MBL Technologies Inc.

Cybersecurity Policy Subject Matter Expert, SME

MBL Technologies Inc.

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Job Level

SeniorLead

Tech Stack

Cyber Security

About the role

  • Track and analyze cybersecurity policy updates and directives from NIST, OMB, HHS, Cybersecurity and Infrastructure Security Agency (CISA), and other sources.
  • Lead the review and update of agency cybersecurity policies.
  • Perform gap analyses between current policies and new/revised federal requirements and develops remediation recommendations.
  • Develop implementation plans and rollout strategies for new or updated policies.
  • Draft policy memos, white papers, and briefings for both technical and non-technical audiences.
  • Support the development of security control overlays and tailored baselines aligned with the NIST RMF.
  • Advise agency leadership and program offices on cybersecurity policy interpretation and compliance.
  • Assist with the Federal Information Security Modernization Act (FISMA) reporting and audit support related to policy compliance.
  • Participate in working groups, policy review boards, and governance meetings.
  • Develop briefings and status updates on cybersecurity policy trends and contractor.

Requirements

  • 10 years of cybersecurity policy development experience in a federal setting.
  • Experience reviewing and writing enterprise-level security policies for a federal agency.
  • Working knowledge of the NIST SP 800 series (especially 800-53 Rev. 5 and 800-37)
  • Experience with FISMA compliance, continuous monitoring, and Security Assessment and Authorization (SA&A) processes.
  • Familiarity with Executive Orders, OMB Memoranda (e.g., M-22-09 Zero Trust), and CISA Binding Operational Directives.
  • Strong writing and editing skills; ability to take complex policy concepts and put them into plain language.
  • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or CompTIA Cybersecurity Analyst (CySA+) (highly desired).
  • US citizenship (required)
  • BA/BS degree
  • Public Trust Clearance or the ability to obtain a clearance.
Benefits
  • robust benefits package (medical, dental, vision, STD, Accident, Life, Hospital Insurance, FSA, HSA, 401K match, professional development stipend, etc.)
  • employee discounts
  • learning and development reimbursement
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cybersecurity policy developmentgap analysisimplementation planssecurity control overlaysNIST RMFFISMA compliancecontinuous monitoringSecurity Assessment and AuthorizationNIST SP 800-53 Rev. 5NIST SP 800-37
Soft Skills
strong writing skillsediting skillscommunication skillspolicy interpretationadvisory skills
Certifications
Certified Information Systems Security Professional (CISSP)Certified Information Security Manager (CISM)CompTIA Cybersecurity Analyst (CySA+)