NIH Lead Security Policy Training Manager
Job Location:
Bethesda, MD - USA
Monthly Salary:
Not Disclosed
Posted on:
2 days ago
Vacancies:
1 Vacancy
Job Summary
cFocus Software seeks a Lead Security Policy / Training Manager to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
Duties:
Qualifications:
- Public Trust Clearance
- B.S. Computer Science Information Technology or a related field
- 10 years of experience in information security cybersecurity governance compliance or security program management.
- 5 years leading enterprise security policy governance or awareness programs.
- Experience supporting Federal civilian agencies or other large enterprise organizations.
- Experience developing information security policies aligned with Federal cybersecurity requirements.
- Experience designing and managing enterprise cybersecurity awareness and training programs.
- Experience supporting executive-level governance initiatives.
- Preferred certifications: CISSP CGRC CISM CRISC GSLC CIPM CIPP/US HCISPP CPTM CPTD or PMP
Duties:
- Lead the development review revision and maintenance of NIH/OD information security policies standards procedures and governance documentation.
- Establish and maintain an enterprise Information Security Policy Management Strategy.
- Ensure policy documentation remains aligned with NIH HHS OMB DHS NIST FISMA Executive Orders and other Federal cybersecurity requirements.
- Develop governance processes for policy lifecycle management approval publication version control and annual review.
- Maintain the inventory of all NIH/OD information security policies and supporting documentation.
- Coordinate policy reviews with Government stakeholders and technical subject matter experts.
- Monitor emerging Federal cybersecurity legislation Executive Orders OMB memoranda NIST Special Publications HHS directives CISA guidance and other regulatory requirements.
- Analyze the operational impact of new cybersecurity policies affecting NIH/OD.
- Identify compliance gaps and recommend implementation strategies.
- Prepare formal policy analysis reports for NIH leadership.
- Brief executive leadership on regulatory changes and implementation priorities.
- Support strategic planning for future policy adoption.
- Lead and manage the NIH/OD Information Security Awareness Program.
- Develop annual security awareness strategies and implementation plans.
- Design awareness campaigns addressing current cyber threats and user risks.
- Promote a culture of cybersecurity throughout the NIH organization.
- Measure program effectiveness through metrics and user participation.
- Develop continuous improvement initiatives for security awareness.
- Design develop coordinate and oversee enterprise cybersecurity training programs.
- Develop role-based security training for technical and non-technical personnel.
- Coordinate instructor-led training sessions webinars workshops and awareness events.
- Develop online learning content supporting NIH security objectives.
- Ensure mandatory cybersecurity awareness training meets Federal requirements.
- Evaluate training effectiveness through assessments and feedback.
Required Experience:
Manager
About Company
Our exclusive ATO as a Service⢠software & expert services automate FISMA RMF & FedRAMP compliance.