Director, Information Security Awareness and Training
Director, Information Security Awareness and Training
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 180000 - 225000
1 Vacancy
Job Description
The Director of Information Security Awareness and Training is responsible for developing implementing and managing security awareness and training programs across the organization. The Director will lead a comprehensive approach to building a security-conscious culture and drive behavioral change initiatives. This role combines strategic vision with hands-on program development to protect the organizations information assets through effective employee education and engagement. This leader will manage a small team and will need to establish strong cross-functional relationships with high trust across the enterprise to be effective.
Key Responsibilities
Program Development and Management
Design implement and maintain enterprise-wide security awareness and training programs
Establish metrics to measure program effectiveness
Develop annual training calendars and curriculum roadmaps aligned with organizational needs
Be accountable for ensuring our spend on security awareness and human-centric security is highly effective
Strategic Leadership
With executive leadership align security awareness initiatives with business objectives
Build strategic partnerships across IT P&O Legal Compliance Corporate Communications and other departments to integrate security awareness into organizational processes
Drive organizational culture change related to security
Influence security behavior change
Stay current with emerging threats and evolving security best practices to keep guidance timely and relevant
Establish relationships with industry groups and security awareness communities
Security Innovation Leadership
Research innovative training and awareness approaches (gamification VR/AR Advanced Technologies etc.) and implement where applicable to maximize engagement and knowledge retention
Identify and evaluate emerging security awareness technologies
Content Creation and Delivery
Lead creation of engaging relevant security awareness content across multiple formats (e-learning videos newsletters etc.)
Oversee the development of role-based training materials tailored to different departments and risk profiles
Review and modernize phishing and social engineering training programs
Risk Management and Compliance
Ensure security awareness initiatives and training programs meet regulatory requirements (GDPR CCPA PCI DSS etc.) and Sony requirements
Conduct regular assessments to identify knowledge gaps and security behavior risks
Develop remediation strategies for identified awareness gaps
Ensure the integration of awareness metrics into the information security risk management framework
Prepare reports for leadership on program effectiveness and compliance status
Translate technical security concepts into business risk language for executive audiences
Qualifications
Education and Experience
Bachelors degree in Information Security Computer Science Communications or related field or equivalent experience
8 years of experience in Learning and Development or Communications
3 years focus on security awareness and training
3 years managing others
Proven record developing and implementing successful security awareness programs
Technical Knowledge
Strong understanding of information security principles frameworks and best practices
Knowledge of relevant regulations and compliance requirements
Familiarity with learning management systems and awareness platforms
Experience with security awareness program management and analytics tools and technologies
Skills and Competencies
Excellent communication and executive presentation skills
Strong leadership and team management abilities
Creative approach to education and behavior change
Change management and organizational development expertise
Ability to influence across organizational boundaries
Data analysis skills to measure program effectiveness
Project management expertise
Certifications (preferred)
Security awareness specific certifications (SANS GIAC Security Awareness etc.)
Adult learning or instructional design certifications (CPTM etc.)
CISSP CISM or equivalent security certification
Working Conditions
Full-time position with minimum 4 days onsite
May require occasional travel for conferences training events or multi-site program implementation
Ability to adapt to rapidly evolving security threat landscape and business priorities
Success Criteria
Measurable improvement in security awareness metrics across the organization
Reduction in security incidents related to human behavior
High engagement rates with security awareness content
Successful compliance with relevant security standards and regulations
Positive feedback from stakeholders and program participants
Actively contribute to a positive team environment through participation in team activities knowledge sharing and colleague support.
Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race color religion sex national origin disability veteran status age sexual orientation gender identity or other protected characteristics.
SPE will consider qualified applicants with arrest or conviction records in accordance with applicable law.
To request an accommodation for purposes of participating in the hiring process you may contact us at
Required Experience:
Director
Employment Type
Full-Time
