Senior IT Specialist - Policy Planning / InfoSec Audit Liaison - Office of the Chief Information Officer

Key Responsibilities

• Develop and maintain information security policies and procedures that support agency mission objectives and federal compliance requirements.
• Act as the primary liaison between internal audit teams and IT security functions, coordinating audit planning, evidence collection, and remediation tracking.
• Conduct risk assessments and gap analyses to identify security weaknesses and recommend mitigation strategies.
• Oversee cloud security implementations, ensuring alignment with NIST, FISMA, and agency‑specific guidelines.
• Provide expert guidance on policy planning, security architecture, and emerging threats to senior leadership.

Requirements

• Bachelor’s degree in Computer Science, Information Security, or related field; advanced degree or certifications (CISSP, CISM, CISA) preferred.
• 5+ years of experience in federal information security, risk management, and audit coordination.
• Demonstrated expertise with NIST Cybersecurity Framework, FISMA, and cloud security best practices (AWS, Azure, or GCP).
• Strong analytical and communication skills, with the ability to translate technical findings into actionable policy recommendations.
• Experience drafting and maintaining security policies, procedures, and compliance documentation.