ZipRecruiter

Log In

1

Cyber Security Policy Analyst Jobs (NOW HIRING)

Everwatch

Policy Analyst, Mid

Springfield, VA

$62.50 - $72.12/hr

Support the organization's Cybersecurity Strategy. * Analyze internal documents and external issuances, such as IC and DoW policy and Executive Orders, to identify policy impacts, conflicts, or gaps.

Tau Six

Senior IT Policy Analyst (TS/SCI)

Arlington, VA · On-site

Tau Six, an agile small company delivering cybersecurity and systems integration services to the US National Security market, has an immediate need for a Senior Information Technology Policy Analyst ...

Tau Six

Senior IT Policy Analyst (TS/SCI)

Arlington, VA · On-site

Tau Six, an agile small company delivering cybersecurity and systems integration services to the US National Security market, has an immediate need for a Senior Information Technology Policy Analyst ...

next page

Showing results 1-20

All JobsCyber Security Policy Analyst Jobs

Cyber Security Policy Analyst information

See salary details

$43K

$99.4K

$150K

How much do cyber security policy analyst jobs pay per year?

As of Jun 11, 2026, the average yearly pay for cyber security policy analyst in the United States is $99,400.00, according to ZipRecruiter salary data. Most workers in this role earn between $79,500.00 and $115,500.00 per year, depending on experience, location, and employer.

What does a Cyber Security Policy Analyst do?

A Cyber Security Policy Analyst develops, implements, and reviews policies and procedures to protect an organization's information systems from cyber threats. They analyze current security measures, stay updated on regulations and emerging threats, and ensure that the organization’s security policies comply with legal and regulatory requirements. Additionally, they may provide recommendations for policy improvements, conduct risk assessments, and educate staff on security best practices.

What is the difference between Cyber Security Policy Analyst vs Cyber Security Analyst?

AspectCyber Security Policy AnalystCyber Security Analyst
CredentialsBachelor's degree in cybersecurity, IT, or related field; certifications like CISSP, CISABachelor's degree in cybersecurity, IT, or related field; certifications like CompTIA Security+, CEH
Work EnvironmentPolicy development, compliance, risk assessment, often in office settingsSecurity monitoring, incident response, vulnerability assessment, often in security operations centers
Employer & IndustryGovernment agencies, corporations, consulting firms focusing on policy and complianceIT departments, security firms, organizations with active cybersecurity operations

The main difference is that a Cyber Security Policy Analyst focuses on creating and managing security policies, ensuring compliance, and assessing risks, while a Cyber Security Analyst primarily monitors systems, responds to threats, and handles technical security issues. Both roles require cybersecurity knowledge but serve different functions within an organization.

What are some common challenges faced by Cyber Security Policy Analysts when translating technical risks into actionable policies?

Cyber Security Policy Analysts often face the challenge of bridging the gap between highly technical security risks and practical, understandable policies for non-technical stakeholders. They must ensure that policies are comprehensive yet accessible, balancing security needs with business operations. Additionally, keeping policies current with evolving threats and regulatory requirements can be demanding. Effective communication and collaboration with IT, legal, and executive teams are essential to address these challenges and ensure successful policy implementation.

What are the key skills and qualifications needed to thrive as a Cyber Security Policy Analyst, and why are they important?

To thrive as a Cyber Security Policy Analyst, you need a deep understanding of cyber security frameworks, risk assessment, and policy development, usually supported by a bachelor's degree in cyber security, information technology, or a related field. Familiarity with regulatory standards (such as NIST, ISO 27001), governance tools, and, sometimes, certifications like CISSP or CISM is important. Excellent analytical thinking, written communication, and stakeholder collaboration skills help you translate technical risks into effective policies. These skills ensure that organizations remain compliant, minimize cyber risks, and build resilient security postures.
More about Cyber Security Policy Analyst jobs
What cities are hiring for Cyber Security Policy Analyst jobs? Cities with the most Cyber Security Policy Analyst job openings:
What states have the most Cyber Security Policy Analyst jobs? States with the most job openings for Cyber Security Policy Analyst jobs include:
What job categories do people searching Cyber Security Policy Analyst jobs look for? The top searched job categories for Cyber Security Policy Analyst jobs are:
Cyber Security Policy Analyst jobs near you
Infographic showing various Cyber Security Policy Analyst job openings in the United States as of June 2026, with employment types broken down into 100% Full Time. Highlights an 100% In-person job distribution, with an average salary of $99,400 per year, or $47.8 per hour.
Policy Analyst, Mid

Policy Analyst, Mid

Everwatch

Springfield, VA

$62.50 - $72.12/hr

Other

Posted 10 days ago

Job description

Job TitlePolicy Analyst, MidOverview

EverWatch is a government solutions company providing advanced defense, intelligence, and deployed support to our country's most critical missions.  We are a full-service government solutions company. Harnessing the most advanced technology and solutions, we strengthen defenses and control environments to preserve continuity and ensure mission success.

EverWatch employees are focused on tackling the most difficult challenges of the US Government. We offer the best salaries and benefits packages in our industry - to identify and retain the top talent in support of our critical mission objectives.

Commitment to Non-Discrimination:

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

Responsibilities

As a Policy Analyst, you will provide support to all policy development, review, coordination, adjudication, promulgation, communication, and compliance in accordance with Policy Life Cycle Management (PLCM) process. You will support Subject Matter Expert (SME) development, coordination, and maintenance of all assigned policies, self-inspection checklists, and gap analyses.

How You'll Contribute:

  • Support policy development, review, coordination, and compliance for corporate policies, IT services policies, cybersecurity, and information assurance policies.
  • Support the development of SME self-inspection compliance checklists to ensure policy implementation, monitoring, and tracking.
  • Lead and support SME analysis for gap analysis and policy revisions.Conduct independent verification and validation to ensure policies are clear, fact-based, accurate, and consistent with external guidance and strategic planning.
  • Identify policy gaps and propose appropriate solutions and resolutions to the policy lead.
  • Support the implementation of policy business process improvements.
  • Support the tracking and reporting of policy business analytics, metrics, and performance measures.
  • Support the organization's Cybersecurity Strategy.
  • Analyze internal documents and external issuances, such as IC and DoW policy and Executive Orders, to identify policy impacts, conflicts, or gaps.

Join us. The world can't wait. 

Qualifications

You Have:  

  • 2+ years of experience reviewing and analyzing high-level governance documents including, agency directives, statutes, and Executive Orders 
  • 2+ years of experience tracking and managing formal taskers 
  • 2+ years of experience in coordinating and collaborating on agency-level support agreements 
  • Experience leading, managing, and working policy compendiums, frameworks, strategic planning agendas, rescissions, and gaps 
  • Knowledge of NIST 800-53 controls, cybersecurity frameworks, and high-level cybersecurity policy 
  • Active TS/SCI clearance;  willingness to take a polygraph exam 
  • Bachelor's Degree in computer science, system engineering, cybersecurity, international affairs, policy and 7+ years of experience leading, managing, and working policies in accordance with a Policy Life Cycle Management (PLCM) process or HS Diploma or GED and 10 + years of experience leading, managing, and working policies in accordance with a Policy Life Cycle Management (PLCM) 

Clearance: 

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required. 

Compensation at EverWatch is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $62.50 to $72.12 per hour.  The estimate displayed represents the typical compensation range for this position and is just one component of EverWatch's total compensation package for employees.

Clearance LevelTS/SCIJob LocationsUS-VA-SpringfieldSkillsPolicy, Policy Life Cycle Management, Communications, Classified DocumentsMinMaxEmployment Type: OTHER

Apply