Information Security Policy Lead and Technical Writer
Apply NowCompany: Pro.com
Location: Chicago, IL 60629
Description:
The Information Security Policy Lead and Technical Writer is responsible for taking complex, technical information and translating it into an easily understandable format for consumption by a wide range of internal and external audiences. This position will be a member of the Cybersecurity Governance, Risk and Compliance (GRC) Team. They will collaborate closely with team members, the CISO, BISO, and Cybersecurity and Digital & Information Services (DIS) staff to understand, develop and create various types of cybersecurity content for multiple audiences and using System platforms to engage and educate users on Cybersecurity Awareness and its importance. This position will be responsible for the full lifecycle management of the complete library of cybersecurity policies and standards, from creation through finalization including reviews and updates. The Information Security Policy Lead and Technical Writer will assist with the presentation of proposals to stakeholders for the creation of new policy content in governance committees. This position will work with subject matter experts for policy and standard initial content and review of content on a regularly scheduled basis
Responsibilities:
Provides administrative coordination across the entire lifecycle and portfolio of Cybersecurity policies and standards.
Researches, outlines, writes, and edits cybersecurity content collaborating closely with various teams and departments to understand content requirements and impacts to the entire system.
Analyzes information required for the development or update of policies, standards, procedures, or process documentation to serve as a formal guide to all cybersecurity measures used.
Creates and maintains cybersecurity document templates that adhere to organizational standards to ensure all documentation is managed to professional standards of design and readability.
Proofreads documents for grammatical, syntactical, and usage errors, spelling, punctuation, and adherence to standards.
Produces articles, case studies, blogs, white papers and presentations on the latest cybersecurity incidents, threats, trends, and techniques for employee consumption.
Develops content in alternative media forms for maximum usability, with consistent voice across all documentation.
Determines the clearest and most logical way to present information for greatest reader comprehension.
Generates innovative ideas for cybersecurity content to ensure audience engagement.
Develops editorial processes to ensure effective proofreading and project deadline fulfilment.
Tracks new industry information, guidelines, and best practices as they arise to keep company documentation up to date.
Assists with preparing documents for compliance audits, cyber security and vulnerability assessments, and contributing to the development of the relevant compliance programs.
Manages tracking and logging of published cybersecurity communications.
Reviews, edits, and maintains existing documentation, which can become outdated or factually inaccurate over time.
Gathers information from subject-matter experts and develops, organizes, and writes procedure manuals, technical specifications, and process documentation.
Partners with cross-functional leaders and stakeholders including marketing, internal communications, etc., to ensure consistency and alignment in messaging across the organization.
Develops and implements standardized templates for various types of documents to ensure consistency in formatting, branding, and quality.
Other duties as assigned.
Required Job Qualifications:
Bachelor's degree.
7+ years of information security experience.
Understand the information security threat landscape and how to protect it via industry best practice policies, standards, and written guidance.
Knowledge of Cybersecurity protection and monitoring tools, risk remediation, and governance processes.
General knowledge of security systems, e.g., firewalls, intrusion detection systems, WAF, NAC, and network communication layers (OSI and TCP/IP).
Understanding of data loss prevention, threat protection and anti-malware tools.
Knowledge of cloud infrastructure, virtual platforms, encryption technologies, endpoint protection, network systems such as routers, load balancers, mail transport systems and cyber security.
Clear and concise written and verbal communication skills.
Analytical, multi-tasking and critical thinking skills.
Experience working with cross-functional leaders and stakeholders to influence policy improvements and process maturity.
PC proficiency with Microsoft Office Suite (Excel, Outlook, PowerPoint, and Word).
Preferred Job Qualifications:
Security certification (CISSP, CISA, CEH).
3+ years of healthcare experience a plus.
Responsibilities:
Provides administrative coordination across the entire lifecycle and portfolio of Cybersecurity policies and standards.
Researches, outlines, writes, and edits cybersecurity content collaborating closely with various teams and departments to understand content requirements and impacts to the entire system.
Analyzes information required for the development or update of policies, standards, procedures, or process documentation to serve as a formal guide to all cybersecurity measures used.
Creates and maintains cybersecurity document templates that adhere to organizational standards to ensure all documentation is managed to professional standards of design and readability.
Proofreads documents for grammatical, syntactical, and usage errors, spelling, punctuation, and adherence to standards.
Produces articles, case studies, blogs, white papers and presentations on the latest cybersecurity incidents, threats, trends, and techniques for employee consumption.
Develops content in alternative media forms for maximum usability, with consistent voice across all documentation.
Determines the clearest and most logical way to present information for greatest reader comprehension.
Generates innovative ideas for cybersecurity content to ensure audience engagement.
Develops editorial processes to ensure effective proofreading and project deadline fulfilment.
Tracks new industry information, guidelines, and best practices as they arise to keep company documentation up to date.
Assists with preparing documents for compliance audits, cyber security and vulnerability assessments, and contributing to the development of the relevant compliance programs.
Manages tracking and logging of published cybersecurity communications.
Reviews, edits, and maintains existing documentation, which can become outdated or factually inaccurate over time.
Gathers information from subject-matter experts and develops, organizes, and writes procedure manuals, technical specifications, and process documentation.
Partners with cross-functional leaders and stakeholders including marketing, internal communications, etc., to ensure consistency and alignment in messaging across the organization.
Develops and implements standardized templates for various types of documents to ensure consistency in formatting, branding, and quality.
Other duties as assigned.
Required Job Qualifications:
Bachelor's degree.
7+ years of information security experience.
Understand the information security threat landscape and how to protect it via industry best practice policies, standards, and written guidance.
Knowledge of Cybersecurity protection and monitoring tools, risk remediation, and governance processes.
General knowledge of security systems, e.g., firewalls, intrusion detection systems, WAF, NAC, and network communication layers (OSI and TCP/IP).
Understanding of data loss prevention, threat protection and anti-malware tools.
Knowledge of cloud infrastructure, virtual platforms, encryption technologies, endpoint protection, network systems such as routers, load balancers, mail transport systems and cyber security.
Clear and concise written and verbal communication skills.
Analytical, multi-tasking and critical thinking skills.
Experience working with cross-functional leaders and stakeholders to influence policy improvements and process maturity.
PC proficiency with Microsoft Office Suite (Excel, Outlook, PowerPoint, and Word).
Preferred Job Qualifications:
Security certification (CISSP, CISA, CEH).
3+ years of healthcare experience a plus.