Security Training and Awareness Manager
About The Position
Peraton seeks innovative professionals who thrive in mission-critical environments and are passionate about protecting our national critical infrastructure. This is your chance to make an impact on one of the nation’s vital organizations, working alongside leaders in cybersecurity engineering, operations, forensics, threat analysis, data science, and systems integration. Join Peraton in supporting a large critical infrastructure operator to defend its corporate and operations networks from nation-state attacks, ensure the confidentiality, integrity, and availability of its systems and operations infrastructure, and comply with federal and industry cybersecurity regulation. As a security training and awareness manager working with a state-of-the-art 24-hour Cybersecurity Operations Center (CSOC), you will be responsible for working with the company’s corporate cybersecurity training organization and its current phishing campaign vendor to develop, implement, and manage the organization’s security training and awareness program by contributing key learnings observed from the CSOC perspective. This role ensures employees understand cybersecurity risks, follow security best practices, and actively contribute to protecting organizational systems and data.
Requirements
- 5 years with BS/BA; 3 years with MS/MA; 0 years with PhD
- U.S. Citizenship Required
- Must have the ability to obtain / maintain a DOE L Level or DOE Secret clearance
- Degree in cybersecurity, information technology, or computer science, communications or related field
- 5 years of experience with BS/BA; 3 years with MS/MA
- Experience in designing and delivering cybersecurity training and awareness programs
- Understanding of industry cybersecurity standards such as FISMA, NIST 800 series, ISO 27001 and regulatory compliance requirements
- Strong time-management, organizational, and prioritization skills
- Excellent verbal and written communication skills, with the ability to clearly convey technical concepts to audiences with varying levels of technical expertise.
- Strong analytical and problem-solving skills
Nice To Haves
- Hold technical and/or cybersecurity certification such as CISSP, CISM, CISA, SSAP, GIAC, CompTIA Security+
- A master’s degree in computer science, engineering, cybersecurity, information technology, or related field
Responsibilities
- Work with the company’s corporate cybersecurity training organization to design, implement, modify, and maintain a comprehensive cybersecurity training and awareness program for employees and contractors
- Contribute to the company’s cybersecurity training and awareness program and training material by providing insights into cybersecurity incidents reported to our detected by the CSOC
- Assist with the development of role-based security training for technical and non-technical staff
- Assist with the creation and delivery of engaging awareness content (training modules, briefings, newsletters, campaigns) including recommending development of tests and visual aids, criteria for evaluating effectiveness of cybersecurity training activities
- Work with the company’s current phishing campaign vendor to conduct and oversee phishing simulations and social engineering awareness activities and analyze cybersecurity training metrics and user behavior to measure program effectiveness and make recommendations for improvements
- Collaborate with cybersecurity, IT, HR, and compliance teams to align training with organizational risk
- Work with the company’s corporate cybersecurity training organization to ensure training content aligns with applicable security frameworks, policies, and regulations
- Support audit and compliance requirements by maintaining relevant records and evidence
- Prepare reports and brief CSOC Manager, internal stakeholders on CSOC findings related to employee caused cybersecurity incidents or vulnerabilities
- Contribute to the development and periodic review of cybersecurity training policies, standards, and guidelines
- Support onboarding and offboarding processes with cybersecurity training content
- Participate in incident response activities by assisting with user communications and post-incident lessons learned
- Collaborate with HR and Legal on acceptable use and code-of-conduct training content
- Support third-party or contractor security awareness requirements as needed
- Assist with tabletop exercises or security drills from an awareness and communications perspective
- Keep abreast of emerging cybersecurity threats and recommend adjustments to training content accordingly
- Provide security awareness guidance to project teams and business units
- Serve as a subject matter resource during audits, assessments, or compliance reviews
- Assist in development and delivery of cybersecurity training workshops to promote awareness of cybersecurity processes and internal controls and to discuss changes in policies with the company’s cybersecurity managers that will improve employee awareness and performance
- Keep abreast of cybersecurity training and development research such as learning theory, motivation theory, and new materials, methods, and techniques.
- Confer with management, employees, and contractors to gain knowledge of work situations requiring cybersecurity training and to better understand changes in policies, procedures, regulations, and technologies
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
5,001-10,000 employees
