2

Cybersecurity Policy Remote Jobs (NOW HIRING)

Be Seen First

Cyber Security Engineer V

Mclean, VA ยท Remote

$205K - $230K/yr

Develop and maintain cybersecurity policies, procedures, standards, and technical documentation ... hybrid, or remote environments depending on contract requirements. Occasional travel may be ...

Developing and implementing cybersecurity policies, procedures, and controls necessary to meet DoD ... Experience working in a remote team or asynchronous work environment where focus, discipline, and ...

Developing and implementing cybersecurity policies, procedures, and controls necessary to meet DoD ... Remote - USA $123,250-$166,750 USD Who We Are Defense Unicorns delivers mission value by ...

Developing and implementing cybersecurity policies, procedures, and controls necessary to meet ... Experience working in a remote team or asynchronous work environment where focus, discipline, and ...

Developing and implementing cybersecurity policies, procedures, and controls necessary to meet ... Remote - USA $148,750-$201,250 USD Who We Are Defense Unicorns delivers mission value by ...

Everforth ECS is seeking a Cybersecurity Architect to work in our Portland, OR/Remote office ... Provide technical oversight for policies, procedures, dashboards, and metrics supporting ISCM ...

next page

Showing results 1-20

Cybersecurity Policy Remote information

See salary details

$57K

$133K

$186K

How much do cybersecurity policy remote jobs pay per year?

As of Jul 1, 2026, the average yearly pay for cybersecurity policy remote in the United States is $132,962.00, according to ZipRecruiter salary data. Most workers in this role earn between $111,000.00 and $150,000.00 per year, depending on experience, location, and employer.

What are the main challenges faced by professionals in remote cybersecurity policy roles?

One common challenge for remote cybersecurity policy professionals is staying aligned with rapidly evolving regulations and best practices while working outside of a traditional office setting. Effective communication and collaboration with technical teams, legal departments, and executive leadership are essential, yet can be more complex when working remotely. Additionally, remote professionals must be proactive in maintaining secure work environments and access to sensitive information. Despite these challenges, remote roles often offer flexibility and the opportunity to work with diverse, geographically dispersed teams.

What are the key skills and qualifications needed to thrive as a Cybersecurity Policy Specialist working remotely, and why are they important?

To thrive as a Cybersecurity Policy Specialist in a remote setting, you need a strong understanding of cybersecurity frameworks, legal compliance, risk management, and typically a degree in information security, computer science, or a related field. Familiarity with technical tools like GRC (Governance, Risk, and Compliance) platforms, NIST and ISO standards, and relevant certifications such as CISSP or CISM are highly valued. Excellent written communication, analytical thinking, and the ability to collaborate virtually with cross-functional teams are essential soft skills. These competencies ensure that effective policies are developed, risks are minimized, and organizational security objectives are met in a distributed work environment.

What is the difference between Cybersecurity Policy Remote vs Cybersecurity Analyst?

AspectCybersecurity Policy RemoteCybersecurity Analyst
Required CertificationsCertified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)CompTIA Security+, CISSP, GIAC Security Certifications
Work EnvironmentRemote, policy-focused roles often involving documentation, compliance, and strategyTypically in-office or hybrid, involving monitoring, threat analysis, and incident response
Employer & Industry UsageUsed by organizations to develop and enforce security policies, often in government, finance, or tech sectorsUsed by security teams to analyze threats, investigate incidents, and improve security posture

While both roles involve cybersecurity, Cybersecurity Policy Remote focuses on creating and managing security policies remotely, whereas Cybersecurity Analysts actively monitor and respond to security threats, often in a more hands-on environment.

What does a Cybersecurity Policy Remote professional do?

A Cybersecurity Policy Remote professional develops, implements, and manages cybersecurity policies and procedures for organizations while working remotely. They ensure that the company complies with relevant laws, regulations, and industry standards regarding information security. Their work includes risk assessments, policy updates, employee training, and responding to cybersecurity incidents. By working remotely, they use digital tools to collaborate with team members and monitor compliance across various locations.
More about Cybersecurity Policy Remote jobs
What cities are hiring for Cybersecurity Policy Remote jobs? Cities with the most Cybersecurity Policy Remote job openings:
What are the most commonly searched types of Cybersecurity Policy jobs? The most popular types of Cybersecurity Policy jobs are:
What states have the most Cybersecurity Policy Remote jobs? States with the most job openings for Cybersecurity Policy Remote jobs include:
Cybersecurity Assessment And Authorization Subject Matter Expert (SME) (61123)

Cybersecurity Assessment And Authorization Subject Matter Expert (SME) (61123)

Beshenich & Muir Associates

Fort Myer, VA โ€ข On-site, Remote

Full-time

Medical, Dental, Vision, Retirement

Posted yesterday


Job description

BMA is seeking a Cybersecurity Assessment And Authorization Subject Matter Expert (SME) to join our team. This is a fully remote role.
Job Summary
Serves as a Cybersecurity Subject Matter Expert (SME) responsible for supporting the Assessment and Authorization (A&A) of information systems in accordance with Department of Defense (DoD) cybersecurity policies, the Risk Management Framework (RMF), and applicable cybersecurity standards. Provides technical expertise in the implementation, assessment, and authorization of information systems, evaluates cybersecurity risks and vulnerabilities, and advises senior leadership on authorization status and compliance efforts.
  • Key Responsibilities
    • Serves as a Cybersecurity Subject Matter Expert (SME) for Assessment and Authorization (A&A) activities supporting DoD information systems.
    • Performs cybersecurity activities required to authorize information systems in accordance with the Risk Management Framework (RMF).
    • Provides technical expertise for information systems undergoing the authorization process.
    • Applies National Institute of Standards and Technology (NIST) Special Publication 800-53 security controls during the assessment and authorization process.
    • Evaluates cybersecurity requirements across complex enterprise IT environments, including enclaves, applications, and outsourced IT services.
    • Identifies security control deficiencies and determines the appropriate severity of vulnerabilities.
    • Assesses the impact of identified vulnerabilities on an information system's current or future authorization.
    • Develops recommendations to address cybersecurity risks and improve system compliance.
    • Briefs senior management on the status, progress, and results of RMF and authorization activities.
    • Ensures compliance with applicable DoD cybersecurity policies, procedures, and security standards.

Clearance Requirements
Must possess an IT-II Non-Critical Sensitive designation with a current Tier 3 (T3) background investigation at the time of proposal submission.
Required Skills & Certifications
  • Five (5) years of relevant Risk Management Framework (RMF) and NIST Assessment and Authorization (A&A) experience.
  • Department of Defense (DoD) cybersecurity experience.
  • Experience assessing security controls and conducting authorization reviews for large, complex organizations.
  • Experience supporting the Department of Defense (DoD) authorization process, including cybersecurity policies, procedures, and processes.
  • Knowledge of cybersecurity principles related to emerging technologies, including cloud computing, Industrial Control Systems (ICS), warehouse execution systems, and Operational Technology (OT) infrastructures.
  • Must possess an IT-II Non-Critical Sensitive designation or Tier 3 (T3) background investigation at the time of proposal submission.

Overview
BMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country.
Benefits
We believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident & illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements.
AAP & EEO Statement
Beshenich Muir & Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law.