Role has overall responsibility for creating, delivering and refining Rockwell Automation's security awareness and education programs. Ultimately this person's job is to reduce risk to our organization by ensuring all employees, staff and contractors know, understand and follow our security policies and standards and behave with a security mindset. To ensure alignment between enterprise policy and employee behavior, this role will have primary responsibility for drafting and editing information security-related policies and standards as they relate to security governance. While the role reports to the Director, Security Strategy & Risk, he or she will closely collaborate with other corporate functions such as Corporate Communications and Information Technology, in addition to Business Unit and Functional Security Liaisons. The job will also manage various third-party suppliers of awareness and training materials and services. Candidates for this role are expected to develop and deliver awareness and training materials in person, hands-on, as well as through online Learning Management Systems (LMS), and the corporate communication vehicles. Ideal candidate will work to structure and maintain this program to be long term, so, ultimately, we are not changing just behaviors, but culture.
Scope of Responsibilities
Manage the Information Security Awareness and Training Program
Identify the top human risks to our organization and the behaviors needed to change to mitigate those risks. Develop and maintain a security awareness program that effectively changes these behaviors so our employees act in a secure manner, reducing risk to our organization.
Create a positive program that engages employees, to include focusing on changing behaviors both at home and at work. Ultimately we want our employees to demonstrate the same secure behaviors regardless of where they are or the devices they are using.
Map the formal and informal communication network and channels, identifying creative media options and key stakeholders who serve as influencers to be change champions. Develop delivery vehicles (e.g., SharePoint site, presentations, and campaigns) for target audiences/stakeholders to communicate the cyber-security program direction and changes to stakeholder communities.
Create and manage a metrics framework that effectively measures employee compliance with information security policies.
Maintain a comprehensive Security Awareness strategy that supports the cyber-security organization, programs, and strategic plans.
Translate the emerging threat landscape and firm's evolving cyber-risk posture into clear, relevant and actionable items for a variety of audiences.
Keep abreast of all industry trends and emerging cyber-security threats, weaving this knowledge into communications, training and resource development.
Ensure sufficient stakeholder engagement in change processes in order to anticipate and address program challenges early.
Ensure that our security awareness program meets all industry regulations, standards, and compliance requirements.
Develop and Deploy Information Security Policy and Standards
Conduct research, write and develop policy and standards documents related to information security governance.
Communicate key cyber-security control policies and standards by coordinating efforts with Legal, Compliance, Human Resources, business unit and functional security liaisons.
Encourage employees to move beyond compliance of policies/standards and toward adopting a security mindset.
Provide guidance and support to management on all policy and standards issues.
Coordinate work required across the Policy and Standards team.
Ensure employees and third parties understand, acknowledge, and fulfill all applicable information security policies and standards.
BA in Communications, Marketing, Psychology, or a related field (or relevant experience in these areas).
5+ years of relevant work experience, preferably in either Communications, Marketing, or related fields.
Excellent written English, with proven ability to research and write accessible, clear policy documents and reports for a wide range of audiences.
Ability to form complex communications / messages in a simple, clear and concise manner to the various communities within our organization. This can include different cultures, nationalities, international locations and languages.
An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business and functions.
Excellent interpersonal skills with a high level of diplomacy and political awareness, and ability to work effectively as a member of the CISO team.
Sound working knowledge of Microsoft-based software packages, including Word, Excel, PowerPoint, SharePoint and Outlook.
Strong interest in Information Security or Enterprise Risk Management (ERM).
Experience in technical training or adult education.
Experience marketing internally at a company.
Strong personal project management skills and experience in creating and managing project plans.
Ability to anticipate and manage cultural resistance to changes in the environment.
Metrics and results driven approach.
Ability to plan initiatives that have both short-term, tactical impact, while also moving the organization forward toward longer-term strategic goals.
Understanding of the concepts of information risks and the different elements that make up risk. In addition, have at a minimum a basic understanding of the different concepts of information security.
Experience with common information security management frameworks, such as NIST Cyber Security Framework, NIST 800-171 and NIST 800-53.
Cleveland - Ohio, Milwaukee - Wisconsin
Rockwell Automation, the world's largest company dedicated to industrial automation, makes its customers more productive and the world more sustainable. Throughout the world, our flagship Allen-Bradley and Rockwell Software product brands are recognized for innovation and excellence.
When you choose Rockwell Automation, you join countless talented employees who have helped us establish our leadership position in the automation industry over the past century.
You join a diverse, inclusive and global community with a passion for innovation. A place where you can partner with great minds and inspiring people. And a corporation backed by the financial strength that drives growth and career opportunities.
As much as we focus on our customers, we know our employees are key to our success and future. Helping you develop a rewarding career is a top priority. Because when you succeed, we succeed.
Rockwell Automation is an Equal Opportunity/Affirmative Action employer.
If you are an individual with a disability and you need assistance or an accommodation during the application process, email our Talent Acquisition representative at RAApplicationsupport@ra.rockwell.com.
Download the EEO is the Law poster and the supplement for more information.