Cybersecurity Policy Writer

Founded in 2003, IT Concepts’ core values – customer-centricity, teamwork, driven to deliver, innovation, and integrity – ensure we work together to be the best, realize objectives, and make a positive impact in our communities. We intentionally created and sustain our ITC culture that embraces change, experimentation, continuous learning, and improvement. We bring our design thinking problem-solving approach that challenges assumptions, prioritizes curiosity, and invites complexity to deliver innovative, efficient, and practical solutions. As we continue to grow in the support of our government customers, we are looking for driven and innovative individuals to join our team.
IT Concepts, Inc. (ITC) is seeking a highly skilled Cybersecurity Policy Writer to join our team and provide critical support to the Office of Information Security (OIS) in developing and maintaining robust policy frameworks and procedures. The ideal candidate will have a deep understanding of the NIST Cybersecurity Framework (CSF) version 2.0, experience in writing policies for government agencies based on CSF, and a solid understanding of the NIST Risk Management Framework.
Responsibilities:
Cybersecurity Policy Writer will undertake an agile approach to provide ISP support, policy ecosystem support, policy waiver support, Controlled Unclassified Information (CUI) management, and support for other policy-related documents. Key responsibilities include:
Supporting and advising the OIS Policy Team in the ongoing development, maintenance, automation, and storage of policy products and program roadmap(s).
Ensuring policy changes meet and conform to applicable federal standards and guidelines, such as NIST, FISMA, and OMB.
Supporting the development of the security policy ecosystem by identifying and documenting new standards, guidelines, processes, and procedures.
Enhancing ecosystem authoring, change, approval, and publishing workflow processes to improve efficiencies and automate where possible.
Assisting in the development of new policies to address identified gaps in the existing framework.
Location:
This position is hybrid and requires to be in commutable distance to Woodlawn, MD SSA office.
Requirements
Bachelor's degree in Computer Science, Information Technology, or a related field.
5+ years of experience in policy development, preferably in the cybersecurity domain.
Deep understanding of the NIST Cybersecurity Framework (CSF) version 2.0 and experience in writing policies based on CSF for government agencies.
Familiarity with the NIST Risk Management Framework.
Strong understanding of cybersecurity technologies, tools, and techniques.
Ability to effectively communicate technical cybersecurity concepts to non-technical stakeholders, including leaders of federal agencies.
Strong analytical and problem-solving skills.
Excellent written and verbal communication skills.
Ability to work effectively both independently and as part of a team.
Relevant certifications (e.G., CISSP, CISM, CRISC) are a must.
Benefits
The Company
We believe in generating success collaboratively, enabling long-term mission success, and building trust for the next challenge. With you as our partner, let’s solve challenges, think innovatively, and maximize impact. As a valued member of our ITC community, you have the unique opportunity to work in a diverse range of technology and business career paths, all while supporting our nation and delivering innovative technology solutions. We are a close community of experts that pride ourselves on creating an environment defined by teamwork, dedication, and excellence.
We hold three ISO certifications (27001:
2013, (phone number removed):
2011, 9001:
2015) and two CMMI ML 3 ratings (DEV and SVC).
Industry Recognition
Growth | Inc 5000’s Fastest Growing Private Companies, DC Metro List Fastest Growing;
Washington Business Journal:
Fastest Growing Companies, Top Performing Small Technology Companies in Greater D.C.
Culture | Northern Virginia Technology Council Tech 100 Honoree;
Virginia Best Place to Work;
Washington Business Journal:
Best Places to Work, Corporate Diversity Index Winner – Mid-Size Companies, Companies Owned by People of Color;
Department of Labor’s HireVets for our work helping veterans transition;
SECAF Award of Excellence finalist;
Victory Military Friendly Brand;
Virginia Values Veterans (V3);
Cystic Fibrosis Foundation Corporate Breath Award
Benefits
We offer great benefits – Competitive Paid Time Off, Medical, Dental and Vision Insurance, Identity Theft Protection, Legal Resources Coverage, 401(k) with company matching with NO vesting period. ITC Health benefits have $0 premium for certain plans as an employee.
We invest in our employees – Every employee is eligible for education reimbursement for certifications, degrees, or professional development. Reimbursement amount may fluctuate due to IRS limitations. We want you to grow as an expert and a leader and offer flexibility for you to take a course, complete a certification, or other professional growth and networking. We are committed to supporting your curiosity and sustaining a culture that prioritizes commitment to continuous professional development.
We work hard, we play hard. ITC is committed to incorporating fun into every day. We dedicate funds for activities – virtual and in-person – e.G., we have free tickets to Nationals games available upon employee request;
we host happy hours, vacation events, fitness events, and annual celebrations. In alignment with our commitment to our communities, we host and attend charity galas/events. We believe in appreciating your commitment and building a positive workspace for you to be creative, innovative, and happy.
AAEO &
VEVRAA
IT Concepts is an Affirmative Action/Equal Opportunity employer and a VEVRAA (Vietnam Era Veterans' Readjustment Assistance Act) Federal Contractor. As such, any personnel decisions (hire, promotion, job status, etc.) on applicants and/or employees are based on merit, qualifications, competence and business needs, not on race, color, citizenship status, national origin, ancestry, sexual orientation, gender identity, age, religion, creed, physical or mental disability, pregnancy, childbirth or related medical condition, genetic information of the employee or family member of the employee, marital status, veteran status, political affiliation, or any other factor protected by federal, state or local law.
IT Concepts maintains a strong commitment to compliance with VEVRAA and other applicable federal, state, and local laws governing equal employment opportunity. We have developed comprehensive policies and procedures to ensure that our hiring practices align with these requirements.
As a part of our VEVRAA compliance efforts, [Company Name] has established an affirmative action plan that outlines our commitment to the recruitment, hiring, and advancement of protected veterans. This plan is regularly reviewed and updated to ensure its effectiveness.
We encourage protected veterans to self-identify during the application process. This information is strictly confidential and will only be used for reporting and compliance purposes as required by law. Providing this information is voluntary, and it will not impact your eligibility for employment.
Our commitment to equal employment opportunity extends beyond legal compliance. We are dedicated to fostering an inclusive workplace where all employees, including protected veterans, are treated with dignity, respect, and fairness.
How to Apply
To apply to IT Concept Position- Please click on the:
“Apply for this Job” button at the bottom of this Job Description or the button at the top:
“Application.” You can upload your resume and complete all the application steps. You must submit the application for IT Concepts to receive. If you need alternative application methods, please email (url removed) and request assistance.
Accommodations
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable Accommodations may be made to enable qualified individuals with disabilities to perform the essential functions.