Cyber Policy Analyst

About Enterprise Solutions and Management (ESM)

Enterprise Solutions and Management (ESM) is a rapidly growing government contractor that provides strategic IT services that meet mission needs for Defense and Federal customers. We are hiring a Cyber Policy Analyst for an exciting remote opportunity.

Job Description and Responsibilities

This role is responsible for reviewing, consolidating, and developing cybersecurity policy in coordination with government stakeholders to ensure compliance with applicable requirements. The position provides technical support and guidance across programs while evaluating IT policies, standards, guidelines, and procedures to maintain an effective balance between security needs and operational objectives. In addition, the role prepares and delivers briefings to senior management on cybersecurity policy updates, changes, and program progress, ensuring leadership remains informed and aligned with evolving security requirements.

*While this is a remote position, the client stipulates that all candidates must live within 50 miles of one of the following:

Battle Creek, MI

Columbus, OH

Dayton, OH

Ft. Belvoir, VA

New Cumberland, PA

Ogden, UT

Philadelphia, PA

Richmond, VA

Required Knowledge, Skills and Abilities (KSA)

• Knowledge of DoD cybersecurity policies, procedures, and implementation frameworks supporting enterprise security operations.
• Experience developing and maintaining cybersecurity artifacts, including STIGs, TCG configuration guides, IAVMs, and task orders.
• Ability to create, manage, and validate RMF documentation and cybersecurity compliance artifacts.
• Skilled in maintaining and tracking POA&M records, including findings, remediation actions, and milestone updates to support issue resolution.
• Proficient in data analysis and reporting using tools such as Microsoft Excel, Access, Power BI, and Power Platform to produce audit-ready cybersecurity reports, vulnerability assessments, and trend analyses.
• Strong research, analytical, and communication skills with demonstrated ability to work independently or collaboratively and brief leadership on cybersecurity status, risks, and compliance findings.

Desired KSA

• Be a positive, self-motivated, and proactive person with the ability to adapt to change and tolerate stressful situations
• Candidate must communicate effectively with team members, team lead, management, and government customer
• Must have the ability and desire to research and develop creative solutions to unique problems with minimal supervision

Minimum Training, Education, and Certifications

• Seven (7) years cybersecurity policy experience
• IAT II or higher certification
• ACAS training module/course completion
• Tanium training module/course completion
• DLA approved Computing Environment certification

Minimum Clearance

• Secret

Physical Requirements

• Required to stand, walk and sit; communicate verbally both in person and by telephone; use hands to finger, handle or feel objects or controls; reach with hands and arms. Regularly required to stoop, kneel, bend, crouch and lift up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, depth perception, color vision and the ability to adjust focus.
• Physical demands associated with this position include extensive walking (including stairs) throughout offices and between buildings. May require use of public transportation, personal or Government vehicle to drive to local and/or remote office locations.

Additional Requirements

• Other duties as assigned

ESM provides equal employment opportunity to all individuals regardless of race, color, creed, religion, gender, age, sexual orientation, national origin or ancestry, disability, genetic information, veteran status, gender identification or any other characteristic protected by state, federal or local law.