Inmar
Cyber Security Policy Analyst
Inmar, Winston Salem, North Carolina, United States, 27104
Position Summary:
Inmar Intelligence is seeking a skilled and detail-oriented Security Policy Analyst to join our team. The successful candidate will be responsible for the development, implementation, and management of security policies across our organization. This role requires a deep understanding of policy development, lifecycle management, and policy exception management, as well as the ability to coordinate with stakeholders and ensure regulatory and risk alignment.
Primary AccountabilitiesPolicy Composition and Organization
Maintain a catalog of organizational security policies with mapping to requisite security controls.Ensure standardized policy structures and compositional elements, including verbiage and voice.Conduct stakeholder identification and coordination for covered security control topics and functions.Ensure business and culture alignment with derived policies.
Policy Lifecycle Management:
Work with stakeholders to develop, review, and update security policies, standards, and procedures.Manage the policy lifecycle, including drafting, approval, publication, and retirement of policies.Ensure all policies are up-to-date with current industry standards and regulatory requirements.Conduct regular assessments and audits to verify policy compliance.
Policy Implementation:
Collaborate with various departments to ensure successful implementation of security policies.Provide training and awareness programs to educate staff on policy requirements and compliance.Assist in the integration of security policies into business processes and systems.Work with compliance functions to monitor and enforce adherence to security policies across the organization.Develop and implement tools and processes for effective policy enforcement.
Security Policy Exception Management:
Manage the process for granting and documenting exceptions to security policies.Assess and approve exception requests, ensuring they are justified and aligned with risk management strategies.Monitor and review approved exceptions periodically to ensure they remain valid.Establish and monitor the progress of Plans of Action and Milestone (POAMs) documents associated with security policy exceptions.Report on the status of POAMs to senior management and stakeholders.
Regulatory and Risk Alignment:
Ensure security policies align with relevant regulatory requirements and industry standards (e.g., NIST CSF, HIPAA, PCI).Coordinate with Risk Management to develop and implement strategies to mitigate identified risks.
Required Qualifications:
Bachelor of Science Degree in Computer Science, or a Bachelor of Arts Degree in a related technical field,3 - 5 years of experience in security policy management or a related role.Strong understanding of information security principles, frameworks, and regulations.Excellent writing, analytical, problem-solving, and communication skills.Ability to work independently and collaboratively in a team environment.Professional certifications such as GSTRT, CISSP, CISM, or CISA are preferred.Individual Competencies:
Integrity:
Gains the trust of others by taking responsibility for your own actions and telling the truth.Teamwork:
Builds relationships and works cooperatively with others, inside and outside the organization, to accomplish objectives to build and maintain mutually-beneficial partnerships, leverage information and achieve results.Adaptable:
Responds to change with a willingness to learn new ways to accomplish work objectives with a positive attitude.Innovative:
Ability to develop, sponsor, or support the introduction of new and improved methods, products, procedures or technologies.Curious:
A desire to inquire and learn, to seek new knowledge and wisdom, and to listen to the contributions of others with a genuine interest to better self, the team, and the organization.Analytical and Critical Thinking:
Ability to tackle a problem by using a logical, systematic, sequential approach.Problem Solving:
Gathers and analyzes information to generate and evaluate potential solutions to problems, issues and challenges while weighing the accuracy and relevance of the facts, data and information.The physical demands described here are representative of those that must be met by an associate to successfully perform the major job responsibilities (essential functions) of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the major job responsibilities. This job description is not intended to be an exhaustive list of all duties, responsibilities, or qualifications associated with the job.
While performing the duties of this job, the associate is:
Regularly required to use hands to finger, handle or feel objects, tools or controls, and reach with hands or arms.Regularly required to talk or hear and read instructions on a computer monitor and/or printed on paper.Regularly required to view items at an extremely close range and must be able to adjust and readjust focus.As an Inmar Associate, you:
Put clients first and consistently display a positive attitude and behaviors that demonstrate an awareness and willingness to listen and respond to clients in order to meet their short-term and long-term needs, requirements and exceed their expectations.Treat clients and teammates with courtesy, consideration and tact; you also have the ability to perceive the needs of internal and external clients and communicate effectively with the objective of delighting and retaining the client.Build collaborative relationships and work cooperatively with others, inside and outside the organization, to accomplish objectives, develop and maintain mutually-beneficial partnerships, leverage information to achieve results.Set and attain achievable, yet aggressive, goals with a sense of urgency and accountability.Understand that results are important and focus on turning mission into action to achieve results following the principles of Flawless Execution while consistently complying with quality, service and productivity standards to meet deadlines and exceed expectations by giving our clients the best possible outcome.
We are an Equal Opportunity Employer, including disability/vets.
Inmar Intelligence is seeking a skilled and detail-oriented Security Policy Analyst to join our team. The successful candidate will be responsible for the development, implementation, and management of security policies across our organization. This role requires a deep understanding of policy development, lifecycle management, and policy exception management, as well as the ability to coordinate with stakeholders and ensure regulatory and risk alignment.
Primary AccountabilitiesPolicy Composition and Organization
Maintain a catalog of organizational security policies with mapping to requisite security controls.Ensure standardized policy structures and compositional elements, including verbiage and voice.Conduct stakeholder identification and coordination for covered security control topics and functions.Ensure business and culture alignment with derived policies.
Policy Lifecycle Management:
Work with stakeholders to develop, review, and update security policies, standards, and procedures.Manage the policy lifecycle, including drafting, approval, publication, and retirement of policies.Ensure all policies are up-to-date with current industry standards and regulatory requirements.Conduct regular assessments and audits to verify policy compliance.
Policy Implementation:
Collaborate with various departments to ensure successful implementation of security policies.Provide training and awareness programs to educate staff on policy requirements and compliance.Assist in the integration of security policies into business processes and systems.Work with compliance functions to monitor and enforce adherence to security policies across the organization.Develop and implement tools and processes for effective policy enforcement.
Security Policy Exception Management:
Manage the process for granting and documenting exceptions to security policies.Assess and approve exception requests, ensuring they are justified and aligned with risk management strategies.Monitor and review approved exceptions periodically to ensure they remain valid.Establish and monitor the progress of Plans of Action and Milestone (POAMs) documents associated with security policy exceptions.Report on the status of POAMs to senior management and stakeholders.
Regulatory and Risk Alignment:
Ensure security policies align with relevant regulatory requirements and industry standards (e.g., NIST CSF, HIPAA, PCI).Coordinate with Risk Management to develop and implement strategies to mitigate identified risks.
Required Qualifications:
Bachelor of Science Degree in Computer Science, or a Bachelor of Arts Degree in a related technical field,3 - 5 years of experience in security policy management or a related role.Strong understanding of information security principles, frameworks, and regulations.Excellent writing, analytical, problem-solving, and communication skills.Ability to work independently and collaboratively in a team environment.Professional certifications such as GSTRT, CISSP, CISM, or CISA are preferred.Individual Competencies:
Integrity:
Gains the trust of others by taking responsibility for your own actions and telling the truth.Teamwork:
Builds relationships and works cooperatively with others, inside and outside the organization, to accomplish objectives to build and maintain mutually-beneficial partnerships, leverage information and achieve results.Adaptable:
Responds to change with a willingness to learn new ways to accomplish work objectives with a positive attitude.Innovative:
Ability to develop, sponsor, or support the introduction of new and improved methods, products, procedures or technologies.Curious:
A desire to inquire and learn, to seek new knowledge and wisdom, and to listen to the contributions of others with a genuine interest to better self, the team, and the organization.Analytical and Critical Thinking:
Ability to tackle a problem by using a logical, systematic, sequential approach.Problem Solving:
Gathers and analyzes information to generate and evaluate potential solutions to problems, issues and challenges while weighing the accuracy and relevance of the facts, data and information.The physical demands described here are representative of those that must be met by an associate to successfully perform the major job responsibilities (essential functions) of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the major job responsibilities. This job description is not intended to be an exhaustive list of all duties, responsibilities, or qualifications associated with the job.
While performing the duties of this job, the associate is:
Regularly required to use hands to finger, handle or feel objects, tools or controls, and reach with hands or arms.Regularly required to talk or hear and read instructions on a computer monitor and/or printed on paper.Regularly required to view items at an extremely close range and must be able to adjust and readjust focus.As an Inmar Associate, you:
Put clients first and consistently display a positive attitude and behaviors that demonstrate an awareness and willingness to listen and respond to clients in order to meet their short-term and long-term needs, requirements and exceed their expectations.Treat clients and teammates with courtesy, consideration and tact; you also have the ability to perceive the needs of internal and external clients and communicate effectively with the objective of delighting and retaining the client.Build collaborative relationships and work cooperatively with others, inside and outside the organization, to accomplish objectives, develop and maintain mutually-beneficial partnerships, leverage information to achieve results.Set and attain achievable, yet aggressive, goals with a sense of urgency and accountability.Understand that results are important and focus on turning mission into action to achieve results following the principles of Flawless Execution while consistently complying with quality, service and productivity standards to meet deadlines and exceed expectations by giving our clients the best possible outcome.
We are an Equal Opportunity Employer, including disability/vets.