PTS is currently seeking a Cybersecurity Technical Policy Writer for a long-term role with a top refining client. This position is able to be performed remotely with little to no expected travel so is perfect for someone wanting the flexibility of being able to work from home.
Qualified candidates will have 3+ years of relevant experience working with Cybersecurity policies (remote access, access control, firewalls, etc.) and will be familiar with industry frameworks and standards (e.g., NIST SP 800-53, NIST SP 800-171, ISO 27001-2, SCADA). Must be a self-starter with strong critical thinking skills able to work with little to no oversight and perform gap analysis.
The Cybersecurity/IT Policy Writer is a position within the Cybersecurity team responsible for inventorying, developing, and reviewing Cybersecurity, IT, and business specific polices, standards and operational documents. The technical writer role will interface with all levels of staff and management within the IT organization, as well as communicate with the business units. The writer may assist with other related functions.
We are looking for a Technical Writer with experience in creating and maintaining a detailed library of policies, processes, and standard operating procedures to ensure ongoing and continual improvement of our compliance objectives.
Job Responsibility, Required Education, and Experience:
- Demonstrate expert technical writing skills, track record of logical and critical thinking, superior organizational skills, and excellent planning and time management skills.
- Communicate effectively both orally and in writing with all levels in an organization.
- Regularly achieve milestones and deadlines.
- Utilize your superior understanding of the NIST Risk Management Framework, FIPS 199 and NIST Special Publications to interpret and synthesize information from multiple sources to address requirements in security compliance documentation.
- Demonstrate your use of plain language in past writing assignments to the current environment.
- Apply your understanding of current computer technologies and technical security requirements for the design, development, evaluation, and integration of computer systems and networks.
- Ability to develop, edit, review, and maintain IT/Cybersecurity/Business Security policies, plans, procedures, and other documentation to clearly demonstrate compliance with Federal requirements.
- Inventory policy set and make recommendations based on experience.
- Review written correspondence and artifacts to ensure final delivery is understandable to a first-time reader who possesses little knowledge of materials
- Ensures the consistency and use of proper technical terminology
- Develop tracking repository, lead the approval, and review process
- Must be a self-starter requiring little guidance
- Working knowledge in the Oil and Gas industry a plus
- Working technical knowledge of industry best practices and commonly used frameworks & standards (e.g., NIST SP 800-53, NIST SP 800-171, ISO 27001-2, SCADA)
- Working knowledge of system control polices, access control, system hardening, backup policy, change management, guest wireless policy change, password vault password, Information security policies to name a few is a plus.