4280 Zero Trust Policy & Governance Specialist

OVERVIEW:

The Information Technology Policy & Governance Specialist provides expert governance, policy, and compliance support to the CIO's Zero Trust (ZT) and Cyber Security programs. This role is responsible for developing and maintaining enterprise IT policies, governance frameworks, and oversight mechanisms that ensure Zero Trust principles are institutionalized across the IT enterprise. The Specialist works closely with leadership, engineers, and mission stakeholders to align IT governance with federal, DoD, and Intelligence Community directives, enabling secure modernization and compliance.

GENERAL DUTIES:

• Policy Development & Governance
  • Develop, modify, and implement comprehensive IT governance frameworks aligned with Zero Trust strategies and CIO objectives.
  • Create and document IT governance policies, standards, and SOPs that reflect regulatory requirements, mission needs, and risk management strategies.
  • Support governance bodies, steering committees, and working groups to establish cross-organizational consensus on Zero Trust policy.
  • Monitor evolving federal, DoD, and IC cybersecurity requirements and ensure governance frameworks remain current.
• Strategic Planning & Alignment
  • Contribute to Zero Trust adoption frameworks, roadmaps, and maturity models.
  • Measure and report progress toward end-state Zero Trust capabilities, providing recommendations for improvement.
  • Align IT governance policies with broader DIA CIO initiatives, including RMF, CMMC, ICAM, and data-centric security.
• Assessment & Continuous Improvement
  • Identify opportunities to enhance IT governance processes, increase efficiency, and reduce risk exposure.
  • Provide oversight and input on risk mitigation strategies within the governance framework.

REQUIRED QUALIFICATIONS:

• Federal cybersecurity policy, DoD Zero Trust Strategy, NIST SP 800-207, and IT governance frameworks.
• Policy writing, governance framework development, and executive briefing.
• Strong analytical and regulatory interpretation skills.
• Proficiency in MS365/MS Office and collaboration tools (Word, PowerPoint, SharePoint).
• Ability to work effectively under pressure and meet tight deadlines.
• Ability to foster collaboration and maintain effective stakeholder relationships.
• Manage competing priorities and deliver high-quality products under deadlines.
• Ability to link Zero Trust adoption to mission outcomes and compliance objectives.
• Ability to build consensus across technical and non-technical stakeholders.
• Ability to manage multiple governance initiatives in a complex environment.
• Master's degree in Cybersecurity Policy, Information Systems Policy, or related discipline (or an additional 6 years of experience).
• 12+ years of experience in IT governance, policy development, or enterprise risk management in federal or DoD environments.
• Demonstrated experience integrating Zero Trust principles into governance and compliance frameworks.
• Proven ability to lead policy working groups and align diverse stakeholders.
• Ability to Pass CI Poly.

CLEARANCE:

• Top Secret Security Clearance with SCI eligibility