Cybersecurity Policy and Operations Analyst

The Cybersecurity Policy and Operations Analyst provides technical, analytical, and coordination support to enterprise cybersecurity policy development, information security continuous monitoring (ISCM), defensive cyber operations governance, and incident response program documentation. This action officer–level role supports policy interpretation, monitoring requirements, Cybersecurity Service Provider (CSSP) community coordination, and preparation of materials for senior cybersecurity leadership within the Department of Work (DoW).

• Assist in reviewing and interpreting DoW cybersecurity assessment and authorization policy aligned to DoDI 8510.01 (RMF) and DoDI 8530.01 (Cybersecurity Defense of the DoDIN), including Evaluator Scoring Metrics (ESM) development/interpretation.
• Draft guidance, reference materials, and issue summaries to clarify policy intent, including for non-standard or emerging systems.
• Research and compile examples mapping policy requirements to atypical architectures and operational environments.

• Support development and maintenance of enterprise ISCM documentation (baselines, monitoring targets, visibility expectations).
• Translate cybersecurity policy into draft technical baselines and monitoring artifacts used by Components and CSSPs.
• Collect and organize monitoring data, assessment findings, and operational insights to refine ISCM guidance.

• Lead action officer–level coordination for the CSSP Community of Interest (COI): agendas, facilitation, issue tracking, and follow‑up actions.
• Consolidate community feedback and policy/operational issues for elevation to senior leadership.
• Support the DoW CIO’s participation in the Cyber Defense Steering Group (CDSG) by preparing materials, documenting threat trends, and tracking assessment priorities.

• Contribute to drafting and maintaining incident response program documentation.
• Compile monitoring visibility data, assessment findings, and lessons learned to update procedures and defensive strategies.
• Document workflows, coordination requirements, and reporting expectations for enterprise incident response.

• Assist in drafting, editing, and maintaining enterprise cybersecurity directives (e.g., updates tied to DoDI/DoDM 8530.01, cloud monitoring requirements, CSSP responsibilities, defensive operations policy).
• Prepare briefings and talking points for senior leaders on policy development status and decisions.
• Conduct background research and prepare initial drafts for ISCM guidance and CSSP alignment documents.

• Support Tenant Configuration Guide (TCG) governance activities: collect implementation data, document compliance observations, and prepare summary reports.
• Assist with verification that IL5 DoW M365 tenants implement required baseline configurations.
• Draft communications on configuration expectations, deviations, and recommended corrective actions.

• Prepare briefings, summaries, and technical notes for leadership decision‑making.
• Consolidate stakeholder feedback and operational insights into actionable documentation.
• Maintain organized repositories for policy artifacts, monitoring requirements, meeting records, and coordination materials.

* This position is designed to be flexible, with responsibilities evolving to meet business needs and enable individual growth.

• Active
  
  TS/SCI clearance
• Foundational understanding of cybersecurity policy, RMF processes, and defensive cyber operations.
• Ability to analyze technical information and translate it into clear, structured documentation.
• Strong organizational skills (action tracking, document control, multi‑stakeholder coordination).
• Experience preparing briefings, summaries, or technical notes for leadership review.
• Ability to work in a fast‑paced, policy‑driven environment with shifting priorities.
• Ability to work onsite no less than 3 days per weekin
  
  Arlington, VA (Pentagon area) and/or Alexandria, VA (Mark Center).