Location: Remote/Home-Based
We are seeking a highly motivated and skilled Information Security Communications Specialist II to join our dynamic security team. The successful candidate will be a key player in maturing our Information Security Management System (ISMS) and fostering a security-conscious culture throughout the organization. This role is ideal for a communications professional with a passion for cybersecurity and a talent for making complex information accessible and engaging.
Responsibilities:
Develop, write, and maintain all ISMS documentation, including policies, standards, procedures, and guidelines, ensuring they are clear, concise, and aligned with industry standard frameworks (e.g., ISO 27001, NIST)
Manage the entire lifecycle of security documentation, from drafting and reviewing to publishing and continuous improvement
Lead the development and execution of a comprehensive security training and awareness program
Create engaging and effective training materials, including presentations, newsletters, and intranet content
Coordinate and conduct security awareness campaigns and events to promote a culture of security
Track and measure the effectiveness of the training and awareness program, providing regular reports to management
Collaborate with subject matter experts across the security team to ensure the accuracy and relevance of all communications
Serve as a primary point of contact for security-related communications and inquiries
Qualifications:
Bachelor's degree in Communications, Information Technology, Information Security or a related field
3-6 years of experience in a communications role, with a strong preference for experience in information security or information technology
Experience in Information Security compliance such as ISO27001, SOC2, FedRAMP
Proven experience in developing and managing documentation for a formal management system (e.g., ISMS, QMS)
Demonstrated experience in creating and delivering successful training and awareness programs
Excellent written and verbal communication skills, with the ability to translate technical concepts into clear and engaging content for a non-technical audience
Strong project management and organizational skills
Security audit experience
Familiarity with common security frameworks and standards (e.g., ISO 27001, NIST, CIS Controls) is a plus
Relevant certifications (e.g., CISM, CISSP) are desirable but not required