• Lead the development, review, update, and publication of cybersecurity policies and procedures. • Maintain a structured and scalable policy lifecycle process including intake, review cycles, approvals, and publication workflows. • Ensure policies and procedures align to recognized frameworks (e.g. NIST CSF and 800-53, ISO 27001, PCI-DSS, SOX, SOC 2 and other applicable standards). • Maintain mapping between policies, procedures, and control requirements. • Identify content gaps and drive continuous improvement in documentation quality and clarity. • Communicate policy updates effectively to relevant stakeholders to support adoption and awareness. • Lead execution of the global cybersecurity training and awareness program. • Manage phishing simulations, reporting, and target education initiatives. • Develop and coordinate annual and secondary cybersecurity content and delivery. • Track awareness metrics and drive continuous improvement of engagement and reporting rates. • Partner with stakeholders to promote a strong culture of security awareness across the enterprise. • Work closely with IT, Legal, Privacy, HR, and business teams to integrate policies and procedures into operational practices. • Support compliance efforts by ensuring documentation reflects implemented controls and operational processes. • Provide structured updates and reporting to leadership on program status, maturity, and key initiatives.