Job Category: Cyber Security
Job Type: Temporary
Job Location: Exeter

We are currently recruiting for a Cyber Security Culture and Awareness lead based in Exeter (Hybrid).


Hours: Full time (37 hours)

Contract duration: Temporary ongoing.

Day rate: PAYE £367.59 per day/ UMB £475.00 per day.


About this role:

  • Responsible for the development and delivery of training materials to aid embedding of cyber security awareness across staff as well as suppliers & collaborating organisations.
  • Responsible for continuing to drive our cyber security awareness training to further embed a positive culture.
  • Engaging with stakeholders across the business to define and communicate key cyber security culture and awareness messages.
  • Lead activities to deliver and assure security education awareness programmes.
  • Ensuring development of evidenced based metric to measure the success of the cyber security culture & awareness programme.
  • Develop a clear roadmap of culture and awareness activities.
  • Review and update of guidance documents.
  • Promote security-conscious behaviours and good security risk management practices.
  • Work closely with IT Security Teams and the Cyber Risk Team to understand and prioritise culture and awareness activities in line with our key cyber risks


Responsibilities & Deliverables:

Protective Security:

  • Develop and apply new concepts in protective security, involving the other specialisms, including the Corporate Enablers.
  • Develop individuals and contributes to the development of protective security practices.
  • Promote protective security as a business enabler throughout the organisation.

Threat Understanding:

  • Interpret sources of threat information for the local environment and applies knowledge of the external environment.
  • Maintain understanding of local and strategic threat environments, and trends affecting the landscape, and can apply to inform and provide context.
  • Use local and strategic threat information in decision-making and planning.
  • Communicate tailored threat information to relevant local stakeholders within the organisation.

Risk understanding and mitigation:

  • Develop basic cost-effective risk management plans.
  • Support risk assessment and mitigation plan development.
  • Follows documented principles and guidelines for risk understanding and mitigation.
  • Relate risk to corporate governance, organisational strategic direction and planning Legal and regulatory environment and compliance.

Legal and regulatory environment and compliance:

  • Explain the principal requirements of major legislation and regulations relevant to security, and the legal and regulatory instruments relevant to the role.
  • Review & implement alterations to operating procedures in response to changes in regulations Educates/provides guidance on the implementation of regulations.
  • Report residual non-compliance to management in accordance with organisation procedures.


Experience, qualifications, skills & experiences:

  • 3+ years within the cyber security profession, having received formal or on the job training and/or qualifications in cyber risk and/or threat awareness.
  • It is desirable to have CISSP, CISM or CRISC certification.


For more information on this role please email or call 07789557717

Apply for this position

Allowed Type(s): .pdf, .doc, .docx