The Role
Lead development, revision, and maintenance of enterprise- and government-level cybersecurity policies, standards, procedures, and guidelines. Ensure compliance with federal frameworks (NIST, FISMA, DoD, CMMC), perform gap analyses, collaborate with SMEs and legal teams, maintain document control, support ATO and audit processes, and recommend policy updates to strengthen security posture.
Summary Generated by Built In
Dark Wolf is seeking a highly skilled and experienced Senior Enterprise Cybersecurity Policy Writer to join our growing team. This pivotal role involves the development, revision, and continuous maintenance of comprehensive cybersecurity policies, standards, guidelines, and procedures for large-scale enterprise and government environments. The successful candidate will ensure that all documentation aligns with federal regulations, industry best practices, and organizational objectives, playing a critical role in strengthening our clients' security posture and compliance. Responsibilities include but are not limited to:
- Leading the full lifecycle development, drafting, and revision of enterprise-level cybersecurity policies, standards, procedures, and guidelines, ensuring clarity, conciseness, and enforceability.
- Ensuring all developed documentation complies with federal cybersecurity mandates and frameworks, including but not limited to FISMA, NIST Special Publications (e.g., NIST SP 800-53, 800-171, CSF), DoD Instructions (e.g., DoDI 8500.01, DoDM 5200.01), CMMC, and other relevant government acquisition regulations (FAR/DFARS).
- Collaborating extensively with technical subject matter experts (SMEs), legal teams, compliance officers, program managers, and senior leadership to gather requirements, validate technical accuracy, and achieve consensus on policy implementation.
- Conducting thorough gap analyses between existing documentation, regulatory requirements, and operational practices, recommending and developing new policies or updates to mitigate identified risks.
- Translating complex technical cybersecurity concepts and requirements into clear, understandable, and actionable policy language for diverse audiences, from technical staff to non-technical leadership.
- Establishing and maintaining robust document control processes, versioning, and repositories to ensure accessibility, accuracy, and auditability of all security documentation.
- Providing expertise and support during internal and external audits, assessments, and Authorization to Operate (ATO) processes by presenting and defending policy documentation.
- Staying abreast of evolving cybersecurity threats, technologies, and regulatory changes, proactively recommending updates to policies and procedures to maintain an agile and effective security posture.
Required Qualifications:
- Minimum of 8+ years of direct experience in developing, writing, and managing cybersecurity policies, standards, and procedures for large enterprise or government organizations.
- Demonstrated expertise with federal cybersecurity frameworks and regulations (e.g., NIST RMF, FISMA, DoD 8500.01, DoDM 5200.01, CMMC).
- Proven experience in stakeholder engagement and consensus-building for policy adoption. Skills: Exceptional written and verbal communication skills, with a keen eye for detail, grammar, and clarity.
- Strong analytical and critical thinking abilities to interpret complex technical and regulatory information. Proficiency with Microsoft Office Suite (Word, Excel, PowerPoint) and document management systems.
- Ability to work independently and collaboratively in a fast-paced, dynamic environment.
- A Bachelors degree in a relevant field or 3+ years of relevant experience in lieu of degree.
- US Citizenship and an active Top Secret security clearance with SCI eligibility.
Preferred Qualifications
- Master's degree in a relevant field.
- Relevant professional certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Control), or CIPP/G (Certified Information Privacy Professional/Government). Experience with Governance, Risk, and Compliance (GRC) tools and platforms.
- Familiarity with cloud security policies (e.g., FedRAMP, AWS/Azure Government security best practices).
- Experience supporting Authorization to Operate (ATO) processes within government environments.
This location is located on Hill AFB in Ogden, Utah. On-site presence is expected 5 days per week. We are hiring for multiple levels, with base salary estimates ranging from $120,000.00 - $170,000.00, commensurate on experience and technical skillset.
We are strictly looking for direct, full-time W2 employees. We do not engage with third-party staffing agencies, C2C, or 1099 independent contractors for this role.
We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.
Skills Required
- Minimum 8+ years developing, writing, and managing cybersecurity policies, standards, and procedures for large enterprise or government organizations
- Demonstrated expertise with federal cybersecurity frameworks and regulations (NIST RMF, NIST SP 800-53, 800-171, CSF), FISMA, CMMC, DoDI 8500.01, DoDM 5200.01, FAR/DFARS
- Proven stakeholder engagement and consensus-building for policy adoption; exceptional written and verbal communication skills
- Strong analytical and critical thinking to interpret complex technical and regulatory information and translate into clear policy language
- Proficiency with Microsoft Office Suite (Word, Excel, PowerPoint) and document management systems
- Ability to work independently and collaboratively in a fast-paced, dynamic environment
- Bachelor's degree in a relevant field or 3+ years of relevant experience in lieu of degree
- US Citizenship
- Active Top Secret security clearance with SCI eligibility
- On-site presence 5 days per week at Hill AFB, Ogden, Utah
- Direct full-time W2 employment only (no third-party staffing, C2C, or 1099 contractors)
- Master's degree in a relevant field
- Relevant certifications such as CISSP, CISM, CRISC, or CIPP/G
- Experience with Governance, Risk, and Compliance (GRC) tools and platforms
- Familiarity with cloud security policies (FedRAMP, AWS/Azure Government security best practices)
- Experience supporting Authorization to Operate (ATO) processes within government environments
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
