IT Policy/Legislative Specialist

cFocus Software seeks an IT Policy/Legislative Specialist to join our program supporting Administrative Office of the United States Courts (AOUSC). This position is on-site in Washington, DC. This position requires the ability to obtain a Public Trust clearance.

Qualifications:

• 10 years working on executive-level briefing materials.
• 10 years working with highly technical information (e.g., policy, legislation, standards, etc.) required, with at least 5 years specifically in cybersecurity-related information (i.e., governance, risk, and compliance).
• Sound foundation in grammar, punctuation, and use of the English language, with emphasis on producing clear, direct prose.
• 10 years of expertise in Microsoft Office Tools such as Word, PowerPoint, Excel, and Teams.
• Bachelor's degree in Public Policy, Information Technology, Information Systems, Cybersecurity, or related field.

Duties:

• Actively monitor open-source government and private cybersecurity relevant guidance documents daily, and document any changes and how they relate to the judiciary.
• Proactively provide written 1-page executive summaries of the latest government cybersecurity frameworks, including but not limited to those published by National Institute of Standards and Technology (NIST) within one week of the newly released guidance.
• Proactively provide written 1-page executive summaries of the latest private cybersecurity frameworks including but not limited to the MITRE ATT&CK framework within one week of the newly released guidance.
• Provide recommendations and suggestions on a weekly basis on the existing government and private cybersecurity industry best practices, standards, policies, frameworks, and other relevant guidance related material.
• Draft, review, and provide edits to technical best practices and resource packets based on current cybersecurity-related events (e.g., SIM swapping threats). Review includes participation an annual review of existing documentation to ensure all guidance remains current and appropriate.
• Draft and provide written recommendations and edits to ITSO cybersecurity strategies based on a comparison of ITSO's current cybersecurity posture to government and private cybersecurity industry standards.
• Align all written guidance documents to the AOUSC's strategic goals and modernization strategy.
• Review and provide written recommendations to enterprise technical standards and IT security policy that govern the judiciary.
• Collaborate verbally and in written form with ITSO and other AOUSC offices to align guidance for publication to the judiciary.
• Provide written recommendations on Government drafts of executive summaries and briefings.
• Draft and provide recommendations and input on other guidance content and the creation of briefings.