Information Security Awareness Program Manager

About the position

The Information Security Awareness Program Manager at Rice University is responsible for developing, implementing, and managing information security awareness programs aimed at educating the campus community about information security risks, policies, and best practices. This role requires creativity and proactivity in designing training materials and campaigns that effectively communicate complex security concepts in an engaging manner. The position is hybrid, allowing for both in-office and remote work, and is full-time with benefits.

Responsibilities

• Develop and execute a comprehensive security awareness program tailored to the organization's needs and risk profile.
• Create engaging training materials, including presentations, videos, infographics, newsletters, and e-learning modules.
• Conduct regular security awareness training sessions and workshops for campus personnel at all levels.
• Collaborate with various departments to ensure security awareness content is relevant and aligned with current threats and organizational policies.
• Design and implement phishing simulation campaigns to assess employees' susceptibility to social engineering attacks.
• Monitor and evaluate the effectiveness of security awareness initiatives through metrics, surveys, and feedback.
• Stay current with the latest security threats, trends, and best practices to continuously improve the security awareness program.
• Serve as a point of contact for employees regarding security-related questions and concerns.
• Assist in the development and dissemination of security policies, procedures, and guidelines.
• Participate in incident response activities and provide awareness training related to specific incidents when necessary.
• Plan, coordinate, and execute a comprehensive campaign for National Cybersecurity Awareness Month (NCSAM).
• Organize and coordinate Information Security Office Open Houses and Symposiums.

Requirements

• Bachelor's Degree in a related field or equivalent experience.
• 3 years of experience in information security with a focus on security awareness, training, and education programs.
• Strong technical background in Information Security methodologies, Internet (TCP/IP) protocols, and network architecture/hardware.
• Excellent oral and written communication skills, interpersonal communication, and collaborative skills.
• Strong organizational and project management skills.

Nice-to-haves

• At least a Bachelor's degree in a related field.
• Security certifications such as CISSP, Security+, GCIH, and CEH.
• Experience working in an institution of higher education.
• Hands-on experience in IT Security Compliance and Security Operations.
• Experience developing and delivering security awareness programs and training materials.
• Proficiency in using e-learning security awareness tools.
• Experience with phishing simulation platforms and tools.

Benefits

• Health insurance
• Dental insurance
• Vision insurance
• 401k retirement plan
• Paid holidays
• Flexible scheduling
• Professional development opportunities
• Tuition reimbursement