We are currently recruiting for a Cyber Security Culture and Awareness lead based in Exeter (Hybrid).
Hours: Full time (37 hours)
Contract duration: Temporary ongoing.
Day rate: PAYE £367.59 per day/ UMB £475.00 per day.
About this role:
- Responsible for the development and delivery of training materials to aid embedding of cyber security awareness across staff as well as suppliers & collaborating organisations.
- Responsible for continuing to drive our cyber security awareness training to further embed a positive culture.
- Engaging with stakeholders across the business to define and communicate key cyber security culture and awareness messages.
- Lead activities to deliver and assure security education awareness programmes.
- Ensuring development of evidenced based metric to measure the success of the cyber security culture & awareness programme.
- Develop a clear roadmap of culture and awareness activities.
- Review and update of guidance documents.
- Promote security-conscious behaviours and good security risk management practices.
- Work closely with IT Security Teams and the Cyber Risk Team to understand and prioritise culture and awareness activities in line with our key cyber risks
Responsibilities & Deliverables:
- Develop and apply new concepts in protective security, involving the other specialisms, including the Corporate Enablers.
- Develop individuals and contributes to the development of protective security practices.
- Promote protective security as a business enabler throughout the organisation.
- Interpret sources of threat information for the local environment and applies knowledge of the external environment.
- Maintain understanding of local and strategic threat environments, and trends affecting the landscape, and can apply to inform and provide context.
- Use local and strategic threat information in decision-making and planning.
- Communicate tailored threat information to relevant local stakeholders within the organisation.
Risk understanding and mitigation:
- Develop basic cost-effective risk management plans.
- Support risk assessment and mitigation plan development.
- Follows documented principles and guidelines for risk understanding and mitigation.
- Relate risk to corporate governance, organisational strategic direction and planning Legal and regulatory environment and compliance.
Legal and regulatory environment and compliance:
- Explain the principal requirements of major legislation and regulations relevant to security, and the legal and regulatory instruments relevant to the role.
- Review & implement alterations to operating procedures in response to changes in regulations Educates/provides guidance on the implementation of regulations.
- Report residual non-compliance to management in accordance with organisation procedures.
Experience, qualifications, skills & experiences:
- 3+ years within the cyber security profession, having received formal or on the job training and/or qualifications in cyber risk and/or threat awareness.
- It is desirable to have CISSP, CISM or CRISC certification.
For more information on this role please email email@example.com or call 07789557717