Zero Trust Process Re-Engineer

Job Description

Job Description

ZERO TRUST PROCESS RE-ENGINEER

MILITARY FRIENDLY & PREFERRED - HOH SPONSOR

Zermount Inc. is seeking a Zero Trust (ZT) Process Re-Engineer, who will play a critical role in developing and updating policies, processes, Standard Operating Procedures (SOPs), standards, and guidelines (documentation) for secure and resilient information technology (IT) systems based on the ZT strategy and maturity model.

You will be responsible for developing new and re-engineering existing IT and cybersecurity documentation and workflows to align with ZT principles and enhance the organization's security posture.

By utilizing your expertise in IT, Cybersecurity, and process optimization, you will contribute to the development and maintenance of a robust ZT architecture (ZTA).

Duties and Responsibilities :

Evaluate requirements and mandates described in the Executive Order (EO) 14028, Office of Management and Budget (OMB) Memorandums (OMB M 22-09, M 21-31, etc.

and Department directives.

• Evaluate and re-engineer the organization's current IT / Cybersecurity documentation and workflows to align with ZT principles and enhance security and resilience.
• Provide a gap analysis report to identify areas for improvement and alignment with requirements of ZT.
• Collaborate with cross-functional teams to continuously develop and update documentation based on the implementation of ZT principles across all pillars of the ZT Maturity Model (MM).
• Develop guidelines, SOPs and best practices for the implementation and management of ZT principles.
• Assist with the development of the enterprise ZT Common Control Catalog (CCC).
• Support updates to the organizations ZT Strategy, Implementation Plan, and roadmap.
• Conduct regular audits of the organizations IT and Cybersecurity documentation to ensure compliance with ZT principles, policies, standards, and regulatory requirements.
• Collaborate with internal and external stakeholders to address shortfalls in policy documents impacting the implementation of Zero Trust requirements.
• Manage the policy inquiry / intake mailbox or policy help desk.
• Support the client in interpreting and implementing IT public policy initiatives. Typical support includes assistance with long-term strategy development, tracking legislation, and making policy recommendations.

Meet with customers often to relay progress and establish priorities.

• Track and resolve Zero Trust policy related questions.
• Conduct internal and external policy research to support help desk policy inquiries using various sources and approved documentation.
• Review, interpret, edit, create, and update Cybersecurity documentation using Zermount's Agile approach.
• Create new Zero Trust policy documents as needed to address identified gaps or changes emanating from EO's, OMB Memo's, NIST, DHS, or TSA mandates.
• Modify / update existing IT / Cybersecurity-related policy SOPs, technical standards (TSs), management directives (MDs), CCSH, TSA Forms, Open-Source Software (OSS) guide, SSI Program and Privacy Office related document reviews, and related Notification Memos capturing summary of changes.
• Document technical and detailed business process maps and flow charts.
• Gather information from SMEs to develop, organize, and deliver procedure manuals, technical reference materials, and process documentation.
• Drive standardization through defined documentation templates and consistency.
• Perform quality reviews of assigned work products and peer reviews to ensure the highest quality of deliverables is provided to the client.
• Support other projects and duties as assigned.

Qualifications :

• A minimum of 7 years of IT cybersecurity experience, including direct support for the US Government serving as a Policy Analyst, Process engineer, or Policy writer for an enterprise with a focus on IT or Cybersecurity.
• Knowledge of NIST Guidelines and FISMA Cybersecurity compliance requirements.
• Knowledge of ZT principles and methodologies, EO 14028, OMB M 22-09, Federal, DoD, and CISA Zero Trust Architecture, ZT Maturity Model, and Technical Reference Architectures (TRA).
• Knowledge of Zero Trust principles, frameworks, and technologies, such as software-defined perimeters (SDPs), identity and access management (IAM), and network segmentation.
• Technical knowledge of complex enterprise IT systems.
• Ability to analyze complex system documentation and identify policy / procedure gaps.
• Proficient with Microsoft Suite such as Word, Excel, PowerPoint, Outlook, SharePoint, and document management.
• Expert at communicating effectively, both oral and written, with technical, non-technical, and executive-level customers.
• Experience with in-depth analysis of Cybersecurity, IT, and Risk Management principles, requirements, and principles.
• Proven experience with developing high-quality work products and deliverables.
• Technical understanding of IT and Cybersecurity concepts, principles, and solutions.
• Excellent attention to detail and ability to multitask.
• Superb writing skills with ability to clearly and concisely articulate concepts and create well-structured messages and user-friendly documentation.
• Ability to work independently and as part of a high-performing team.
• Demonstrated ability to effectively engage and manage relationships with highly political clients while maintaining a professional demeanor, exhibiting patience, and navigating sensitive situations with tact.

Education :

• Minimum of a Bachelor's Degree in one of the following : Information Technology (IT), computer engineering, computer science, cyber security, or a related field.
• Relevant years of experience may be used in substitution for situations where the candidate does not have a Bachelor's degree in the required field.

Certifications :

• At least one of the following security certifications :
• Certified Authorization Professional (CAP);
• Certified Information Systems Security Officer (CISSO);
• Certified Information Security Manager (CISM); or
• Certified Information Systems Security Professional (CISSP).

Clearance :

Minimum of active Secret Clearance.

Work Location :

• Hybrid - Primarily Remote.
• Onsite work at the client location in Springfield, VA and Zermount HQ in Arlington, VA., will be occasionally required.

Business Hours :

• Business Hours : 8 : 00 am EST - 4 : 30 pm EST.
30+ days ago