This role will be based in Maidenhead, UK - you will be working for a Global 500 technology organization with amazing benefits and values.
In this role, we are looking for someone with experience and passion in Cyber Security, cultural change and transformation.
- Own and support development & delivery of the cyber security education, awareness and training strategy.
- Define and report on metrics to show the effectiveness of the strategy and progress towards a Cyber Security culture transformation.
- Coordinate the delivery of continual security education for all employees and contractors.
- Provide targeted role based security training for selected function or employee groups.
- Create and deliver original education and awareness content leveraging support from a combination of internal expertise and third parties.
- Engage with support functions and brands, third parties and high-risk individuals to raise cyber security awareness and ensure understanding of security threats.
- Ownership of the NIST CSF controls relating to Awareness & Training.
- Ensure development of appropriate key performance indicators (KPIs) to monitor and demonstrate progress of initiatives and measurement of positive behaviour.
- Manage simulated phishing campaigns through a third-party platform. Responsible for designing appropriate content and developing the strategy.
- Line management.
- Develop related metrics and administer methods to measure and assess the effectiveness of cyber security awareness communications such as the creation of internal phishing campaigns, surveys online testing etc.
Required Experience & Skills
- Experience in creating and leading security training and programmes within a large organisation.
- Experience in delivering a cultural transformation, preferably in relation to Cyber Security.
- Ability and confidence to create and deliver content directly to employees both in-person and online using collaborative tools.
- Strong personal training and development experience with the ability to explain technical subjects to non-technical audiences.
- Ability to think strategically and deliver operationally across the organisation.
- Understanding of information security frameworks (IS27001, NIST CSF).
- General awareness of data protection and employment legislation and regulation preferable.
- Experience of working with a high degree of autonomy, managing own and others workload.
- Experience with managing stakeholders and creating long lasting relationships.
- Qualification relating to information security desirable.
- Proven ability to work in a dynamic and decentralized work environment and self-manage.
If this is for you, please apply now and I will be in touch.