Jobs · Information Technology

NIH - Lead Security Policy / Training Manager

cFocus Software Incorporated · Bethesda, MD · 1 wk ago
RemoteRemoteInformation TechnologyFull-time

Qualifications

  • Public Trust Clearance
  • B.S. in Computer Science, Information Technology, or a related field
  • 10+ years of experience in information security, cybersecurity governance, compliance, or security program management
  • 5+ years leading enterprise security policy, governance, or awareness programs
  • Experience supporting Federal civilian agencies or other large enterprise organizations
  • Experience developing information security policies aligned with Federal cybersecurity requirements
  • Experience designing and managing enterprise cybersecurity awareness and training programs
  • Experience supporting executive-level governance initiatives
  • PREFERRED: CISSP, CGRC, CISM, CRISC, GSLC, CIPM, CIPP/US, HCISPP, CPTM, CPTD, or PMP

Duties

  • Lead the development, review, revision, and maintenance of NIH/OD information security policies, standards, procedures, and governance documentation
  • Establish and maintain an enterprise Information Security Policy Management Strategy
  • Ensure policy documentation remains aligned with NIH, HHS, OMB, DHS, NIST, FISMA, Executive Orders, and other Federal cybersecurity requirements
  • Develop governance processes for policy lifecycle management, approval, publication, version control, and annual review
  • Maintain the inventory of all NIH/OD information security policies and supporting documentation
  • Cook up policy reviews with Government stakeholders and technical subject matter experts
  • Monitor emerging Federal cybersecurity legislation, Executive Orders, OMB memoranda, NIST Special Publications, HHS directives, CISA guidance, and other regulatory requirements
  • Analyze the operational impact of new cybersecurity policies affecting NIH/OD
  • Identify compliance gaps and recommend implementation strategies
  • Prepare formal policy analysis reports for NIH leadership
  • Brief executive leadership on regulatory changes and implementation priorities
  • Support strategic planning for future policy adoption
  • Lead and manage the NIH/OD Information Security Awareness Program
  • Develop annual security awareness strategies and implementation plans
  • Design awareness campaigns addressing current cyber threats and user risks
  • Promote a culture of cybersecurity throughout the NIH organization
  • Measure program effectiveness through metrics and user participation
  • Develop continuous improvement initiatives for security awareness
  • Design, develop, coordinate, and oversee enterprise cybersecurity training programs
  • Develop role-based security training for technical and non-technical personnel
  • Cook instructor-led training sessions, webinars, workshops, and awareness events
  • Develop online learning content supporting NIH security objectives
  • Ensure mandatory cybersecurity awareness training meets Federal requirements
  • Evaluate training effectiveness through assessments and feedback

Similar jobs

Security Training Manager

Securitas Global Clients AmericaJeffersonville, OH· 1 mo ago
Human Resources$64k–$65k/yrapply on ekaw.fa.us2.oraclecloud.com

Security Training Manager

Golden Entertainment, Inc.Las Vegas, NV· 4 days ago
Human Resourcesapply on goldenent.wd501.myworkdayjobs.com

Security Training Manager

Securitas Security Services USA, Inc.Jeffersonville, OH· 1 wk ago
Human Resources$64k–$65k/yrapply on ekaw.fa.us2.oraclecloud.com

Security Training Manager

Securitas Security Services USA, Inc.Columbus, OH· 1 wk ago
Human Resources$64k–$65k/yrapply on ekaw.fa.us2.oraclecloud.com