Sr. Manager, Security Awareness in Raleigh, NC at Advance Auto Parts

Date Posted: 10/11/2018

Career Snapshot

Career Description

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age national origin, religion, sexual orientation, gender identity, status as a veteran and basis of disability or any other federal, state or local protected class:

The Office of Information Security is looking for people who deeply understand information security and are dissatisfied with the state of the art. We are building a team of people who are pragmatic and visionary at the same time: who can take strong executive support and a strategic commitment to transformation, and run with that to build something better and smarter. We are looking for those agents of change, people willing and able to leave a mark not just on a Fortune500 company, but on an entire industry.

The Senior Manager, Security Awareness and Training, manages the training, awareness, and communications functions for information security across the enterprise.  The Senior Manager partners with fellow Information Security team members and cross-functional members to create, develop, socialize, and implement both targeted and wide-scale awareness and training initiatives, and also designs and implements active campaigns such as phishing tests. 

 

ESSENTIAL DUTIES AND RESPONSIBILITIES:

  • Evaluates, develops, and delivers information security training/education courses based on needs of the business and best practices, with the intent of shaping and driving cultural change and individual development.
  • Delivers training sessions across the organization to key stakeholders.
  • Create interactive learning exercises to create an effective learning environment.
  • Develops, designs, and coordinates training and awareness materials across various media (i.e., web sites, handouts, flyers, posters, promotional materials) for various audiences to increase awareness of information security concepts.
  • Works in close collaboration with subject matter experts to draft written correspondence, monthly newsletters and memos for employee and external stakeholders to keep them informed of cybersecurity developments.
  • Advises on content and drafts security content as part of event/crisis management and response. 
  • Manages and implements phishing tools and enterprise-wide anti-phishing training campaigns.
  • Designs and develops security awareness training goals and metrics; reports on effectiveness of the program.
  • Works independently and leads assignments of medium complexity.
  • Conduct learning needs assessments and identify requirements.
  • Develop or assist in the development of training policies and protocols for information security.

Career Requirements

Education: Bachelors required; graduate level degree preferred. Disciplines desired include Communications, Education, Writing, Business, or Information Technology.

Certification: Writing and Presentation certifications desired. Technical IT certifications a bonus.

Experience:

  • 5+ years of experience managing information security awareness functions or proven experience in training role
  • Retail-centric and/or large-company IT Security Awareness/Management skills preferred
  • Past experience with the International Association of Security Awareness Professionals (IASAP) a plus.

Knowledge, Skills & Abilities:

  • Highly developed communication skills, both verbal and written.
  • Strong practical understanding of education and training methodologies
  • Strong analytical and multi-tasking skills, writing proficiency and visual design skills, problem solving and decision-making skills.
  • Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors, IT-business personnel.
  • Strong understanding of phishing and social engineering issues and tools.
  • Knowledge in information security principles, including risk assessment and management, threat and vulnerability management, and identity and access management.
  • Working knowledge of security awareness policies, standards and operating procedures in large organizations relating to information security risk.
  • Understanding of cyber security trends and events.
  • Ability to exercise sound judgment in complex situations.
  • Strong customer/client focus, with the ability to manage expectations appropriately, provides a superior customer/client experience and builds long-term relationships.
  • Ability to work well under minimal supervision.

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age national origin, religion, sexual orientation, gender identity, status as a veteran and basis of disability or any other federal, state or local protected class.