Information Security, Culture Manager - Eames Consulting : Job Details

Information Security, Culture Manager

Ipswich (Hybrid)

£75,000

Eames are working with a reputable Insurer who are looking for someone to come in and help create detailed project plans that will deliver results aligned with the overarching strategies.

• Distribute surveys to assess both new and existing employees' security awareness and measure the security culture index.
• Design and launch a security awareness initiative to raise funds for charitable causes
• Develop and implement specialized security awareness training focused on high-risk areas of the organization.
• Deploy a tool to track security non-compliance, utilizing a "time since last incident" clock.
• Establish a network of business and IT employees who will serve as Security Champions within the organization, establishing governance and pushing the initiative forward.
• Create and deliver microlearning sessions using agile communication methods.

Responsibilities:

• Contribute to the assessment of various business lines' security risks and develop corresponding training plans.
• Create security guidelines designed to be easily accessible to individuals with varying levels of technical expertise.
• Familiarity with diverse training methods, including campaigns, phishing simulations, and gamification techniques.
• In-depth knowledge of common cybercrime methods, such as phishing and social engineering.
• Ability to communicate effectively with senior management and senior security teams.
• Lead individual or small group sessions to educate colleagues on security threats and best practices for adhering to security standards.

Required Skills and Qualifications:

• Ability to navigate a variety of security concerns and provide relevant solutions.
• A friendly, approachable attitude towards educating colleagues on potential security risks.
• Strong teamwork skills, with the ability to also work independently and take initiative.
• Capacity to prioritize tasks effectively in a fast-paced environment.
• Experience in leading large-scale security culture transformation efforts.
• Strong organizational skills, able to manage multiple projects and deadlines concurrently.
• Research and development expertise in the field of information security.
• A solid understanding of relevant security frameworks and global data protection regulations, such as CISSP, ISO 27001/2:201
• Knowledge of the security implications of the Confidentiality, Integrity, and Availability triad and the appropriate risk models to present to business leaders.
• Ability to communicate effectively with senior management, legal teams, IT and security staff, as well as third-party stakeholders.
• Excellent technical writing skills are essential.
• A background in Information Security or IT, along with practical experience in relevant security services and tools, such as:
• Microsoft Azure, Office, Information Protection, and Data Loss Prevention (DLP)

Eames Consulting is acting as an Employment Agency in relation to this vacancy.