Information Security, Marketing Manager
Ipswich (Hybrid)
£75,000
Role Overview:
Eames are working with a reputable Insurer who are looking for someone to come in and help create detailed project plans that will deliver results aligned with the overarching strategies.
- Distribute surveys to assess both new and existing employees' security awareness and measure the security culture index.
- Design and launch a security awareness initiative to raise funds for charitable causes
- Develop and implement specialized security awareness training focused on high-risk areas of the organization.
- Deploy a tool to track security non-compliance, utilizing a "time since last incident" clock.
- Establish a network of business and IT employees who will serve as Security Champions within the organization, establishing governance and pushing the initiative forward.
- Create and deliver microlearning sessions using agile communication methods.
Responsibilities:
- Contribute to the assessment of various business lines’ security risks and develop corresponding training plans.
- Create security guidelines designed to be easily accessible to individuals with varying levels of technical expertise.
- Familiarity with diverse training methods, including campaigns, phishing simulations, and gamification techniques.
- In-depth knowledge of common cybercrime methods, such as phishing and social engineering.
- Ability to communicate effectively with senior management and senior security teams.
- Lead individual or small group sessions to educate colleagues on security threats and best practices for adhering to security standards.
Required Skills and Qualifications:
- Ability to navigate a variety of security concerns and provide relevant solutions.
- A friendly, approachable attitude towards educating colleagues on potential security risks.
- Strong teamwork skills, with the ability to also work independently and take initiative.
- Capacity to prioritize tasks effectively in a fast-paced environment.
- Experience in leading large-scale security culture transformation efforts.
- Strong organizational skills, able to manage multiple projects and deadlines concurrently.
- Research and development expertise in the field of information security.
- A solid understanding of relevant security frameworks and global data protection regulations, such as CISSP, ISO 27001/2:201
- Knowledge of the security implications of the Confidentiality, Integrity, and Availability triad and the appropriate risk models to present to business leaders.
- Ability to communicate effectively with senior management, legal teams, IT and security staff, as well as third-party stakeholders.
- Excellent technical writing skills are essential.
- A background in Information Security or IT, along with practical experience in relevant security services and tools, such as:
- Microsoft Azure, Office, Information Protection, and Data Loss Prevention (DLP)