Security Awareness Specialist (PCK333-214073) Houston, Texas
*Develop, support and maintain AIG Information Security Awareness program elements.
*Develop, support and maintain team workspaces on SharePoint platform for supporting awareness and communications channels withing the Information Security, Compliance and Risk departments and our customers.
*Consult with Senior Managers to identify, research, develop and deliver support, training and other human performance initiatives in support of organizational strategic goals, technology deployment and business process changes.
*Partner with managers to analyze and determine training and organizational development needs and administer plans, procedures and programs to meet global information security, risk and compliance awareness needs.
*Periodically conducts needs analysis to determine what types of awareness efforts are needed to accomplish compliance and organizational interests. Plan and conduct departmental marketing and internal publicity efforts.
*Designs, develops and provides training materials for internal processes, tools and technologies.
*Designs, develops and measures the effectiveness of information security training and awareness materials provided to new hires, employees, contractors, consultants and other who have access to sensitive information or systems.
*Develop courses that incorporate instructional design best practices using appropriate technology to deliver content.
*Continually enhance knowledge/skills through professional development activities such as reading, formal/informal education, training classes, workshops. Develop and coach team members.
*Coordinate with IT and the business stakeholders to ensure effective communication, awareness and training referencing the companies IT Security Risk and Compliance policies and standards and other supportive authoritative sources (regulations, frameworks, industry standards) at an enterprise level as appropriate
*Maintain the applicable process documentation for area's procedures
*Work with the business information security representatives to ensure effective communication of regulatory impacts and risks.
*Have a thorough understanding of the IT policies and standards and IT policy lifecycle management process
Review divisional standards to ensure alignment and support of corporate policies and standards in the awareness programs and provide constructive feedback
*Understand potential Business and IT risks, Provide recommendations for supporting business success while complying with regulatory requirements
*Work with corporate and business unit IT security and compliance representatives to improve process, technology and communications awareness
*Support periodic reports, KPIs and metrics regarding security awareness efforts, changes and processes; including action plan closure status, schedule, and trends
*Monitors and evaluates new Information Security related events (e.g. legislation, new regulations, new threats, vulnerabilities) and provides management with recommendations dealing with appropriate awareness related efforts
*Support and manage forums for FAQs and Interpretations of Information Security requirements.
*Applicable trade or technical school, Associates or Bachelor's degree in business, accounting, finance, computer science, information systems, engineering, communications, or a related discipline; or equivalent.
*3+ years of experience with learning resources, communications, records management, electronic content management, compliance management or audit experience
*Operational experience with project or technical aspects learning resource systems, general IT, Content management or internal awareness training programs.
*Previous work experience in a highly regulated industry (Financial, Medical, Insurance, etc.)
*Experience with SCORM compliant learning systems
Extensive experience with Word, PowerPoint, Excel, Project and HTML
*Excellent written and verbal communications, effective interpersonal skills, strong formal presentation abilities
*Certifications that will be favorably considered include: ASTD, CISSP, CISM, CISA.