Research, draft, and analyze policies to ensure alignment with stakeholder needs, subject matter experts, industry standards, and organizational goals.
Conduct gap analyses against industry frameworks and regulatory requirements, to recommend policy enhancements.
Collaborate with security engineers, compliance officers, and business managers to ensure policies are both technically sound and operationally practical.
Translate technical security concepts into clear, concise, and accessible documentation for diverse audiences.
Collaborate with stakeholders to update CISO policies for annual lifecycle updates.
Review and contribute to policies and standards for groups outside of CISO.