GRC Cybersecurity Training Lead

MindPoint Group is looking for a dynamic Cybersecurity Training Lead for Governance, Risk, and Compliance.

Responsibilities

• Lead a team in operating HUD’s cybersecurity training and awareness program
• Serve as primary point-of-contact and liaison with HUD staff for program activities
• Work with the client to develop a prioritized list of training and awareness campaign activities
• Manage review and update of CSAT training, awareness campaign, and ISSO training materials
• Maintain program materials, as needed and as directed by the client, to address new requirements and changes in cybersecurity policy, technology, and culture
• Oversee the program’s lunch and learn training sessions and the ISSO forum/training, including speaker identification and coordination
• Coordinate and facilitate the client’s annual Incident Response and Contingency Planning tabletop exercise
• Support reporting activities for training that is not maintained within the LMS (i.e., contractor CSAT, specialized training)
• Work collaboratively with Instructors, Facilitators, Instructional Designers (ISD), Multimedia Designers, Testing Specialists, Programmers, Infrastructure Support, and other team members to develop and/or update Learning objectives and conduct content development tasking.
• Provide draft content input to Instructional Designers for storyboards, flow diagrams, instructor materials, student materials, and other training-related deliverables to assist in designing and developing complex, technically accurate, and instructionally sound learning solutions using a variety of delivery methods.
• Create scenarios and cumulative virtual practical exercise environments that mimic a real-world experience and provide learners an opportunity to demonstrate concepts presented in the course.
• Research, develop, and refine content to be applied in interactive eLearning solutions of a technical nature.
• Participate in course reviews and provide recommendations for course improvements
• Use technologies, techniques, and tools to develop and execute content including, but not limited to, Virtual Machines (VM), XML, Networking, Windows, Unix, Security Concepts, HTML, scripting, Perl, Python, etc.
• Work with subject matter experts to ensure that training content is accurate and up-to-date.
• Generate and develop training content and practical exercises identified to meet the Department's Cybersecurity Training and Awareness program.
• Coordinate with component coordinators to make training content available to component users.
• Generate and develop training content and practical exercises that simulate a phishing attack on Components.
• Manages and administers processes and tools that enable the department to identify, document, and access intellectual capital and information content.
• Perform Task Analysis on newly developed software as required.
• Develop/Design content/courses incorporating technology into the design and delivery.
• Consult with instructors and subject matter experts to determine instructional requirements, collect data, customize design proposals, and implement solutions.
• Collaborate with technical developers/designers to produce media that supports instructional goals and objectives.

Requirements

• Bachelor's degree or equivalent experience
• Minimum six (6) years in relevant functional experience
• Minimum four (4) years experience leading a team of training support staff
• Minimum of four (4) years of experience in IT security and awareness training program development and management
• Minimum of four (4) years of experience developing training requirements and training plans
• Minimum of four (4) years of experience planning, preparing, and managing training program communications
• Familiarity with the following IT security concepts, practices, and tools:
  • TCP/IP
  • Packet Analysis
  • SIEM Operation
  • Understanding of how exploits work and appear within network traffic
  • Intrusion Detection Technology
  • Understanding of rootkits, exploits, and other types of malware
  • Awareness and understanding of popular attack tools (e.g., Zeus, Blackhole, Slowloris, LOIC, Cryptolocker, Pony Loader, etc.)
  • Ability to communicate effectively the actual status of an incident, attack, or other cyber issue.
  • Awareness of tradecraft used by Nation State APT actors
  • Capability to support the following systems: ArcSight SIEM; Splunk; Novetta Cyber Analytics; FireEye MPS Suite; Snort IDS; Bro IDS; Fidelis XPS; CloudShield Trusted Cyber Solution Orchestrator; Microsoft Advanced Threat Analytics; Counterattack Active Defense
  • Ability to use technologies, techniques, and tools to develop and execute content including, but not limited to, Virtual Machines (VM), XML, Networking, Windows, Unix, Security Concepts, HTML, scripting, Perl, Python, etc.
• Experience using SCORM for training content development and delivery
• Experience developing new training content, materials, and courses
• Experience with various learning types and training delivery methods
• Experience leading projects for the development of courses and content
• Experience tracking and reporting on training compliance

Desired

• CISSP or PMP certification

Clearance: Secret Clearance Required

Location: Remote