Information Security, Marketing Manager
Ipswich (Hybrid)
£75,000
Role Overview:
Eames are working with a reputable Insurer who are looking for someone to come in and help create detailed project plans that will deliver results aligned with the overarching strategies.
* Distribute surveys to assess both new and existing employees' security awareness and measure the security culture index.
* Design and launch a security awareness initiative to raise funds for charitable causes
* Develop and implement specialized security awareness training focused on high-risk areas of the organization.
* Deploy a tool to track security non-compliance, utilizing a "time since last incident" clock.
* Establish a network of business and IT employees who will serve as Security Champions within the organization, establishing governance and pushing the initiative forward.
* Create and deliver microlearning sessions using agile communication methods.
Responsibilities:
* Contribute to the assessment of various business lines’ security risks and develop corresponding training plans.
* Create security guidelines designed to be easily accessible to individuals with varying levels of technical expertise.
* Familiarity with diverse training methods, including campaigns, phishing simulations, and gamification techniques.
* In-depth knowledge of common cybercrime methods, such as phishing and social engineering.
* Ability to communicate effectively with senior management and senior security teams.
* Lead individual or small group sessions to educate colleagues on security threats and best practices for adhering to security standards.
Required Skills and Qualifications:
* Ability to navigate a variety of security concerns and provide relevant solutions.
* A friendly, approachable attitude towards educating colleagues on potential security risks.
* Strong teamwork skills, with the ability to also work independently and take initiative.
* Capacity to prioritize tasks effectively in a fast-paced environment.
* Experience in leading large-scale security culture transformation efforts.
* Strong organizational skills, able to manage multiple projects and deadlines concurrently.
* Research and development expertise in the field of information security.
* A solid understanding of relevant security frameworks and global data protection regulations, such as CISSP, ISO 27001/2:201
* Knowledge of the security implications of the Confidentiality, Integrity, and Availability triad and the appropriate risk models to present to business leaders.
* Ability to communicate effectively with senior management, legal teams, IT and security staff, as well as third-party stakeholders.
* Excellent technical writing skills are essential.
* A background in Information Security or IT, along with practical experience in relevant security services and tools, such as:
* Microsoft Azure, Office, Information Protection, and Data Loss Prevention (DLP)