Apply on Employer Site

BankUnited · 1 day ago

IS Education and Awareness Program Manager

Hialeah, FL

Full-time

Onsite

Mid Level

3+ years exp

BankUnited is seeking an IS Education and Awareness Program Manager responsible for developing and delivering the company's security education and awareness program. This role aims to create a security-positive culture and involves collaborating with various teams to enhance education and awareness activities related to information security.

BankingFinanceFinancial Services

Diversity & Inclusion

Responsibilities

Establish and maintain a comprehensive Information Security Education and Awareness strategy and program that targets employees' behavior to become more security conscious and aligns with emerging CISO needs

Leadership and oversight of the Security Education and Awareness Program, including risk identification, content development, program road map and collaboration with teams across IT / IS to leverage the right communication mediums, training and education, and speaking engagements

Asset top human risk to our company and the employee behaviors that need to change to mitigate those risks

Create and manage Information Security Education and Awareness training programs for employees and contractors making sure the security programs comply with applicable regulations and policies, to minimize risk and mitigate / resolve audit findings

Actively partner with other business areas, e.g. Compliance, Fraud, HR to drive the right messages under a shared security-focused campaign and brand to enhance education and awareness activities

Collaborate with the CISO organization (Access & Identity, Cyber Threat Unit, and Risk Management) to enhance Information Security Education and Awareness training activities

Effectively measure and regularly report on the effectiveness of security education and awareness programs and delivery methods

Develop, collect, analyze metrics for education and awareness campaigns in terms of reach, impact, and change in behavior to determine effectiveness and influence strategy/direction

Determine the frequency of cybersecurity related education and awareness activities to achieve the greatest impact

Support cybersecurity education and awareness efforts across the employee population including executives

Develop targeted communications to stakeholders on identified cybersecurity related topics as needed

Conduct analysis and research of cybersecurity capabilities that improve the education and awareness programs and expand security messaging

Lead, develop, and execute cybersecurity related education and awareness activities leveraging a variety of teaching and delivery methods

Provide support and security-related information as needed to business unit stakeholders

Promote and communicate information security education and awareness within the organization

Perform additional duties, as assigned

Adheres to and complies with applicable, federal and state laws, regulations and guidance, including those related to anti-money laundering (i.e. Bank Secrecy Act, US PATRIOT Act, etc.)

Adheres to Bank policies and procedures and completes required training

Identifies and reports suspicious activity

Qualification

Information Security ManagementSecurity Education ProgramsCISSP CertificationCISM CertificationInformation Technology ExperienceRegulatory Compliance KnowledgeAnalytical SkillsInterpersonal SkillsCommunication SkillsAdobe Creative SoftwareMicrosoft Office SuiteLeadership SkillsProject Management

Required

Bachelor's Degree required in Information Security Management or equivalent work experience required

3 - 5 Years of Information Technology or Information Security experience required

Experience authoring information security policies, standards, and guidelines required

Must be committed to incorporating security into all decisions and daily job responsibilities

Strong interpersonal skills and professionalism to foster collaboration, increased education and awareness and promote a cybersecurity savvy workforce

Requires good analytical skills with experience creating a security education and awareness strategy and implementing the program to carry out the strategy

Strong knowledge of core Information Security concepts related to Governance, Risk & Compliance

Broad knowledge IS policies, standards and guidelines

Broad understanding of best practice control frameworks and regulatory requirements such as GLBA and ISO 27001/2

Demonstrated understanding of internal security controls

Effectively collaborates with leaders at multiple levels across disciplines

Good business acumen, ability to understand the potential impact of non-compliance on the business

Solid management, leadership and mentoring skills

Possess strong writing, verbal communication and presentation skills

Ability to perform multiple projects simultaneously

Working knowledge of Adobe Creative software (Fireworks, InDesign, Photoshop, Illustrator, After Effects, Audition)

Working knowledge of Microsoft Word, Excel, PowerPoint, Publisher and Visio