Business & Policy Analyst
Listed on 2026-06-28
-
IT/Tech
IT Consultant, Information Security, Cybersecurity, Data Security
Business & Policy Analyst
Role: NCDIT - Business & Policy Analyst
Location:
3700 Wake Forest Rd, Raleigh NC 27609 Client:
State of NC Type: C2C/W2 Typical
Experience:
84+ months
This position is mostly remote, but DIT may want them to attend an in-person meeting from time to time so they'd prefer someone driving distance from our office in Raleigh.
Position RequirementsAble to articulate IT value propositions from both a business and technical perspective
Experience writing and reviewing IT, privacy, and/or security policies
Ability to develop business case/ROI for IT value propositions
Ability to transfer knowledge and other important or relevant information to others in the engagement channel
Matrix management skills for DIT, client, vendors, and other involved parties/resources
Ability to participate in the project to deliver the proposed and agreed upon solution
Understanding of general IT architectural principles
Excellent verbal and written communication skills including the ability to interact and communicate effectively with “S” level client executives
Vertical business expertise and/or knowledge of horizontal solution capabilities
Solid vendor interaction and management skills at a project level
Ability to transfer knowledge and other important or relevant information to others in the engagement channel
Strong knowledge of and experience with business software technology, analysis tools and business case analytics
Detail oriented professional with experience using M365 applications to draft, review, outline, and understand business processes and policies
Experience with NC statewide security and privacy policies
Preferred SkillsExperience with NIST 800-53 rev5, NIST RMF and familiarity with NIST Privacy Framework, and NIST AI Framework.
Experience developing a crosswalk or matrix of data classification and privacy and security controls.
Experience creating, reviewing, and/or refining system data dictionaries with stakeholders.
Experience with data asset classification of federally regulated stated and NC state-owned and controlled data, to include retention schedules.
Experience developing and implementing standard operating procedures (SOPs) with regard to information privacy and security.
Experience manually creating data dictionaries in Excel to record data owner, data table names, system business names, retention schedules, aligned privacy policies and notices, etc.
Experience with NIST 800-53 rev5, NIST RMF and familiarity with NIST Privacy Framework, and NIST AI Framework.
Required 5 Years Experience developing a crosswalk or matrix of data classification and privacy and security controls.
Required 5 Years Experience creating, reviewing, and/or refining system data dictionaries with stakeholders.
Required 5 Years Experience with data asset classification of federally regulated stated and NC state-owned and controlled data, to include retention schedules.
Required 5 Years Experience developing and implementing standard operating procedures (SOPs) with regard to information privacy and security.
Required 5 Years Experience manually creating data dictionaries in Excel to record data owner, data table names, system business names, and retention schedules.
Required 5 Years Experience manually creating data dictionaries in Excel to record aligned privacy policies and notices, etc.
Required 5 Years Experience with NC statewide security and privacy policies.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).