Manager, Information Security Awareness Program

Job Description

Posting Date Feb 25, 2022
Job Number 22022552
Job Category Information Technology
Location Marriott International HQ, 10400 Fernwood Road, Bethesda, Maryland, United States VIEW ON MAP
Brand Corporate
Schedule Full-Time
Relocation? N
Position Type Management
Located Remotely? N
Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. We believe a great career is a journey of discovery and exploration. So, we ask, where will your journey take you?
JOB SUMMARY

Marriott Global Information Security is looking for an Information Security Awareness & Training Manager who is passionate about educating and promoting informative content and initiatives geared towards raising information security awareness across our global workforce. Key work products include managing content and updates for our annual and role-based training courses; running global phishing simulations; designing quarterly security awareness materials (e.g., posters, desktop wallpapers, online content, etc.); preparing educational presentations for business units; organizing and supporting security events; and providing security awareness metrics for reporting to senior management.

CANDIDATE PROFILE

Education & Experience

Required:

• Undergraduate degree, equivalent experience, or certification
• 5+ years’ experience in some or all of the following:
  • Delopment and delivery of communications, marketing and/or learning content
  • Building, running and/or supporting comprehensive training and awareness programs/products
  • Content development in Adobe Illustrator, Photoshop or Canva, and Microsoft PowerPoint

Preferred:

• Undergraduate degree in Marketing, Education, Communications, Business, or Information Security.
• Experience in instructional design, e-learning, and curriculum creation and Learning Management Systems
• Certified Security Awareness Practitioner (CSAP) and/or SANS Security Awareness Professional (SSAP)
• One or more of the following security certifications: CISM, CISMP or CISSP
• Super User/Expert Level Proficiency in Adobe Illustrator, Photoshop or Canva, and Microsoft PowerPoint

CORE WORK ACTIVITIES

INFORMATION SECURITY AWARENESS & TRAINING PRODUCTS

• Design, manage and maintain the suite of information security training and awareness products and tools, including eLearning courses, global phishing exercises, and quarterly awareness materials.
• Ensure annually required Information Security Training is completed by all associates as assigned to ensure compliance with internal policies and regulatory requirements
• Measure effectiveness of awareness tools, such as the Reporting Phishing Button and Quarterly Awareness Materials
• Conduct custom social engineering exercises; adapt and tailor phishing exercises to focus on role-specific requirements
• Partner and collaborate across multiple departments/business units to ensure security policies and standards are being adhered to

INFORMATION SECURITY AWARENESS CAMPAIGNS

• Develop, promote and design user-focused creatives and resources through multiple mediums that are impactful and specific to security awareness; and design and develop communications using various formats and delivery channels.
• Manage, schedule and deliver quarterly awareness campaign, including curating and delivering materials to support awareness and adoption of information security best practices (examples: infographics, tip sheets, microlearning, videos, etc.)
• Plan, schedule, coordinate and deliver annual October Cybersecurity Awareness Month (CSAM) Campaign. Provide and incorporate metrics and lessons learned from previous campaigns for continuous improvement
• Plan, schedule, coordinate and conduct ad hoc security awareness training and events, as requested (examples: roadshows, town halls, webinars, workgroups etc.)
• Maintain and evolve internal digital presence for the Information Security Awareness website on Company Intranet. Source content, write, and/or edit blurbs and short articles, webpages, etc. leveraging internal and external talent to create engaging content.
• Collaborate with company stakeholders on Security Awareness initiatives.

METRICS & REPORTING

• Leverage data to measure the effectiveness of awareness and training products through metrics and surveys; and provide feedback to Leadership in support of further honing our product offerings and accelerate the security culture.
• Work with Metrics Reporting Team to identify metrics that align with the NIST CSF, automate the process for pulling data out of GIS training and awareness tools and into the GIS Reporting Platform. Ensure quality assurance reviews of the data are being performed regularly.

YOU ARE WHO WE ARE LOOKING FOR IF:

• You have exceptional verbal and written communication skills, and an ability to articulate compelling ideas and gain alignment.
• You have an eye for design, and are proficient in Adobe Illustrator, Photoshop and/or Canva.
• You are a strong writer and well-versed in traditional and digital communication practices.
• You are savvy at communicating content to both technical and non-technical audiences, and flex your style to suit the needs of your audience
• You use your creative talent to produce engaging materials in various formats and media, including storyboards and gamification elements.
• You have excellent and active listening skills.
• You are a self-starter with the ability to work independently, as well as be a strong team player.
• You work well in a deadline-driven environment and establish goals to deliver against the objectives of assignments to meet time, budget and quality criteria.

This position requires proof of full vaccination against COVID-19 prior to the first date of employment, subject to applicable law. If you are offered employment, this requirement must be met by your date of hire, unless a reasonable accommodation request is received and approved.

Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.