NIH Lead Security Policy Training Manager


Job Location:

Bethesda, MD - USA

Monthly Salary: Not Disclosed
Posted on: 2 days ago
Vacancies: 1 Vacancy

Job Summary

cFocus Software seeks a Lead Security Policy / Training Manager to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
  • Public Trust Clearance
  • B.S. Computer Science Information Technology or a related field
  • 10 years of experience in information security cybersecurity governance compliance or security program management.
  • 5 years leading enterprise security policy governance or awareness programs.
  • Experience supporting Federal civilian agencies or other large enterprise organizations.
  • Experience developing information security policies aligned with Federal cybersecurity requirements.
  • Experience designing and managing enterprise cybersecurity awareness and training programs.
  • Experience supporting executive-level governance initiatives.
  • Preferred certifications: CISSP CGRC CISM CRISC GSLC CIPM CIPP/US HCISPP CPTM CPTD or PMP

Duties:
  • Lead the development review revision and maintenance of NIH/OD information security policies standards procedures and governance documentation.
  • Establish and maintain an enterprise Information Security Policy Management Strategy.
  • Ensure policy documentation remains aligned with NIH HHS OMB DHS NIST FISMA Executive Orders and other Federal cybersecurity requirements.
  • Develop governance processes for policy lifecycle management approval publication version control and annual review.
  • Maintain the inventory of all NIH/OD information security policies and supporting documentation.
  • Coordinate policy reviews with Government stakeholders and technical subject matter experts.
  • Monitor emerging Federal cybersecurity legislation Executive Orders OMB memoranda NIST Special Publications HHS directives CISA guidance and other regulatory requirements.
  • Analyze the operational impact of new cybersecurity policies affecting NIH/OD.
  • Identify compliance gaps and recommend implementation strategies.
  • Prepare formal policy analysis reports for NIH leadership.
  • Brief executive leadership on regulatory changes and implementation priorities.
  • Support strategic planning for future policy adoption.
  • Lead and manage the NIH/OD Information Security Awareness Program.
  • Develop annual security awareness strategies and implementation plans.
  • Design awareness campaigns addressing current cyber threats and user risks.
  • Promote a culture of cybersecurity throughout the NIH organization.
  • Measure program effectiveness through metrics and user participation.
  • Develop continuous improvement initiatives for security awareness.
  • Design develop coordinate and oversee enterprise cybersecurity training programs.
  • Develop role-based security training for technical and non-technical personnel.
  • Coordinate instructor-led training sessions webinars workshops and awareness events.
  • Develop online learning content supporting NIH security objectives.
  • Ensure mandatory cybersecurity awareness training meets Federal requirements.
  • Evaluate training effectiveness through assessments and feedback.

Required Experience:

Manager

cFocus Software seeks a Lead Security Policy / Training Manager to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.Qualifications:Public Trust ClearanceB.S. Com...

About Company

Company Logo

Our exclusive ATO as a Serviceā„¢ software & expert services automate FISMA RMF & FedRAMP compliance.

View Profile View Profile