Full Time Employee Contractor
Role and Responsibilities
The contractor will continue to establish and refine information security and privacy policies, incorporating new and emerging federal laws, OMB requirements and NIST guidance, while also accounting for best practices and emerging threats and technologies. Collectively these documents address a variety of information security and privacy information, from information security and privacy program policies, interim memos, subject-specific guidance and implementation standards. The contractor shall:
· Maintain existing security policies, memoranda and technical standards. Specifically:
o Identify and analyze new and emerging requirements for policy impacts;
o Develop new policies, procedures, memoranda or standards;
o Regularly review and update existing policies, procedures, memoranda or standards.
o Retire policies, procedures, memoranda or standards when obsolete.
· Maintain a comprehensive policy tracking mechanism aligned to policy management life cycle.
· Coordinate all related policy communication and approval activities.
· Align policy activities to not only support policy work stream objectives, but also support strategic initiatives across multiple work streams and related implementation
· Keep abreast of new and/or updates to security-related policy and initiatives from other gov't entities that may impact and advise federal staff on a path forward/next steps
· Develop and analyze quantitative and qualitative metrics to assess the effectiveness of published policies/memoranda/standards in order to identify value of the policy and identify opportunities for improvement
· Engage with policy working groups with OpDivs and Department work streams to vet new policy and/or updates to policy as appropriate
To apply for this job, contact: