UK Only Please – Sponsorship is Unavailable

Hybrid Working – 3 days on site is Compulsory – London City

Role Summary

The Security Awareness Lead is responsible for developing, delivering, and Continuously improving global security awareness and behaviour change programme across a multinational organisation of 2,000+ users. This role Ensures employees, contractors, and partners understand their security Responsibilities, make secure decisions, and actively contribute to a strong Security culture.

The ideal candidate is a creative communicator, strategic thinker, and experienced Security professional capable of driving organisation ‑ wide Behavioural change.

Key Responsibilities:

1. Security Awareness Strategy

• Develop and own the global Security awareness and human risk management strategy.
• Align awareness initiatives With organisational risk, regulatory requirements, and the broader Cybersecurity roadmap.
• Establish a measurable, Outcomes ‑ driven approach focused on Reducing human ‑ related Cyber risks.

2. Awareness Programme Delivery

• Design and deliver engaging Security campaigns, training materials, microlearning modules, phishing Simulations, and behavioural nudges.
• Build a compelling internal “Security culture brand” to drive engagement and recognition.
• Launch role ‑ based training for high ‑ risk groups (e.g., executives, finance, developers, privileged access users).

3. Behaviour & Human Risk Management

• Conduct human risk assessments And behavioural baselining across regions and business units.
• Develop KPIs and metrics to track behavioural change, susceptibility, and programme effectiveness.
• Use data insights from Phishing, security incidents, and SOC analytics to drive targeted Interventions.

4. Stakeholder Engagement

• Collaborate closely with HR, Communications, IT, Data Protection, Legal, and Regional Business Leads.
• Influence senior stakeholders And communicate the business value of a strong security culture.
• Support policy communication And ensure employees understand security responsibilities.

5. Tooling & Technology

• Manage the security awareness Platform (LMS), phishing simulation tools, and behavioural analytics Solutions.
• Evaluate and procure new Technologies to enhance the programme (awareness platforms, content Providers, risk scoring tools).
• Integrate awareness workflows Into existing processes (onboarding, JML, incident response).

6. Global Governance & Compliance

• Ensure training and reporting Align with global regulatory requirements (ISO 27001, NIST, SOC 2, GDPR, Industry ‑ specific regulations).
• Provide evidence and reporting For internal and external audits.
• Maintain training records and Ensure compliance across all regions.

7. Security Champions Network

• Build and manage a global Network of Security Champions to amplify awareness efforts.
• Deliver toolkits, content, and Community sessions to engage Champions across multiple business units and Countries.

Skills, Experience & Qualifications:

Essential

• Proven experience in delivering Security awareness, human risk, or behavioural change programmes in medium ‑ to ‑ large organisations (1,000+ Users).
• Strong understanding of Cybersecurity fundamentals, threat landscape, and common human ‑ related risks.
• Experience designing training, Campaigns, and communication for diverse global audiences.
• Knowledge of awareness Platforms (e.g., KnowBe4, Proofpoint, Cofense, Hoxhunt, CybSafe, LMS Tools).
• Excellent communication, Storytelling, and stakeholder ‑ influencing Skills.
• Strong data ‑ driven mindset with ability to Create metrics dashboards and analyse behavioural trends.

Desirable

• Certifications such as: SANS Security Awareness (SSAP), CISSP, Security+, or equivalent.
• Experience in multinational or Complex matrixed environments.
• Experience building Security Champions/Advocacy networks.
• Background in behaviour Science, learning & development, psychology, or communications.