Security Awareness and Training Consultant
|Job Type||Permanent Full Time|
|Area||London, United Kingdom|
We are currently working with a huge Media company looking for someone to help run security awareness and compliance programmes globally throughout all aspects of the company including subsidiary companies.
Duties & Responsibilities of the Security Awareness and Training Consultant
- Create security awareness content such as global emails, security articles, advice handouts and training videos.
- Implement, maintain and provide inputs to improve the security training and awareness program.
- Organize security awareness events.
- Create and manage information security training courses.
- Run information security awareness campaigns.
- Conduct classroom training for agency teams.
- Maintain security awareness documentation and provide inputs for improvement.
- Maintains security-related content on company’s intranet and other internal sites.
- Collaborate effectively with other stakeholders on security awareness initiatives.
- Work closely with suppliers to create information security training courses.
- Work with suppliers to create information security awareness material such as poster, cutouts and banners.
- Actively participates in company activities such as engagement taskforces, hiring events, learning & development , knowledge sharing, town halls etc.
- Provides support to the companies agencies on security compliance topics such as ISO 27001 certification, and partners on certification / attestation initiatives as determined by business needs from time to time.
- Participates in security audits of key processes and controls, gap analysis, and risk assessments to assess control operating effectiveness. Interfaces with corporate governance, internal and external auditors.
ESSENTIAL JOB REQUIREMENTS:
- Create, implement, manage and maintain security awareness program for the company.
- Partner with agencies to address their clients’ security training requirements.
- Maintain a support role in information security implementation. Implement improvement program for security compliance processes.
- Demonstrate communication skills regarding essential security risk and compliance concepts, processes, and procedures and their impact on IT and business processes.
- Demonstrate interpersonal, presentation, and relationship skills required for supporting the internal and external customers.
- Mandatory language skills (oral, written and listening) : English
OTHER JOB REQUIREMENTS:
- Good communication and presentation skills
- Ability to work effectively and collaboratively with stakeholders.
- Willingness to work with geographically dispersed teams; may involve working during non-business hours occasionally to accommodate time-zone differences.
- Travel: This position will periodically visit other offices; may require domestic or international travel.
PERFORMANCE STANDARDS & EXPECTATIONS
Education & Certifications
- Bachelor’s degree required
- ISMS LI, ISMS LA, CISSP preferred
- At least 3+ years overall experience in managing training and awareness programs
- Experience in managing internal communications
- Experience in working with a security team responsible for enterprise security
- Experience in managing an ISMS (ISO 27001) program
- Exposure to other standards like SOX, SSAE 16, PCI
- Content writing
- Team Work
- Results Driven
- Customer Focus
- Adaptability to Change
- Continuous Improvement
- Security Audits
- Security Risk Assessments
- Security Training and Documentation