Policy Analyst, Cyber Security/GRC in West Palm Beach, FL at Vaco

Date Posted: 12/2/2019

Job Snapshot

Job Description


  • Policy Framework Definition and Management:

  • Analyze current policies/standards format and improve as applicable for the new business model

  • Analyze changes to industry standards and best practices as well as our risk profile to determine the need for updates to existing policies.

  • Responsible for identifying and defining the need for controls procedures in support of our control standards.

  • Responsible for managing the policy lifecycle - establish cadence, conduct reviews, approval and publishing.

  • Policy Framework tool management:

  • Analyze and assist in the selection of the right Policy Management tool

  • Implement the migration of framework content into the chosen tool

  • Ensure the tool mirrors and automate as possible the necessary workflows for the policy lifecycle.

  • Be the first level support (single point of contact) for the Policy Management tool.


  • Bachelor's degree in Computer Science or related Engineering career with 2 to 4 years of relevant experience in cybersecurity. In the absence of a degree, 5 years of experience would be required

  • Proficient knowledge of Information Security standards such as NIST, DFARS, ISO, etc.

  • Preferred but not mandatory experience with GRC tools such as Archer, ServiceNow, etc.

  • Excellent written and verbal communication skills, with work experience as technical writer

  • Ability to function with limited direction

  • Ability to work well in cross functional teams

  • Ability to multi-task while able to plan ahead the work to be done.

  • Information Security certifications (e.g. CISM, CISSP, CISA, CRISC) will be considered a plus

  • Ability to work in a fast paced, changing environment

  • Advanced knowledge of Word for Windows