Associate Director - InfoSec Education & Dev

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our 35,000 employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We're looking for people who are determined to make life better for people around the world.

Organization Overview:

At Lilly, we serve an extraordinary purpose. We make a difference for people around the globe by discovering, developing and delivering medicines that help them live longer, healthier, more active lives. Not only do we deliver breakthrough medications, but you also can count on us to develop creative solutions to support communities through philanthropy and volunteerism.

The Information Security Education and Development (ISED) Consultant will be responsible for developing strategy for, and managing, high-visibility activities and communications in support of the Information Security department. Core accountabilities of this role are to collaborate with other ISED team members to design, execute and operationally support learning initiatives, tactics, and communications to increase the Information Security "IQ" of the Lilly workforce. This role will partner with key stakeholders and other ISED team members to drive organizational change management (OCM), detailed implementation planning, and seamless execution for both planned and urgent, time-sensitive Information Security priorities.

This individual will be expected to communicate updates and interact regularly with members of the Information Security Lead Team and other Lilly leaders. This role will conduct other activities as assigned that support Information Security's mission to protect the confidentiality, integrity, and availability of information, products and systems that enables Lilly's organizational mission.

Responsibilities:

• Have accountability for successful development and execution of all Information Security education, training and communication initiatives, including all-workforce training, social engineering education, Lilly Shield, Cyber Security Awareness Month (CSAM), and specific role-based training.
• Strategize, develop and implement key communications for high-priority, urgent, material, and time-sensitive as well as planned Information Security initiatives, including incident-response planning and annual communications plan to drive employee awareness and behavior change.
• Partner with key stakeholders to counsel on strategy and execution of their OCM requirements.
• Manage Protect Lilly content channels, including LillyNow pages, LillyNow newsfeed, Yammer group and inVision platform.
• Support the Senior Director on the development of the annual communication calendar, plan and strategy.
• Document best practices for Information Security education and development initiatives to drive continuous improvements.
• Facilitate training and education sessions for targeted workforce members, general audiences and at-risk positions.
• Manage a repository of Protect Lilly communication and/or training materials for leaders, Protect Lilly Advisors and/or Protect Lilly Champions to use when addressing employees.
• Accountability for Protect Lilly operations, including the Protect Lilly mailbox, budget, and vendor management.
• Ability to lead large, cross-functional efforts with limited leadership oversight and management
• Developing and communicating dashboards and metrics to various business partners and functions

Basic Requirements:

• Bachelor's degree in education, information security, business management, communications, marketing or related field.
• Certification in organizational change management
• 5-7 years in an information security role or supporting an information security function
• 5-7 years' experience in education, training and awareness, learning & development, sales/marketing training, or communications role
• 3-5 years' experience with SharePoint, and other communication and document management repositories and solutions

Additional Preferences:

• Experience leading large scale change across multiple organizations and functions
• Ability to influence colleagues and leaders across teams and at all levels of the organization.
• Flexible, adaptable, and able to change course quickly as business needs change.
• Ability to be a flexible team player with the highest ethical and business standards.
• Excellent learning agility.
• Excellent communication (written & verbal).
• Strategic thinking (enterprise mindset).
• Experience with internal and external crisis communications and/or urgent, high-priority communications (demonstrated litigation-communication experience preferred but not required).
• Experience in Information Security or Information Technology is a plus, but not required.
• Experience in developing training and communications to translate technical concepts for the general workforce is a plus, but not required.
• Ability to develop career path opportunities.
• Ability to determine the validity of workforce trend data.
• Knowledge of organizational human resource policies, processes, and procedures.
• Knowledge of emerging technologies that have potential for exploitation.
• Knowledge of industry indicators useful for identifying technology trends.
• Knowledge of external organizations and academic institutions with cyber focus (e.g., cyber curriculum/training and Research & Development).
• Knowledge of current and emerging cyber technologies.
• Establish and maintain communication channels with stakeholders.
• Evaluate cost/benefit, economic, and risk analysis in decision-making process.
• Interpret and apply applicable laws, statutes, and regulatory documents and integrate into policy.
• Serve as an internal consultant and advisor in own area of expertise (e.g., technical, copyright, print media, electronic media)

Eli Lilly and Company, Lilly USA, LLC and our wholly owned subsidiaries (collectively "Lilly") are committed to help individuals with disabilities to participate in the workforce and ensure equal opportunity to compete for jobs. If you require an accommodation to submit a resume for positions at Lilly, please email Lilly Human Resources ( [email protected] ) for further assistance. Please note This email address is intended for use only to request an accommodation as part of the application process. Any other correspondence will not receive a response.

Lilly is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.

Our employee resource groups (ERGs) offer strong support networks for their members and help our company develop talented individuals for future leadership roles. Our current groups include: Africa, Middle East, Central Asia Network, African American Network, Chinese Culture Network, Early Career Professionals, Japanese International Leadership Network (JILN), Lilly India Network, Organization of Latinos at Lilly, PRIDE (LGBTQ + Allies), Veterans Leadership Network, Women's Network, Working and Living with Disabilities. Learn more about all of our groups.

As a condition of employment with Eli Lilly and Company and its subsidiaries in the United States and Puerto Rico, you must be fully COVID-19 vaccinated and provide proof of vaccination satisfactory to the company (subject to applicable law).

#WeAreLilly