IT - Information Security​/Privacy Analyst II

Policy Specialist Required Skills

• 2-3 years of technical writing experience in policy analysis or a related role.
• Knowledge of AI tools and capabilities to perform technical writing.
• Good working knowledge of NIST CSF and CIS Controls and other relevant security frameworks.
• Ability to distill complex technical concepts into clear, concise, and actionable language.
• Excellent written and verbal communication skills, including the ability to tailor messaging for diverse audiences.
• Strong research skills, with the ability to contribute meaningfully to lifecycle updates.
• Strong collaboration skills, with the ability to work effectively across technical and non-technical teams.
• Familiarity with security governance, risk management, and compliance (GRC) processes.
• Bachelor's degree in public policy, political science, law, economics, or a related field.

• Research, draft, and analyze policies to ensure alignment with stakeholder needs, subject matter experts, industry standards, and organizational goals.
• Conduct gap analyses against industry frameworks and regulatory requirements, to recommend policy enhancements.
• Collaborate with security engineers, compliance officers, and business managers to ensure policies are both technically sound and operationally practical.
• Translate technical security concepts into clear, concise, and accessible documentation for diverse audiences.
• Collaborate with stakeholders to update CISO policies for annual lifecycle updates.
• Review and contribute to policies and standards for groups outside of CISO.
• A minimum of eight (8) to twelve (12) years' relevant experience.
• A degree from an accredited College/University in the applicable field of services is required. If the individual's degree is not in the applicable field then four additional years of related experience is required.