The Cyber-Physical Security Policy Analyst role provides support to a government client by assessing and addressing security concerns for physical systems that implement cybersecurity solutions, including Internet of Things (IoT), Industrial Internet of Things (IIoT), operational technology, industrial control systems, and ensuring that risks do not go unmitigated.  These technologies and their associated devices play an increasingly important role in critical infrastructure, government, businesses, cities, buildings, transportation, and ultimately our everyday lives.  The candidate will work with Cyber-Physical Security Team to collaborate with technical and protective security operations, and other federal and state agencies to develop policies and strategies that safeguard these resources outside of traditional information technology, and to ensure continuous and reliable operations that consider attributes like cellular communications, IPv6, environmental conditions, security assessments, and management and mitigation strategies.  The candidate should be self-driven and possess the ability to work with minimal guidance or supervision.

The Cyber-Physical Security Policy Analyst day-to-day functions will be to:

• Maintain confidentiality of information
• Support audit engagements by assisting client-agency with documentation, assessment, and conducting remediation efforts on any issues that arise from the audit.
• Track POAM items and work with stakeholders to remediate in a timely manner.
• Participate in the developing, reviewing, and updating of (as directed) the enterprise security documents (policies, standards, baselines, guidelines and procedures, Memoranda of Agreement (MOAs), and Memoranda of Understanding (MOUs)).
• Consolidate and archive enterprise security documents (as needed)
• Support the client-agency in conducting security assessments, and reassessments to meet audit requirements and as stipulated by policy.
• Participate/ and support incident response and coordination activities in response to security events and incidents
• Supporting development of security metrics.  Provide feedback to other team members on security control efficacy, vulnerabilities, gaps in visibility, recurring issues, and other items of note.
• Provide thorough reviews of all department policy directives and identify those in need of updating
• Develop policy documents
• Consolidate all client-agency Memoranda of Agreement (MOAs) and Memoranda of Understanding (MOUs)
• Assist managing a list of facilities that have been granted Delegation of Authority (DOA)
• Ensures assigned tasks and projects are completed on schedule
• Assist in the preparation of presentation materials
• Oversee the development and editing of regularly scheduled status reports, as requested by the Government Task Manager
• Prepare, edit, and assemble reports required for meetings and presentations
• Work effectively with other branches and divisions within the organization to accomplish tasks
• Provide assistance with special projects (as needed)
• Complete other ad hoc assignments, as determined