Cybersecurity Policy and Operations Analyst
Core4ce, Olympia, WA, United States
Core4ce
Cybersecurity Policy and Operations Analyst
The Cybersecurity Policy and Operations Analyst provides technical, analytical, and coordination support to enterprise cybersecurity policy development, information security continuous monitoring (ISCM), defensive cyber operations governance, and incident response program documentation. This action officer‑level role supports policy interpretation, monitoring requirements, Cybersecurity Service Provider (CSSP) community coordination, and preparation of materials for senior cybersecurity leadership within the Department of Work (DoW).
Responsibilities
Policy Interpretation & Assessment Support
Assist in reviewing and interpreting DoW cybersecurity assessment and authorization policy aligned to DoDI 8510.01 (RMF) and DoDI 8530.01 (Cybersecurity Defense of the DoDIN), including Evaluator Scoring Metrics (ESM) development/interpretation.
Draft guidance, reference materials, and issue summaries to clarify policy intent, including for non-standard or emerging systems.
Research and compile examples mapping policy requirements to atypical architectures and operational environments.
Continuous Monitoring (ISCM) Support
Support development and maintenance of enterprise ISCM documentation (baselines, monitoring targets, visibility expectations).
Translate cybersecurity policy into draft technical baselines and monitoring artifacts used by Components and CSSPs.
Collect and organize monitoring data, assessment findings, and operational insights to refine ISCM guidance.
CSSP Community Coordination & CDSG Support
Lead action officer‑level coordination for the CSSP Community of Interest (COI): agendas, facilitation, issue tracking, and follow‑up actions.
Consolidate community feedback and policy/operational issues for elevation to senior leadership.
Support the DoW CIO's participation in the Cyber Defense Steering Group (CDSG) by preparing materials, documenting threat trends, and tracking assessment priorities.
Incident Response Program Support
Contribute to drafting and maintaining incident response program documentation.
Compile monitoring visibility data, assessment findings, and lessons learned to update procedures and defensive strategies.
Document workflows, coordination requirements, and reporting expectations for enterprise incident response.
Enterprise Cybersecurity Policy Development
Assist in drafting, editing, and maintaining enterprise cybersecurity directives (e.g., updates tied to DoDI/DoDM 8530.01, cloud monitoring requirements, CSSP responsibilities, defensive operations policy).
Prepare briefings and talking points for senior leaders on policy development status and decisions.
Conduct background research and prepare initial drafts for ISCM guidance and CSSP alignment documents.
Governance & Compliance Support
Support Tenant Configuration Guide (TCG) governance activities: collect implementation data, document compliance observations, and prepare summary reports.
Assist with verification that IL5 DoW M365 tenants implement required baseline configurations.
Draft communications on configuration expectations, deviations, and recommended corrective actions.
Documentation & Decision Support
Prepare briefings, summaries, and technical notes for leadership decision‑making.
Consolidate stakeholder feedback and operational insights into actionable documentation.
Maintain organized repositories for policy artifacts, monitoring requirements, meeting records, and coordination materials.
Required Qualifications
Active TS/SCI clearance
Foundational understanding of cybersecurity policy, RMF processes, and defensive cyber operations.
Ability to analyze technical information and translate it into clear, structured documentation.
Strong organizational skills (action tracking, document control, multi‑stakeholder coordination).
Experience preparing briefings, summaries, or technical notes for leadership review.
Ability to work in a fast‑paced, policy‑driven environment with shifting priorities.
Ability to work onsite no less than 3 days per week in Arlington, VA (Pentagon area) and/or Alexandria, VA (Mark Center).
Preferred Qualifications
Experience supporting a higher headquarters, enterprise governance body, or policy development organization.
Benefits
Core4ce is a team of innovators, self‑starters, and critical thinkers—driven by a shared mission to strengthen national security and advance warfighting outcomes.
401(k) with 100% company match on the first 6% deferred, with immediate vesting
Comprehensive medical, dental, and vision coverage—employee portion paid 100% by Core4ce
Unlimited access to training and certifications, with no pre‑set cap on eligible professional development
Tuition assistance for job‑related degrees and courses
Paid parental leave, PTO that grows with tenure, and generous holiday schedules
Got a big idea? At Core4ce, The Forge gives every employee the chance to propose bold innovations and help bring them to life with internal backing.
Join us to build a career that matters—supported by a company that invests in you.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, disability, veteran status, age, genetic information, or other legally protected status.
Washington, District of Columbia, United States
Full-Time/Regular
#J-18808-Ljbffr
Cybersecurity Policy and Operations Analyst
The Cybersecurity Policy and Operations Analyst provides technical, analytical, and coordination support to enterprise cybersecurity policy development, information security continuous monitoring (ISCM), defensive cyber operations governance, and incident response program documentation. This action officer‑level role supports policy interpretation, monitoring requirements, Cybersecurity Service Provider (CSSP) community coordination, and preparation of materials for senior cybersecurity leadership within the Department of Work (DoW).
Responsibilities
Policy Interpretation & Assessment Support
Assist in reviewing and interpreting DoW cybersecurity assessment and authorization policy aligned to DoDI 8510.01 (RMF) and DoDI 8530.01 (Cybersecurity Defense of the DoDIN), including Evaluator Scoring Metrics (ESM) development/interpretation.
Draft guidance, reference materials, and issue summaries to clarify policy intent, including for non-standard or emerging systems.
Research and compile examples mapping policy requirements to atypical architectures and operational environments.
Continuous Monitoring (ISCM) Support
Support development and maintenance of enterprise ISCM documentation (baselines, monitoring targets, visibility expectations).
Translate cybersecurity policy into draft technical baselines and monitoring artifacts used by Components and CSSPs.
Collect and organize monitoring data, assessment findings, and operational insights to refine ISCM guidance.
CSSP Community Coordination & CDSG Support
Lead action officer‑level coordination for the CSSP Community of Interest (COI): agendas, facilitation, issue tracking, and follow‑up actions.
Consolidate community feedback and policy/operational issues for elevation to senior leadership.
Support the DoW CIO's participation in the Cyber Defense Steering Group (CDSG) by preparing materials, documenting threat trends, and tracking assessment priorities.
Incident Response Program Support
Contribute to drafting and maintaining incident response program documentation.
Compile monitoring visibility data, assessment findings, and lessons learned to update procedures and defensive strategies.
Document workflows, coordination requirements, and reporting expectations for enterprise incident response.
Enterprise Cybersecurity Policy Development
Assist in drafting, editing, and maintaining enterprise cybersecurity directives (e.g., updates tied to DoDI/DoDM 8530.01, cloud monitoring requirements, CSSP responsibilities, defensive operations policy).
Prepare briefings and talking points for senior leaders on policy development status and decisions.
Conduct background research and prepare initial drafts for ISCM guidance and CSSP alignment documents.
Governance & Compliance Support
Support Tenant Configuration Guide (TCG) governance activities: collect implementation data, document compliance observations, and prepare summary reports.
Assist with verification that IL5 DoW M365 tenants implement required baseline configurations.
Draft communications on configuration expectations, deviations, and recommended corrective actions.
Documentation & Decision Support
Prepare briefings, summaries, and technical notes for leadership decision‑making.
Consolidate stakeholder feedback and operational insights into actionable documentation.
Maintain organized repositories for policy artifacts, monitoring requirements, meeting records, and coordination materials.
Required Qualifications
Active TS/SCI clearance
Foundational understanding of cybersecurity policy, RMF processes, and defensive cyber operations.
Ability to analyze technical information and translate it into clear, structured documentation.
Strong organizational skills (action tracking, document control, multi‑stakeholder coordination).
Experience preparing briefings, summaries, or technical notes for leadership review.
Ability to work in a fast‑paced, policy‑driven environment with shifting priorities.
Ability to work onsite no less than 3 days per week in Arlington, VA (Pentagon area) and/or Alexandria, VA (Mark Center).
Preferred Qualifications
Experience supporting a higher headquarters, enterprise governance body, or policy development organization.
Benefits
Core4ce is a team of innovators, self‑starters, and critical thinkers—driven by a shared mission to strengthen national security and advance warfighting outcomes.
401(k) with 100% company match on the first 6% deferred, with immediate vesting
Comprehensive medical, dental, and vision coverage—employee portion paid 100% by Core4ce
Unlimited access to training and certifications, with no pre‑set cap on eligible professional development
Tuition assistance for job‑related degrees and courses
Paid parental leave, PTO that grows with tenure, and generous holiday schedules
Got a big idea? At Core4ce, The Forge gives every employee the chance to propose bold innovations and help bring them to life with internal backing.
Join us to build a career that matters—supported by a company that invests in you.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, disability, veteran status, age, genetic information, or other legally protected status.
Washington, District of Columbia, United States
Full-Time/Regular
#J-18808-Ljbffr