ZipRecruiter

Log In

1

Cyber Security Policy Analyst Jobs (NOW HIRING)

AGE Solutions

Cybersecurity Policy Analyst

Columbus, OH · On-site

AGE Solutions is looking for a Cybersecurity Policy Analyst to leads the review, consolidation, and development of cybersecurity policies in alignment with government standards. Ensures that these ...

AGE solutions

Cybersecurity Policy Analyst

Columbus, OH · On-site

AGE Solutions is looking for a Cybersecurity Policy Analyst to leads the review, consolidation, and development of cybersecurity policies in alignment with government standards. Ensures that these ...

gTANGIBLE

Cybersecurity Policy Lead

Washington, DC

A minimum of 15 years of IT cybersecurity experience, including direct support for the US Government and 7 years serving as a Policy Analyst for an enterprise IT systems OR a relevant Master's Degree ...

SAIC

Policy Analyst

Saint Louis, MO · Hybrid

Support the organization's Cybersecurity Strategy. * Analyze internal documents and external issuances (e.g., IC/DoW policy, Executive Orders) to identify policy impacts, conflicts, or gaps.

ManTech International

Policy Analyst

Springfield, VA · On-site

The Policy Analyst advises, assists, leads, manages, and works all policy development, review ... Lead the development, review, and coordination of corporate, IT service, and cybersecurity ...

ManTech

Policy Analyst

Springfield, VA · On-site

The Policy Analyst advises, assists, leads, manages, and works all policy development, review ... Lead the development, review, and coordination of corporate, IT service, and cybersecurity ...

ManTech International

Policy Analyst

Springfield, VA · On-site

The Policy Analyst advises, assists, leads, manages, and works all policy development, review ... Lead the development, review, and coordination of corporate, IT service, and cybersecurity ...

ManTech

Policy Analyst

Springfield, VA

The Policy Analyst advises, assists, leads, manages, and works all policy development, review ... Lead the development, review, and coordination of corporate, IT service, and cybersecurity ...

ManTech International

Policy Analyst

Springfield, VA · On-site

The Policy Analyst advises, assists, leads, manages, and works all policy development, review ... Lead the development, review, and coordination of corporate, IT service, and cybersecurity ...

ManTech

Policy Analyst

Saint Louis, MO

The Policy Analyst advises, assists, leads, manages, and works all policy development, review ... Lead the development, review, and coordination of corporate, IT service, and cybersecurity ...

ManTech

Policy Analyst

Springfield, VA · On-site

The Policy Analyst advises, assists, leads, manages, and works all policy development, review ... Lead the development, review, and coordination of corporate, IT service, and cybersecurity ...

ManTech International

Policy Analyst

Saint Louis, MO · On-site

The Policy Analyst advises, assists, leads, manages, and works all policy development, review ... Lead the development, review, and coordination of corporate, IT service, and cybersecurity ...

Tulk LLC

Policy Analyst Mid

Fort Belvoir, VA · On-site

$124K - $148K/yr

Support the organization's Cybersecurity Strategy. * Analyze internal documents and external issuances (e.g., IC/DoW policy, Executive Orders) to identify policy impacts, conflicts, or gaps. Required ...

next page

Showing results 1-20

All JobsCyber Security Policy Analyst Jobs

Cyber Security Policy Analyst information

See salary details

$43K

$99.4K

$150K

How much do cyber security policy analyst jobs pay per year?

As of Jun 10, 2026, the average yearly pay for cyber security policy analyst in the United States is $99,400.00, according to ZipRecruiter salary data. Most workers in this role earn between $79,500.00 and $115,500.00 per year, depending on experience, location, and employer.

What does a Cyber Security Policy Analyst do?

A Cyber Security Policy Analyst develops, implements, and reviews policies and procedures to protect an organization's information systems from cyber threats. They analyze current security measures, stay updated on regulations and emerging threats, and ensure that the organization’s security policies comply with legal and regulatory requirements. Additionally, they may provide recommendations for policy improvements, conduct risk assessments, and educate staff on security best practices.

What is the difference between Cyber Security Policy Analyst vs Cyber Security Analyst?

AspectCyber Security Policy AnalystCyber Security Analyst
CredentialsBachelor's degree in cybersecurity, IT, or related field; certifications like CISSP, CISABachelor's degree in cybersecurity, IT, or related field; certifications like CompTIA Security+, CEH
Work EnvironmentPolicy development, compliance, risk assessment, often in office settingsSecurity monitoring, incident response, vulnerability assessment, often in security operations centers
Employer & IndustryGovernment agencies, corporations, consulting firms focusing on policy and complianceIT departments, security firms, organizations with active cybersecurity operations

The main difference is that a Cyber Security Policy Analyst focuses on creating and managing security policies, ensuring compliance, and assessing risks, while a Cyber Security Analyst primarily monitors systems, responds to threats, and handles technical security issues. Both roles require cybersecurity knowledge but serve different functions within an organization.

What are some common challenges faced by Cyber Security Policy Analysts when translating technical risks into actionable policies?

Cyber Security Policy Analysts often face the challenge of bridging the gap between highly technical security risks and practical, understandable policies for non-technical stakeholders. They must ensure that policies are comprehensive yet accessible, balancing security needs with business operations. Additionally, keeping policies current with evolving threats and regulatory requirements can be demanding. Effective communication and collaboration with IT, legal, and executive teams are essential to address these challenges and ensure successful policy implementation.

What are the key skills and qualifications needed to thrive as a Cyber Security Policy Analyst, and why are they important?

To thrive as a Cyber Security Policy Analyst, you need a deep understanding of cyber security frameworks, risk assessment, and policy development, usually supported by a bachelor's degree in cyber security, information technology, or a related field. Familiarity with regulatory standards (such as NIST, ISO 27001), governance tools, and, sometimes, certifications like CISSP or CISM is important. Excellent analytical thinking, written communication, and stakeholder collaboration skills help you translate technical risks into effective policies. These skills ensure that organizations remain compliant, minimize cyber risks, and build resilient security postures.
More about Cyber Security Policy Analyst jobs
What cities are hiring for Cyber Security Policy Analyst jobs? Cities with the most Cyber Security Policy Analyst job openings:
What states have the most Cyber Security Policy Analyst jobs? States with the most job openings for Cyber Security Policy Analyst jobs include:
What job categories do people searching Cyber Security Policy Analyst jobs look for? The top searched job categories for Cyber Security Policy Analyst jobs are:
Cyber Security Policy Analyst jobs near you
Infographic showing various Cyber Security Policy Analyst job openings in the United States as of June 2026, with employment types broken down into 100% Full Time. Highlights an 100% In-person job distribution, with an average salary of $99,400 per year, or $47.8 per hour.

Cybersecurity Policy Analyst

AGE Solutions

Columbus, OH • On-site

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 28 days ago

Job description

About Us
AGE Solutions is a premier technology and professional services company, providing in-depth consulting, advanced technology solutions, and essential services throughout the U.S. government, defense, and intelligence sectors. Prioritizing innovation and client-focused solutions, we assist major agencies in addressing intricate issues and ensuring a more secure future.
AGE Solutions is looking for a Cybersecurity Policy Analyst to leads the review, consolidation, and development of cybersecurity policies in alignment with government standards. Ensures that these policies strike a balance between security imperatives and operational efficiency. Regularly briefs senior management on the evolution, updates, and progress of cybersecurity initiatives, fostering an informed and proactive leadership approach.
Responsibilities Include:
  • Develop, refine, and integrate cybersecurity policies and governance frameworks in accordance with government requirements while supporting organizational security objectives and operational effectiveness.
  • Maintain, update, and improve Cyber Security Service Provider (CSSP) processes, policies, and procedures with an emphasis on enterprise-level incident response operations supporting the government work environment.
  • Conduct ongoing assessments and revisions of the government's Cyber Security Standard Operating Procedures (SOPs) and Tactics, Techniques, and Procedures (TTPs) to ensure alignment with evolving operational requirements, cybersecurity standards, and organizational objectives.
  • Monitor, assess, and validate compliance within the government's cybersecurity directives, standards, and regulatory requirements to support secure and compliant enterprise operations.
  • Support government adherence to Cyber Defense directives through the coordination, tracking, and validation of recurring and long-term cybersecurity compliance requirements and implementation efforts.
  • Coordinate the distribution and communication of critical cybersecurity and compliance-related information to support organizational reporting, validation efforts, and regulatory requirements.
  • Support preparation activities for Cyber Security Service Provider (CSSP) evaluations, audits, and performance assessments while assisting with compliance validation against established cybersecurity metrics and standards.
  • Compile, analyze, and report on Cyber Security Service Provider (CSSP) artifacts, inspection data, and performance metrics to support cybersecurity assessments, compliance initiatives, and organizational reporting requirements.
  • Support the coordination, planning, and execution of cybersecurity exercises, including tabletop and operational readiness activities, for government programs, systems, and enterprise applications to strengthen incident response and security preparedness capabilities.
  • Develop post-exercise reports and documentation, including after-action reviews and lessons learned, to support continuous improvement of cybersecurity readiness, response procedures, and operational effectiveness.
  • Provide support to government programs and enterprise applications in the development, coordination, and maintenance of Risk Management Framework (RMF) packages to support cybersecurity authorization and compliance requirements.
  • Assist government personnel with preparation activities for Cyber Security Service Provider (CSSP) evaluations, cybersecurity inspections, and compliance audits to support operational readiness and regulatory adherence.
  • Coordinate the collection, organization, and compilation of cybersecurity data and supporting documentation for Cyber Security Service Provider (CSSP) metrics, assessments, and reporting requirements.
  • Prepare, maintain, and update cybersecurity training materials to support the implementation and transition of incident response and analysis procedures for government system administrators, information assurance personnel, and incident response teams.
  • Conduct and facilitate cybersecurity training sessions in both classroom and virtual environments, including delivery through video teleconference platforms to support distributed personnel and operational requirements.
  • Provide executive-level briefings to senior leadership on cybersecurity policy updates, implementation progress, compliance status, and emerging security requirements impacting organizational operations.
  • Provide technical guidance and subject matter expertise in the development, maintenance, evaluation, and review of cybersecurity policies in accordance with government standards and requirements.
  • Maintain comprehensive knowledge of government cybersecurity principles, policies, procedures, and implementation frameworks to support secure operations while balancing organizational and mission-critical operational requirements.

Required Skills, Qualifications, and Experience:
  • Experience:
    • Minimum of seven (7) years of relevant cybersecurity policy experience.
  • Security Clearance:
    • DoD Top Secret Clearance with SCI eligibility and IT-I access.
  • Certifications:
    • DoD 8570 IAT Level II Certification or higher (one of the following):
      • CompTIA Security+ CE
      • CompTIA Cybersecurity Analyst (CySA+)
      • Systems Security Certified Practitioner (SSCP)
      • GIAC Security Essentials Certification (GSEC)
      • Cisco Certified Network Associate (CCNA)
      • Global Industrial Cyber Security Professional (GICSP).
    • Computing Environment Certification - DoD 8570 CSSP (one of the following):
      • Certified Ethical Hacker (CEH)
      • CompTIA Cybersecurity Analyst (CySA+)
      • GIAC Certified Incident Handler (GCIH)
      • Certified Information Systems Auditor (CISA)
      • GIAC Systems and Network Auditor (GSNA)
      • Certified SCADA Security Architect (SCYBER)
      • GIAC Certified Forensic Analyst (GCFA)
      • CyberSec First Responder (CFR).

The projected salary range for this position is $90,000+ annually. Final compensation will be determined based on factors including years of relevant experience, active security clearance level, certifications, technical skillset, contract requirements, and overall qualifications.
At AGE Solutions, we reward performance, invest in growth, and share success. Our benefits support the whole person, professionally, financially, and personally.
  • 26 Days Paid Leave: Includes vacation, sick, personal time, and holidays. You choose how to use it.
  • Performance Bonuses: Performance bonuses are awarded based on individual contributions and company-wide results, aligning recognition with impact.
  • 401(k) with Match: We match 3% of your contributions with immediate vesting.
  • Financial Protection: Company-paid life insurance up to $300K and options for additional coverage for you and your dependents.
  • Health Benefits: Multiple medical plans, dental, vision, FSA and HSA options to fit your needs.
  • Parental Leave: 15 days of fully paid leave for new parents, because family matters.
  • Military Differential Pay: We bridge the gap for employees on active duty, so they don't take a financial hit while serving.
  • Professional Growth: Paid training and certifications, tuition reimbursement, and the tools and tech to get the job done right.
  • Shared Success: In the event of a company sale, our CEO has committed to returning 80% of net proceeds to employees. This ensures our team shares in the long term value they help create.

At AGE, you'll do work that matters, supported by a company that delivers for its people.

Apply