ZipRecruiter

Log In

1

Cyber Security Policy Jobs (NOW HIRING)

AGE Solutions

Cybersecurity Policy Analyst

Columbus, OH · On-site

AGE Solutions is looking for a Cybersecurity Policy Analyst to leads the review, consolidation, and development of cybersecurity policies in alignment with government standards. Ensures that these ...

gTANGIBLE

Cybersecurity Policy Lead

Washington, DC · On-site

Cybersecurity Policy Lead Location: Washington, DC Clearance: Secret Duties and Responsibilities The Cybersecurity Policy Lead will oversee research on cybersecurity policies, address inquiries, and ...

Concept Plus

Cybersecurity Policy & RMF Analyst

About the role Concept Plus is seeking a Cybersecurity Policy and RMF Analyst to provide Risk Management Support to identify shortfalls in the assessment and authorization process, track and manage ...

next page

Showing results 1-20

All JobsCyber Security Policy Jobs

Cyber Security Policy information

See salary details

$57K

$133K

$186K

How much do cyber security policy jobs pay per year?

As of Jun 12, 2026, the average yearly pay for cyber security policy in the United States is $132,962.00, according to ZipRecruiter salary data. Most workers in this role earn between $111,000.00 and $150,000.00 per year, depending on experience, location, and employer.

How much does a cyber policy analyst make?

A cyber policy analyst typically earns between $70,000 and $110,000 annually, depending on experience, location, and certifications. Strong knowledge of cybersecurity policies, risk management, and relevant tools can influence salary levels.

What are the key skills and qualifications needed to thrive in Cyber Security Policy, and why are they important?

To thrive in Cyber Security Policy, you need a solid understanding of information security principles, risk assessment, compliance frameworks, and typically a degree in cybersecurity, information technology, or a related field. Familiarity with standards such as NIST, ISO 27001, and government regulations, along with certifications like CISSP or CISM, is highly valued. Strong analytical thinking, communication, and collaboration skills help you interpret technical information and craft effective policies. These competencies ensure organizations can mitigate cyber risks, comply with regulations, and maintain robust security postures.

How to get into cyber security policy?

To enter a cyber security policy role, develop a strong understanding of cybersecurity principles, regulations, and risk management. Obtain relevant certifications such as CISSP or CISM, and gain experience through roles in cybersecurity, compliance, or IT governance. Strong communication skills and knowledge of legal and regulatory frameworks are also important for shaping security policies.

What is the difference between Cyber Security Policy vs Cyber Security Analyst?

AspectCyber Security PolicyCyber Security Analyst
Primary FocusDeveloping, implementing, and maintaining security policies and proceduresMonitoring, analyzing, and responding to security threats and incidents
Required CredentialsKnowledge of security frameworks, policies, and compliance standardsCertifications like CISSP, CEH, or Security+; technical skills
Work EnvironmentPolicy development teams, compliance departments, managementSecurity operations centers, IT teams, incident response teams
Industry UsageUsed across organizations to establish security standardsUsed to identify and mitigate security threats

While a Cyber Security Policy focuses on creating and maintaining security guidelines, a Cyber Security Analyst actively monitors and responds to security threats. Both roles are essential for a comprehensive security strategy, with policies providing the framework and analysts ensuring its enforcement and effectiveness.

What are some common challenges faced by professionals working in Cyber Security Policy roles?

Professionals in Cyber Security Policy often navigate the challenge of balancing organizational security needs with regulatory compliance and user privacy requirements. They must stay updated on rapidly evolving cyber threats and policy frameworks while ensuring that policies are practical for technical teams to implement. Additionally, they frequently collaborate with legal, IT, and executive departments, requiring strong communication and negotiation skills to align diverse stakeholder interests. Adapting policies to different business units and staying proactive against emerging risks are also key aspects of the role.

Is 40 too old for cyber security?

Cyber security professionals can succeed at any age, including 40 and older, as the field values experience, problem-solving skills, and continuous learning. Many roles require certifications like CISSP or CompTIA Security+ and staying current with evolving threats, which are achievable regardless of age.

Can you make $500,000 a year in cyber security?

Cyber security professionals, especially those in senior roles such as security architects or chief information security officers, can earn $500,000 or more annually, often through a combination of base salary, bonuses, and stock options. Achieving this level typically requires extensive experience, advanced certifications like CISSP or CISM, and working in high-demand industries or organizations with large security budgets.

What is cyber security policy?

A cyber security policy is a set of guidelines, rules, and procedures that organizations create to protect their digital assets and sensitive information from cyber threats. The policy outlines acceptable use of technology, roles and responsibilities, and protocols for responding to security incidents. It helps ensure that everyone in the organization understands how to safeguard data, comply with regulations, and reduce the risk of cyberattacks. A strong cyber security policy is essential for maintaining business continuity, legal compliance, and customer trust.
More about Cyber Security Policy jobs
What cities are hiring for Cyber Security Policy jobs? Cities with the most Cyber Security Policy job openings:
What states have the most Cyber Security Policy jobs? States with the most job openings for Cyber Security Policy jobs include:
What job categories do people searching Cyber Security Policy jobs look for? The top searched job categories for Cyber Security Policy jobs are:
Cyber Security Policy jobs near you
Infographic showing various Cyber Security Policy job openings in the United States as of June 2026, with employment types broken down into 86% Full Time, and 14% Contract. Highlights an 86% In-person, and 14% Remote job distribution, with an average salary of $132,962 per year, or $63.9 per hour.

Cybersecurity Policy Analyst

AGE Solutions

Columbus, OH • On-site

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 17 hours ago

Job description

About Us
AGE Solutions is a premier technology and professional services company, providing in-depth consulting, advanced technology solutions, and essential services throughout the U.S. government, defense, and intelligence sectors. Prioritizing innovation and client-focused solutions, we assist major agencies in addressing intricate issues and ensuring a more secure future.
AGE Solutions is looking for a Cybersecurity Policy Analyst to leads the review, consolidation, and development of cybersecurity policies in alignment with government standards. Ensures that these policies strike a balance between security imperatives and operational efficiency. Regularly briefs senior management on the evolution, updates, and progress of cybersecurity initiatives, fostering an informed and proactive leadership approach.
Responsibilities Include:
  • Develop, refine, and integrate cybersecurity policies and governance frameworks in accordance with government requirements while supporting organizational security objectives and operational effectiveness.
  • Maintain, update, and improve Cyber Security Service Provider (CSSP) processes, policies, and procedures with an emphasis on enterprise-level incident response operations supporting the government work environment.
  • Conduct ongoing assessments and revisions of the government's Cyber Security Standard Operating Procedures (SOPs) and Tactics, Techniques, and Procedures (TTPs) to ensure alignment with evolving operational requirements, cybersecurity standards, and organizational objectives.
  • Monitor, assess, and validate compliance within the government's cybersecurity directives, standards, and regulatory requirements to support secure and compliant enterprise operations.
  • Support government adherence to Cyber Defense directives through the coordination, tracking, and validation of recurring and long-term cybersecurity compliance requirements and implementation efforts.
  • Coordinate the distribution and communication of critical cybersecurity and compliance-related information to support organizational reporting, validation efforts, and regulatory requirements.
  • Support preparation activities for Cyber Security Service Provider (CSSP) evaluations, audits, and performance assessments while assisting with compliance validation against established cybersecurity metrics and standards.
  • Compile, analyze, and report on Cyber Security Service Provider (CSSP) artifacts, inspection data, and performance metrics to support cybersecurity assessments, compliance initiatives, and organizational reporting requirements.
  • Support the coordination, planning, and execution of cybersecurity exercises, including tabletop and operational readiness activities, for government programs, systems, and enterprise applications to strengthen incident response and security preparedness capabilities.
  • Develop post-exercise reports and documentation, including after-action reviews and lessons learned, to support continuous improvement of cybersecurity readiness, response procedures, and operational effectiveness.
  • Provide support to government programs and enterprise applications in the development, coordination, and maintenance of Risk Management Framework (RMF) packages to support cybersecurity authorization and compliance requirements.
  • Assist government personnel with preparation activities for Cyber Security Service Provider (CSSP) evaluations, cybersecurity inspections, and compliance audits to support operational readiness and regulatory adherence.
  • Coordinate the collection, organization, and compilation of cybersecurity data and supporting documentation for Cyber Security Service Provider (CSSP) metrics, assessments, and reporting requirements.
  • Prepare, maintain, and update cybersecurity training materials to support the implementation and transition of incident response and analysis procedures for government system administrators, information assurance personnel, and incident response teams.
  • Conduct and facilitate cybersecurity training sessions in both classroom and virtual environments, including delivery through video teleconference platforms to support distributed personnel and operational requirements.
  • Provide executive-level briefings to senior leadership on cybersecurity policy updates, implementation progress, compliance status, and emerging security requirements impacting organizational operations.
  • Provide technical guidance and subject matter expertise in the development, maintenance, evaluation, and review of cybersecurity policies in accordance with government standards and requirements.
  • Maintain comprehensive knowledge of government cybersecurity principles, policies, procedures, and implementation frameworks to support secure operations while balancing organizational and mission-critical operational requirements.

Required Skills, Qualifications, and Experience:
  • Experience:
    • Minimum of seven (7) years of relevant cybersecurity policy experience.
  • Security Clearance:
    • DoD Top Secret Clearance with SCI eligibility and IT-I access.
  • Certifications:
    • DoD 8570 IAT Level II Certification or higher (one of the following):
      • CompTIA Security+ CE
      • CompTIA Cybersecurity Analyst (CySA+)
      • Systems Security Certified Practitioner (SSCP)
      • GIAC Security Essentials Certification (GSEC)
      • Cisco Certified Network Associate (CCNA)
      • Global Industrial Cyber Security Professional (GICSP).
    • Computing Environment Certification - DoD 8570 CSSP (one of the following):
      • Certified Ethical Hacker (CEH)
      • CompTIA Cybersecurity Analyst (CySA+)
      • GIAC Certified Incident Handler (GCIH)
      • Certified Information Systems Auditor (CISA)
      • GIAC Systems and Network Auditor (GSNA)
      • Certified SCADA Security Architect (SCYBER)
      • GIAC Certified Forensic Analyst (GCFA)
      • CyberSec First Responder (CFR).

The projected salary range for this position is $90,000+ annually. Final compensation will be determined based on factors including years of relevant experience, active security clearance level, certifications, technical skillset, contract requirements, and overall qualifications.
At AGE Solutions, we reward performance, invest in growth, and share success. Our benefits support the whole person, professionally, financially, and personally.
  • 26 Days Paid Leave: Includes vacation, sick, personal time, and holidays. You choose how to use it.
  • Performance Bonuses: Performance bonuses are awarded based on individual contributions and company-wide results, aligning recognition with impact.
  • 401(k) with Match: We match 3% of your contributions with immediate vesting.
  • Financial Protection: Company-paid life insurance up to $300K and options for additional coverage for you and your dependents.
  • Health Benefits: Multiple medical plans, dental, vision, FSA and HSA options to fit your needs.
  • Parental Leave: 15 days of fully paid leave for new parents, because family matters.
  • Military Differential Pay: We bridge the gap for employees on active duty, so they don't take a financial hit while serving.
  • Professional Growth: Paid training and certifications, tuition reimbursement, and the tools and tech to get the job done right.
  • Shared Success: In the event of a company sale, our CEO has committed to returning 80% of net proceeds to employees. This ensures our team shares in the long term value they help create.

At AGE, you'll do work that matters, supported by a company that delivers for its people.

Apply