Connecting to LinkedIn...

Policy and Awareness Consultant

Job Title: Policy and Awareness Consultant
Contract Type: Contract
Location: Maidenhead, Berkshire
Salary: Negotiable
Start Date: ASAP
Duration: 6 Months
REF: PP/P&AC/C/CS_1506087910
Contact Name: Chris Small
Contact Email:
Job Published: about 1 year ago

Job Description

The Security Policy & Awareness Specialist is a pivotal role and is responsible for:

  • Developing and maintaining all security policies, standards and awareness measures and activities.
  • Drive our Security Awareness For Everyone (SAFE) programme that promotes and drives a cultural change throughout.
  • To support the Information Security Manager in delivering a consistent, best in class security service to our people, customers, 3rd parties and partners.
  • Design and implement centralised processes for the identification, development, stakeholder review, approval, publication and maintenance of our security related policies and standards
  • Work cross functionally with all business functions to develop a set of security standards, procedures and guidelines that are relevant and aligned to industry best practice and legal & regulatory requirements
  • Manage the development of the information security policies, standards and awareness function by ensuring alignment with Security.
  • Help deliver a tailored security awareness and training programme and road map which supports joiners, in situ, movers and leavers
  • Identify and create the information security awareness tools and processes that can demonstrate and measure employee, 3rd Party and Partner adherence to security policies
  • Develop appropriate metrics and statistics; and provide timely reports on the performance of security policy and awareness activities
  • Ensure that the leaders understand their role in relation to our security policies and are aware of our security strategy
  • Continue and build the relationships with the relevant internal and external stakeholders to develop and maintain our security policy framework and awareness programme
  • Develop and maintain our Security Awareness For Everyone programme and intranet site, providing access for all employees to our security materials, messages and self-help tools
  • Responsible for all security communications, internally and externally, working in conjunction with the Head of Risk & Security and our Internal Communications department
  • Responsible for driving and leading the Group Security Awareness Forum to share policies and practices.

Must Have

  • Fun and Engaging personality
  • Proven experience of managing and driving comms and awareness programme.
  • Proven Experience of proactively managing and driving business change through stakeholder engagement and management
  • Proven Experience of people management / team lead in any capacity (be it virtual)
  • Demonstrative experience dealing with a broad range of people including senior business leaders, tech experts and front line staff

Technical Requirements

  • Basic understanding and knowledge of security standards - including and not limited - ISO27001/ISeC, Cobit, ISF, CESG, PCI-DSS, ND1643
  • Utilising different methods and media to communicate, educate and assess messaging and requirements across varied and large audiences
  • Strong communication skills; articulate, explaining technical issues simply both verbally and in writing
  • Support all security and data protection functions in the delivery of key messages across Three and relevant 3rd parties and partners
  • Ability to multi task and work on projects concurrently and under tight deadlines
  • Detail oriented and customer focused with excellent time management skills

Nice to have

  • Experience of working on polices and awareness programmes or other campaigns.
  • Interested in gaining Security certification such as CISSP, CISM

Project People is acting as an Employment Business in relation to this vacancy.

Project People is acting as an Employment Business in relation to this vacancy.