Cyber Training Awareness Lead

This is a remote role, may require light travel due to job responsibilities

PURPOSE AND SCOPE:

The Cybersecurity Training & Awareness Lead will assist the Sr. Director of Cybersecurity Governance in leading global phishing campaigns and cybersecurity training & awareness actions at Fresenius Medical Care.  This role will actively support the development and implementation of advanced training and simulation strategies, program management and measurement, leading projects designed to continually improve and enhance overall information security posture and resiliency of the company. The individual will help drive critical information security initiatives across the enterprise in support of cybersecurity and privacy tools and policies & procedures.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

• Develops and implements training and awareness campaigns for security & privacy tools, policies & procedures in a rapidly growing environment with cyber threats that are continuously evolving.
• Develops, recommends innovative approaches, evaluates, manages, and executes security & privacy awareness training plans and programs to garner awareness and influence behavior change across the enterprise.
• Manages social engineering and phishing training exercises globally.
• Promotes a highly collaborative approach when working with teams to deliver effective training and awareness.
• Translates complex security requirements into adoptable concepts that staff can easily and quickly absorb.
• Identifies, tracks and produces key program metrics, reports and dashboards to measure the effectiveness of the phishing, training and awareness program.
• Understands and stays current on best practices and guidance to achieving a security and privacy aware workforce.
• Fosters messaging that information security enables business objectives.
• Manages the tactical execution of short- and long-term objectives through the coordination of activities with direct responsibility for results, costs, methods, and staffing.
• Understands compliance requirements with laws and regulations that affect cybersecurity and privacy for the healthcare industry.
• Reconciles discrepancies between various sources (internal tracking, controlled document repositories, staffing reports, training systems, etc)
• Manages and maintains training and awareness documentation (procedures, quick reference guides, training content, storyboards, communications, etc)
• Builds collaborative working relationships with stakeholders across the company.
• Performs work both based on specific instructions and independently when new or unusual situations arise.
• Leads and/or assists with various training & awareness projects as assigned by direct supervisor.
• Performs other training & awareness duties as assigned.

PHYSICAL DEMANDS AND WORKING CONDITIONS:

• The physical demands and work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

SUPERVISION:

• May be responsible for the direct supervision of various levels of training staff.

EDUCATION:

• Bachelor’s degree in management information systems, Computer Science, or business/science related field required.

EXPERIENCE AND REQUIRED SKILLS:

• 8-10 years of related experience with phishing campaigns and creating cybersecurity awareness across IT and business units
• Ability to operate as a pro-active and result-driven problem solver with excellent analytical and interpersonal skills.
• Ability to understand IT processes, management objectives risk appetite and tolerances and impact of objectives, risk appetite and tolerances and impact of changes to risk profiles.
• CISA, CISSP, CRISC, or other relevant certification(s) desired.
• Strong client services orientation and communication skills coupled with a high sense of urgency to keep appropriate partners informed, including solutions to overcome obstacles to deliver to expectation.
• Strong understanding of risk management, integration with enterprise risk management and business strategy.
• Experience in IT governance, risk, and controls, including governance frameworks.
• Demonstrated technical writing, communication, and presentation skills.
• Ability to work effectively in an highly collaborative and inclusive team environment. 
• Creativity in addressing technical challenges. 
• Proven record to deliver results.

EO/AA Employer: Minorities/Females/Veterans/Disability/Sexual Orientation/Gender Identity 

Fresenius Medical Care North America maintains a drug-free workplace in accordance with applicable federal and state laws. 

EO/AA Employer: Minorities/Females/Veterans/Disability/Sexual Orientation/Gender Identity

Fresenius Medical Care North America maintains a drug-free workplace in accordance with applicable federal and state laws.