for government system administrators, information assurance personnel, and incident response teams.
• Conduct and facilitate cybersecurity training sessions in both classroom and virtual environments, including delivery through video teleconference platforms to support distributed personnel and operational requirements.
• Provide executive‑level briefings to senior leadership on cybersecurity policy updates, implementation progress, compliance status, and emerging security requirements impacting organizational operations.
• Provide technical guidance and subject‑matter expertise in the development, maintenance, evaluation, and review of cybersecurity policies in accordance with government standards and requirements.
• Maintain…