I am Arief from Technogen Inc, looking for Security/Privacy Training Awareness Subject Matter Expert (SME) for one of our clients. Below is the job description for your review.
Please let me know if you would be interested and share your updated resume.
You can reach me arief.m@technogeninc.com or else call me on 703 763 0009
Security/Privacy Training Awareness Subject Matter Expert (SME)
Crownsville, MD- Hybrid(1-2days/week onsite)
Duties and Responsibilities-
SME that thoroughly understands training/training programs and policies/processes around security awareness with the ability and experience to support development of such.
This resource will play an integral role in the establishment of the policies, processes, and procedures supporting Statewide security awareness training, with key areas of focus on program improvements and effective methods of communications/outreach. The resource will provide support to existing organizational security training management and connect with Statewide training managers. The SME may also be responsible for the development of requirements and scope for a solicitation (Request for Proposal (RFP)) for the Security Awareness training solution. Additional job requirements are:
Review and/or develop a Statewide policy that establishes the requirements, scope, roles, responsibilities, and management commitment for security awareness and training, including privacy awareness of training ("training") that is congruent with State and Federal laws, executive orders, directives, regulations, policies, standards, and guidelines.
Review and/or develop standards and procedures for the dissemination of training materials that includes
a. Initial training for new employees;
b. Periodic training, including security training at least six times each year and privacy training at least two times each year; and
c. Training based on current-events or incident lessons-learned, at least two times per year.
Review and/or develop standards and procedures for the creation, dissemination, and updating of role-based training materials.
Develop a methodology or mechanism to ensure that training records are associated with the specific user.
Review and/or develop standards and procedures to evaluate the effectiveness of the training program.
Review and/or develop processes to conduct periodic phishing simulations for all users, to be included with the training record for each user.
Review and/or develop processes to conduct periodic security training assessments for all users, to be included with the training record for each user.
Provide recommendations on key metrics to monitor for ensuring the effectiveness of the program.
Develop a list of requirements to be included in an upcoming RFP for security training and support the development of the RFP.
Resource Qualification and Experience
Education and Years of Experience: A Bachelor's Degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline. A Master's Degree is preferred. Must have seven (7) years of experience in the IT field.
Required Skills/Certifications:
Manage and provide direct work products for security awareness training programs.
Develop policies, processes, and procedures with the ability to translate information to respective documentation.
Develop system related requirements for solicitations
Ability to communicate and coordinate well with others, inclusive of good written and oral skills.