Sr. Cybersecurity & Privacy Policy Analyst/Technical Writer at APTNEXUS – Washington, District of Columbia
APTNEXUS
Washington, District of Columbia, 20001, United States
Posted on
Updated on
Explore Related Opportunities
About This Position
About APTNEXUSSince our founding 2012, APTNEXUS has empowered federal agencies and commercial enterprises to navigate the complexities of the digital landscape. As a quality-driven small business, we specialize in the seamless delivery of IT modernization and elite cybersecurity solutions. We help our clients modernize and fortify their technology stacks —ensuring their most critical data and assets remain resilient, optimized, and secure in an evolving threat environment.
Clearance:Must be eligible for Public Trust clearance. Active Treasury MBI is a plus.Position Overview:The Sr. Cybersecurity and Privacy Policy Analyst/Technical Writer is a key role responsible for developing, implementing, and maintaining the organization's cybersecurity and privacy policies, standards, procedures, and guidelines. This role requires a deep understanding of relevant regulations, industry best practices, and legal requirements related to data security and privacy within the federal government. The Sr. Policy Analyst/Technical Writer will analyze existing policies, identify gaps, and create new policies to ensure compliance and mitigate risks. They will also play a crucial role in educating employees on security and privacy best practices. Your duties and responsibilities will include, but are not limited to:Lead the development and maintenance of comprehensive cybersecurity and privacy policies, standards, procedures, and guidelines that align with industry best practices (e.g., NIST, ISO 27001) and applicable regulations (e.g., GDPR, CCPA, HIPAA, GLBA, etc.).Serve as the subject matter expert and advisor to the government’s task lead, focusing on the advancement of processes and workflows. This includes supporting the efficient creation, updating, reviewing, and dissemination of policies, standards, procedures, and guidelines to all relevant stakeholders.Monitor and analyze emerging cybersecurity and privacy regulations, laws, and standards to identify potential impacts on the organization and recommend necessary policy updates.Conduct regular gap analyses of existing policies and procedures to identify areas for improvement and ensure alignment with current regulatory requirements and business needs.Contribute to risk assessments by identifying policy-related vulnerabilities and recommending appropriate controls.Develop and implement strategies for effectively communicating and deploying new and updated policies across the organization.Work with training lead to create and deliver training materials and awareness programs to educate employees on cybersecurity and privacy policies, procedures, and best practices.Assist with compliance monitoring activities to ensure adherence to cybersecurity and privacy policies and procedures.Collaborate effectively with various stakeholders, including legal, IT, compliance, and business units, to ensure policies are aligned with organizational objectives.Conduct regular reviews of existing policies to ensure they remain current and effective. Update policies as needed to reflect changes in regulations, technology, or business requirements.Maintain accurate and up-to-date documentation of all cybersecurity and privacy policies, procedures, and related materials.Contribute to incident response efforts by providing policy guidance and support.Education: Bachelor's degree in Computer Science or IT-related disciplines.Minimum Experience:Minimum of 10 years of experience writing, reviewing, researching, and editing security and technical documents and presentations.Must have a solid understanding of NIST RMF, NIST CSF, NIST Privacy Framework and similar Federal Government Compliance and Privacy regulations.Experience developing, implementing, and managing updates to cybersecurity and privacy policies, standards, procedures, and guidelines.Excellent research, analytical, and problem-solving skills.Strong communication (written and verbal) and interpersonal skills.Ability to work independently and collaborate effectively with team members and stakeholders.Strong organizational skills and attention to detail.Relevant certifications, such as CIPP, CISSP, CISM, or other senior level cybersecurity or privacy certification.
Clearance:Must be eligible for Public Trust clearance. Active Treasury MBI is a plus.Position Overview:The Sr. Cybersecurity and Privacy Policy Analyst/Technical Writer is a key role responsible for developing, implementing, and maintaining the organization's cybersecurity and privacy policies, standards, procedures, and guidelines. This role requires a deep understanding of relevant regulations, industry best practices, and legal requirements related to data security and privacy within the federal government. The Sr. Policy Analyst/Technical Writer will analyze existing policies, identify gaps, and create new policies to ensure compliance and mitigate risks. They will also play a crucial role in educating employees on security and privacy best practices. Your duties and responsibilities will include, but are not limited to:Lead the development and maintenance of comprehensive cybersecurity and privacy policies, standards, procedures, and guidelines that align with industry best practices (e.g., NIST, ISO 27001) and applicable regulations (e.g., GDPR, CCPA, HIPAA, GLBA, etc.).Serve as the subject matter expert and advisor to the government’s task lead, focusing on the advancement of processes and workflows. This includes supporting the efficient creation, updating, reviewing, and dissemination of policies, standards, procedures, and guidelines to all relevant stakeholders.Monitor and analyze emerging cybersecurity and privacy regulations, laws, and standards to identify potential impacts on the organization and recommend necessary policy updates.Conduct regular gap analyses of existing policies and procedures to identify areas for improvement and ensure alignment with current regulatory requirements and business needs.Contribute to risk assessments by identifying policy-related vulnerabilities and recommending appropriate controls.Develop and implement strategies for effectively communicating and deploying new and updated policies across the organization.Work with training lead to create and deliver training materials and awareness programs to educate employees on cybersecurity and privacy policies, procedures, and best practices.Assist with compliance monitoring activities to ensure adherence to cybersecurity and privacy policies and procedures.Collaborate effectively with various stakeholders, including legal, IT, compliance, and business units, to ensure policies are aligned with organizational objectives.Conduct regular reviews of existing policies to ensure they remain current and effective. Update policies as needed to reflect changes in regulations, technology, or business requirements.Maintain accurate and up-to-date documentation of all cybersecurity and privacy policies, procedures, and related materials.Contribute to incident response efforts by providing policy guidance and support.Education: Bachelor's degree in Computer Science or IT-related disciplines.Minimum Experience:Minimum of 10 years of experience writing, reviewing, researching, and editing security and technical documents and presentations.Must have a solid understanding of NIST RMF, NIST CSF, NIST Privacy Framework and similar Federal Government Compliance and Privacy regulations.Experience developing, implementing, and managing updates to cybersecurity and privacy policies, standards, procedures, and guidelines.Excellent research, analytical, and problem-solving skills.Strong communication (written and verbal) and interpersonal skills.Ability to work independently and collaborate effectively with team members and stakeholders.Strong organizational skills and attention to detail.Relevant certifications, such as CIPP, CISSP, CISM, or other senior level cybersecurity or privacy certification.
Scan to Apply
Just scan this QR code to apply from your phone.
Job Location
Washington, District of Columbia, 20001, United States
Loading interactive map for Washington, District of Columbia, 20001, United States
Job Location
This job is located in the Washington, District of Columbia, 20001, United States region.
Frequently asked questions about this position
Latest Job Openings in District of Columbia
ISE Network Engineer - Top Secret Clearance (SCI Eligible)
JFL Consulting LLC
Washington, DC
Swim Instructor Onelife Tenleytown
WeAquatics
Washington, DC
Registered Nurse
Planned Parenthood of Metropolitan Washington DC
Washington, DC
Sr. Program Manager, International Student Recruitment, NYU Abu Dhabi (Hybrid)
Institute of International Education
Washington, DC
Fire Inspector
Dextera Corporation
Washington, DC