Jobs · Information Technology · Texas

Cyber Security Training Awareness Coordinator

Texas Health and Human Services · Austin, TX · 2 wk ago
Information Technology$6k–$9k/moFull-time

Essential Job Functions

  • Manages and operates the HHS Training and Awareness Program. (30%)
    • Provides Security Awareness Training to help ensure employees have a solid understanding of the agency's security policies, procedures, and best practices.
    • Defines, prepares, delivers, and facilitates an ongoing awareness campaign utilizing a wide variety of mediums and delivery mechanisms to effectively and constantly educate the organization on security related information, threats, and technology risks.
    • Counsels on projects to ensure IT staff and non-IT parties understand and follow security policies and standards.
    • Reviews and supplies feedback on the Information Security Plan including risk management, assurance practices, and security services (e.g., plans of actions & milestones).
    • Champions security awareness by helping with educational programs and on-going training and other communication (e.g., CISO SharePoint and website).
    • Supports security and compliance controls through documentation in appropriate tools to ensures that the training awareness program aligns to the enterprise security and compliance requirements.
    • Performs needs assessment of controls and programs related to security awareness and training to identify and assess compliance such as role-based training.
  • Matures the Information Security Program (25%)
    • Acts as a subject matter expert (SME) for the information security assurance program; Consults on projects to ensure IT staff and non-IT parties understand and follow security policies and standards.
    • Monitors and reports on internal and external security threats, research security threats, and recommends to senior staff the appropriate changes to the security program to prevent sensitive agency data from being compromised.
    • Participates in vendor product reviews, evaluations, demonstrations, proofs of concept and implementations.
    • Develops clear, comprehensive, and well-defined information security policies, standards and guidelines that regulate access to the agency's systems and the information included in them.
    • Works with auditors during fieldwork and prepares management responses to Information Security findings identified in audits. Facilitates the development of Information Security action plans related to the security training awareness program.
    • Responds to status requests, special projects, and requests for assistance from internal and external stakeholders.
  • Participates in a team that ensures sensitive data handling systems are in compliance with security controls that enforce agency policy and procedures. (20%)
    • Researches and proposes training process improvements to senior staff.
    • Monitors and reports on internal and external security threats, research security threats, and recommends to senior staff the appropriate changes to the security program to prevent sensitive agency data from being compromised.
    • Participates in vendor product reviews, evaluations, demonstrations, proofs of concept and implementations.
    • Develops clear, comprehensive, and well-defined information security policies, standards and guidelines that regulate access to the agency's systems and the information included in them.
    • Works with auditors during fieldwork and prepares management responses to Information Security findings identified in audits. Facilitates the development of Information Security action plans related to the security training awareness program.
    • Responds to status requests, special projects, and requests for assistance from internal and external stakeholders.
  • Provides leadership to other security analysts in the performance of their duties. (20%)
    • Leads and mentors other security analysts in the performance of their duties. Provides guidance and expertise within assigned specific security domains or knowledge areas to support effective performance of their duties.
    • Buils relationships and partners with business and IT organizations.
    • Develops and maintains effective working relationships with customers, business partners, and other team members.
    • Responds to customer security assessments and audits.
    • Investigates, recommends, and monitors implementation of new security products and services.
    • Acts as a central point of contact for internal and external customers on Information Security training issues.
    • Acts as an escalation point for complex internal and external facing Information Security training support functions.
  • Performs or leads other duties as assigned. (5%)
    • Knowledge of the NIST Special Publications (800 Series) with particular emphasis on the SP 800-53 Security and Privacy Controls for Federal Information Systems & Organizations. Must be able to demonstrate knowledge of control structures and application of controls.
    • Knowledge of the limitations and capabilities of computer systems; of technology across all network layers and computer platforms; of operational support of networks, operating systems, Internet technologies, databases, and security applications; and of information security practices, procedures, and regulations.
    • Knowledge in analyzing, recommending, & developing enterprise-wide security policies, standards, & guidelines within appropriate organizational risk tolerances. Skill in implementing enforcement of security policy within technology solutions.
    • Knowledge of enterprise security program management using Enterprise Governance Risk & Compliance solutions. Demonstrated experience with the implementation & development of business processes in Enterprise Governance Risk & Compliance solutions.
    • Knowledge of effective project management practices & ability to effectively manage multiple priorities within a security function providing services to numerous clients. Has professional presentation skills.
    • Excellent written, verbal communication, and presentation skills.
    • Skill in the operation of computers and applicable software and in configuring, deploying, and monitoring security infrastructure.
    • Skill in evaluating enterprise networks/systems for assurance of control requirements as specified by the IRS Pub.1075, Tax Information Security Guidelines for Federal, State & Local Agencies. Capable of managing control assertion & corrective action plan processes including the coordination of status updates & report submission.
    • Critical thinking and solution development skills.
    • Ability to resolve complex security issues in diverse and decentralized environments, to communicate effectively, and to assign and/or supervise the work of others.
    • Ability to maintain the security and integrity of critical infrastructure systems by preventing unauthorized access and ensuring compliance with laws and regulations related to national security and foreign ownership restrictions

Knowledge, Skills and Abilities (KSAs)

  • Knowledge of the NIST Special Publications (800 Series) with particular emphasis on the SP 800-53 Security and Privacy Controls for Federal Information Systems & Organizations. Must be able to demonstrate knowledge of control structures and application of controls.
  • Knowledge of the limitations and capabilities of computer systems; of technology across all network layers and computer platforms; of operational support of networks, operating systems, Internet technologies, databases, and security applications; and of information security practices, procedures, and regulations.
  • Knowledge in analyzing, recommending, & developing enterprise-wide security policies, standards, & guidelines within appropriate organizational risk tolerances. Skill in implementing enforcement of security policy within technology solutions.
  • Knowledge of enterprise security program management using Enterprise Governance Risk & Compliance solutions. Demonstrated experience with the implementation & development of business processes in Enterprise Governance Risk & Compliance solutions.
  • Knowledge of effective project management practices & ability to effectively manage multiple priorities within a security function providing services to numerous clients. Has professional presentation skills.
  • Excellent written, verbal communication, and presentation skills.
  • Skill in the operation of computers and applicable software and in configuring, deploying, and monitoring security infrastructure.
  • Skill in evaluating enterprise networks/systems for assurance of control requirements as specified by the IRS Pub.1075, Tax Information Security Guidelines for Federal, State & Local Agencies. Capable of managing control assertion & corrective action plan processes including the coordination of status updates & report submission.
  • Critical thinking and solution development skills.
  • Ability to resolve complex security issues in diverse and decentralized environments, to communicate effectively, and to assign and/or supervise the work of others.
  • Ability to maintain the security and integrity of critical infrastructure systems by preventing unauthorized access and ensuring compliance with laws and regulations related to national security and foreign ownership restrictions

Similar jobs

Cybersecurity Trainer

PartnerverseIndiana, United States· 1 mo ago
Information Technologyapply on antiersolutions.keka.com

Cyber Security Instructor

California Institute of Applied TechnologyMassachusetts, United States· 2 mo ago
Information Technology$75k–$80k/yr

Cyber Training Developer

Booz Allen HamiltonFort Meade, MD· 2 days ago
Education$87k–$198k/yrapply on careers.boozallen.com