Senior Manager, Security Policy and Training
Austin (Oakhill, Office)
NXP Semiconductors
Policy Development and Management:
- Develop, review, and update security policies, standards, and procedures to ensure they align with industry best practices and regulatory requirements.
- Collaborate with cross-functional teams to ensure policies are effectively communicated and enforced throughout NXP.
Training Program Development:
- Design, develop, and deliver comprehensive security training programs for employees at all levels of the organization.
- Utilize various training methods, including e-learning modules, in-person training sessions, and workshops, to ensure engagement and knowledge retention.
Security Awareness Initiatives:
- Create and implement a robust security awareness program that includes regular communications, campaigns, and events to promote security best practices.
- Develop engaging content such as newsletters, posters, videos, and intranet articles to raise awareness about security threats and how to mitigate them.
Stakeholder Engagement and Communication:
- Act as the primary point of contact for security policy and awareness matters, engaging with senior leadership and key stakeholders to ensure alignment and support.
- Present regular updates on the status and effectiveness of security policies and training programs to the executive team and other stakeholders.
Risk Assessment and Compliance:
- Assist GRC team in regular risk assessments and audits to identify gaps in security policies and training programs.
- Ensure compliance with relevant laws, regulations, and industry standards, and prepare reports for regulatory bodies as needed.
Continuous Improvement:
- Stay current with emerging security threats, trends, and technologies, and integrate this knowledge into policy and training updates.
- Continuously evaluate the effectiveness of security policies and awareness programs, making improvements based on feedback and changing needs.
Contextual Understanding:
- Fully grasp the concepts of information security, including cyber threats, intelligence, and political affairs.
- Incorporate this understanding into the development of context-specific training and policy activities.
Job Qualification:
Bachelor's degree in Information Security, Information Technology, Communications, or a related field. A Master's degree is preferred.
7+ years of experience in information security, with a focus on security policy development, training, and awareness.
Proven experience in developing and delivering security training content and awareness programs for large corporate enterprises.
Strong understanding of security frameworks, standards, and regulations (e.g., NIST, ISO 27001, GDPR).
Excellent communication, presentation, and interpersonal skills, with the ability to engage and influence stakeholders at all levels.
Fully understand and grasp the concepts of information security, including cyber threats, intelligence, and political affairs, and incorporate this context into training and policy activities.
Relevant certifications such as CISSP, CISM, or Security+ are highly desirable.
More information about NXP in the United States...
NXP is an Equal Opportunity/Affirmative Action Employer regardless of age, color, national origin, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, marital status, status as a disabled veteran and/or veteran of the Vietnam Era or any other characteristic protected by federal, state or local law. In addition, NXP will provide reasonable accommodations for otherwise qualified disabled individuals.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISM CISSP Compliance GDPR ISO 27001 NIST Risk assessment
Perks/benefits: Career development Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.