Connecting to LinkedIn...

Policy & Awareness Specialist

Job Title: Policy & Awareness Specialist
Contract Type: Contract
Location: Maidenhead, Berkshire
Salary: Negotiable
Start Date: ASAP
Duration: 3-6 Months
REF: KGPolicy&Awareness_1503488296
Contact Name: Kerrie Gaurd
Contact Email:
Job Published: about 1 year ago

Job Description

The Security Policy & Awareness Specialist is a pivotal role and is responsible for:

  • Developing and maintaining all security policies, standards and awareness measures and activities.
  • Drive our Security Awareness For Everyone (SAFE) programme that promotes and drives a cultural change throughout.
  • To support the Information Security Manager in delivering a consistent, best in class security service to our people, customers, 3rd parties and partners.
  • Design and implement centralised processes for the identification, development, stakeholder review, approval, publication and maintenance of our security related policies and standards
  • Work cross functionally with all business functions to develop a set of security standards, procedures and guidelines that are relevant and aligned to industry best practice and legal & regulatory requirements
  • Manage the development of the information security policies, standards and awareness function by ensuring alignment with Security.
  • Help deliver a tailored security awareness and training programme and road map which supports joiners, in situ, movers and leavers
  • Identify and create the information security awareness tools and processes that can demonstrate and measure employee, 3rd Party and Partner adherence to security policies
  • Develop appropriate metrics and statistics; and provide timely reports on the performance of security policy and awareness activities
  • Ensure that the leaders understand their role in relation to our security policies and are aware of our security strategy
  • Continue and build the relationships with the relevant internal and external stakeholders to develop and maintain our security policy framework and awareness programme
  • Develop and maintain our Security Awareness For Everyone programme and intranet site, providing access for all employees to our security materials, messages and self-help tools
  • Responsible for all security communications, internally and externally, working in conjunction with the Head of Risk & Security and our Internal Communications department
  • Responsible for driving and leading the Group Security Awareness Forum to share policies and practices.

Must Have

  • Fun and Engaging personality
  • Proven experience of managing and driving comms and awareness programme.
  • Proven Experience of proactively managing and driving business change through stakeholder engagement and management
  • Proven Experience of people management / team lead in any capacity (be it virtual)
  • Demonstrative experience dealing with a broad range of people including senior business leaders, tech experts and front line staff

Technical Requirements

  • Basic understanding and knowledge of security standards - including and not limited - ISO27001/ISeC, Cobit, ISF, CESG, PCI-DSS, ND1643
  • Utilising different methods and media to communicate, educate and assess messaging and requirements across varied and large audiences
  • Strong communication skills; articulate, explaining technical issues simply both verbally and in writing
  • Support all security and data protection functions in the delivery of key messages across Three and relevant 3rd parties and partners
  • Ability to multi task and work on projects concurrently and under tight deadlines
  • Detail oriented and customer focused with excellent time management skills

Nice to have

  • Experience of working on polices and awareness programmes or other campaigns.
  • Interested in gaining Security certification such as CISSP, CISM

Project People is acting as an Employment Business in relation to this vacancy.