1

Commission Cybersecurity Policy Jobs (NOW HIRING)

WS - Director, Cyber Security

Scottsdale, AZ · On-site

$107K - $145K/yr

Policy and Compliance: Develop and enforce cybersecurity policies, standards, and procedures ... Many positions also have variable pay opportunities including commission, bonus, performance ...

WS - Director, Cyber Security

Scottsdale, AZ

$111K - $151K/yr

Policy and Compliance: Develop and enforce cybersecurity policies, standards, and procedures ... Many positions also have variable pay opportunities including commission, bonus, performance ...

WS - Director, Cyber Security

Scottsdale, AZ

$107K - $145K/yr

Policy and Compliance: Develop and enforce cybersecurity policies, standards, and procedures ... Many positions also have variable pay opportunities including commission, bonus, performance ...

... policy teams to evaluate, shape, and respond to proposed cybersecurity legislation, regulatory ... Additionally, this role might be eligible for discretionary bonuses or commission payments as well ...

... policy teams to evaluate, shape, and respond to proposed cybersecurity legislation, regulatory ... Additionally, this role might be eligible for discretionary bonuses or commission payments as well ...

... policy teams to evaluate, shape, and respond to proposed cybersecurity legislation, regulatory ... Additionally, this role might be eligible for discretionary bonuses or commission payments as well ...

next page

Showing results 1-20

Commission Cybersecurity Policy information

See salary details

$57K

$133K

$186K

How much do commission cybersecurity policy jobs pay per year?

As of Jul 7, 2026, the average yearly pay for commission cybersecurity policy in the United States is $132,962.00, according to ZipRecruiter salary data. Most workers in this role earn between $111,000.00 and $150,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Commission Cybersecurity Policy professional, and why are they important?

To thrive in a Commission Cybersecurity Policy role, you need a strong grasp of cybersecurity frameworks, regulatory compliance, and policy analysis, often supported by a relevant degree in cybersecurity, law, or public policy. Familiarity with risk assessment tools, security standards like NIST or ISO 27001, and common compliance management systems is typically required. Exceptional analytical thinking, communication, and stakeholder engagement skills set candidates apart in developing and implementing effective policies. These abilities ensure that cybersecurity policies are practical, legally sound, and effectively protect organizational and public interests.

What is the difference between Commission Cybersecurity Policy vs Cybersecurity Analyst?

AspectCommission Cybersecurity PolicyCybersecurity Analyst
CredentialsPolicy certifications, cybersecurity knowledgeCertifications like CompTIA Security+, CISSP, or CEH
Work EnvironmentPolicy development, compliance, and strategic planningSecurity monitoring, threat analysis, and incident response
Employer & Industry UsageGovernment agencies, large corporations, regulatory bodiesIT departments, cybersecurity firms, corporate security teams

Commission Cybersecurity Policy professionals focus on creating and managing security policies and compliance strategies, while Cybersecurity Analysts handle technical threat detection and incident response. Both roles are essential in maintaining organizational security but differ in their primary functions and work environments.

What are the primary challenges faced by professionals working in Commission Cybersecurity Policy roles?

Professionals in Commission Cybersecurity Policy roles often navigate the complexities of aligning cybersecurity directives with evolving regulatory frameworks and emerging threats. One of the main challenges is staying up to date with rapid technological changes while ensuring that policies remain both effective and compliant. Additionally, these roles require balancing the interests of multiple stakeholders—such as government bodies, private sector partners, and the public—making collaboration and negotiation skills essential. Adapting policy recommendations in response to new attack vectors and coordinating across departments for consistent implementation are also key aspects of the job.

What is a Commission Cybersecurity Policy professional?

A Commission Cybersecurity Policy professional is responsible for developing, implementing, and managing cybersecurity policies within a regulatory or governmental commission. Their work involves analyzing current cyber threats, ensuring compliance with relevant laws and standards, and advising on best practices to protect sensitive data and infrastructure. They often collaborate with technical teams, legal experts, and stakeholders to strengthen the organization's cybersecurity posture. These professionals play a crucial role in shaping the commission's overall approach to digital security and risk management.
What cities are hiring for Commission Cybersecurity Policy jobs? Cities with the most Commission Cybersecurity Policy job openings:
What are the most commonly searched types of Cybersecurity Policy jobs? The most popular types of Cybersecurity Policy jobs are:
What states have the most Commission Cybersecurity Policy jobs? States with the most job openings for Commission Cybersecurity Policy jobs include:
Sr. Cyber/Cloud Security Specialist

Sr. Cyber/Cloud Security Specialist

Govcio LLC

Washington, DC • On-site

Full-time

Posted 27 days ago


GovCIO rating

7.2

Company rating: 7.2 out of 10

Based on 8 frontline employees who took The Breakroom Quiz

116th of 207 rated it services


Job description

GovCIO is currently hiring for a Sr. Cyber/Cloud Security Specialist to serve as Lead Information Technology Specialist (INFOSEC) and Cybersecurity Operations (SECOPS). This position will be hybrid, mostly remote with occasional onsite time as needed (hybrid) at EEOC HQ in Washington, DC.
Responsibilities
  • Serve as Lead Information Technology Specialist (INFOSEC), Cybersecurity Operations (SECOPS) responsible for contributing to the Agency's IT Security Program, directs SECOPS, coordinates, and maintains inputs to EEOC's IT Security Program.
  • Advise and support the Chief Information Security Officer (CISO) on developments in Cybersecurity (CS), Information Security (INFOSEC) and IT Security emerging technical threat vectors, advanced persistent threats (APT), attack surface or weaknesses.
  • Advise Agency-level technical implementation or introduction of policy and orders, proactively developing supporting documentation and drafts for implementation.
  • Direct the Commission's Cybersecurity Operations (SECOPS) cell, influences a range of the EEOC's operations, many of which have a direct and corresponding impact to the mission of the EEOC and its' critical infrastructure.
  • Enables and administrates incident handling (IH) and response (IR), security incident and event management (SIEM) dashboards, inputs, "playbooks" and metrics to achieve efficiency.
  • Facilitates, coordinates, and administers EEOC's Cybersecurity Operations (SECOPS) in support of the Information Security (INFOSEC) Program, and aids Agency Information system security program officers. Ensures accurate and timely status reporting of SOC efficiency metrics and recommends necessary adjustments.
  • Advising authority for threat, vulnerability, and configuration management; conveys threat product recommendations to EEOC staff and customers; and provides expertise and insight to OIT for industry attack trends, mitigations, and active defenses.

Qualifications
Bachelor's degree in Cybersecurity, Information Assurance or Information Security with 12+ years (or commensurate experience)
Required Skills and Experience
  • Ability to guide discussions, support CISO decisions with or without team support and effectuate positive cybersecurity changes at varying levels - users, developers, system admins, Directors, Managers and Executives where necessary. Typically, engagement is related to varying levels of technical system owner and "SOC" staff. Demonstrated experience as a SOC lead or Senior Team successfully engaging with managed security service providers (MSSP), Joint Cybersecurity external entities (e.g., CISA, CYBERCOM) on incident response (IR), weakness, incident handling (IH) and vulnerability management (VM), including mitigating actions to contain activity and facilitating forensics analysis when necessary.
  • Documented applied theory as SOC Manager or Team lead conducting and guiding in-depth evaluations of current INFOSEC/IT Security/Cybersecurity tactics, technics, and procedures, to include their effect on baseline configurations.
  • Demonstrated proficiency as a SOC manager or Senior Team lead providing cybersecurity hygiene and posture status, support debriefings and input in support of Governance, Risk, and Compliance (GRC) activities, and ongoing evolutions.
  • Provide network subscribers with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary.
  • Demonstrated experience as a SOC manager or Senior Team lead with expertise conducting and guide log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources.
  • Security implementation techniques and strategies in web services.
  • Solid understanding of securing web technology, Microsoft cloud (e.g., Azure, M365, etc.) security knowledge and demonstrable abilities.
  • Skilled security evaluation of complex web portals (e.g., Java, APIs, Ruby,; databases (i.e., SQL , Oracle) using commercial or open-source tools such as SQLmap, mongoaudit, etc.
  • Near Expert Web Application Attack and Audit Frameworks to include Security evaluation of applications and websites using commercial or open tools NMAP, W3af, etc.
  • Near Expert execution of a continuous monitoring and remediation program using commercial or open tools (i.e., Azure Security Center, Defender for Cloud, NMAP, Wireshark, Qualys)
  • Near Expert execution of an end-point detection and response (EDR) remediation program using commercial or open tools (i.e., HBSS, SEP, Defender)
  • Near Expert knowledge of and experience coordinating security operation center (SOC) principles, incident handling (IH), incident response (IR) as well as exploitation tactics, techniques, and procedures (TTP).
  • Facilitate the adoption of security best practices with functional teams (i.e., developers, database administrators, web application administrators) using technical knowledge and interpersonal skills.

Clearance Required: Must be able to acquire an EEOC Public Trust
Preferred Skills and Experience
  • Most Desirable Certification(s): CISSP, OSCP, GCIH, GPEN, GSEC, GSNA, GAWN, GCIA, GSE, GWEB, GPPN, GCED, GCID, CCSP, GCWN

Posted Salary Range
USD $185,000.00 - USD $200,000.00 /Yr.

What GovCIO employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom