Security Awareness Lead

City of London
23 hours ago
Create job alert

UK Only Please - Sponsorship is Unavailable
Hybrid Working - 3 days on site is Compulsory - London City

Role Summary

TheSecurity Awareness Lead is responsible for developing, delivering, andContinuously improving global security awareness and behaviour change programme across a multinational organisation of 2,000+ users. This roleEnsures employees, contractors, and partners understand their securityResponsibilities, make secure decisions, and actively contribute to a strongSecurity culture.
The ideal candidate is a creative communicator, strategic thinker, and experiencedSecurity professional capable of driving organisation‑wideBehavioural change.

Key Responsibilities:

  1. Security Awareness Strategy

    Develop and own the global Security awareness and human risk management strategy.
    Align awareness initiatives With organisational risk, regulatory requirements, and the broader Cybersecurity roadmap.
    Establish a measurable, Outcomes‑driven approach focused on Reducing human‑related Cyber risks.2. Awareness Programme Delivery

    Design and deliver engaging Security campaigns, training materials, microlearning modules, phishing Simulations, and behavioural nudges.
    Build a compelling internal "Security culture brand" to drive engagement and recognition.
    Launch role‑based training for high‑risk groups (e.g., executives, finance, developers, privileged access users).3. Behaviour & Human Risk Management

    Conduct human risk assessments And behavioural baselining across regions and business units.
    Develop KPIs and metrics to track behavioural change, susceptibility, and programme effectiveness.
    Use data insights from Phishing, security incidents, and SOC analytics to drive targeted Interventions.4. Stakeholder Engagement

    Collaborate closely with HR, Communications, IT, Data Protection, Legal, and Regional Business Leads.
    Influence senior stakeholders And communicate the business value of a strong security culture.
    Support policy communication And ensure employees understand security responsibilities.5. Tooling & Technology

    Manage the security awareness Platform (LMS), phishing simulation tools, and behavioural analytics Solutions.
    Evaluate and procure new Technologies to enhance the programme (awareness platforms, content Providers, risk scoring tools).
    Integrate awareness workflows Into existing processes (onboarding, JML, incident response).6. Global Governance & Compliance

    Ensure training and reporting Align with global regulatory requirements (ISO 27001, NIST, SOC 2, GDPR, Industry‑specific regulations).
    Provide evidence and reporting For internal and external audits.
    Maintain training records and Ensure compliance across all regions.7. Security Champions Network

    Build and manage a global Network of Security Champions to amplify awareness efforts.
    Deliver toolkits, content, and Community sessions to engage Champions across multiple business units and Countries.
    Skills, Experience & Qualifications:

    Essential

    Proven experience in delivering Security awareness, human risk, or behavioural change programmes in medium‑to‑large organisations (1,000+ Users).
    Strong understanding of Cybersecurity fundamentals, threat landscape, and common human‑related risks.
    Experience designing training, Campaigns, and communication for diverse global audiences.
    Knowledge of awareness Platforms (e.g., KnowBe4, Proofpoint, Cofense, Hoxhunt, CybSafe, LMS Tools).
    Excellent communication, Storytelling, and stakeholder‑influencing Skills.
    Strong data‑driven mindset with ability to Create metrics dashboards and analyse behavioural trends.Desirable

    Certifications such as: SANS Security Awareness (SSAP), CISSP, Security+, or equivalent.
    Experience in multinational or Complex matrixed environments.
    Experience building Security Champions/Advocacy networks.
    Background in behaviour Science, learning & development, psychology, or communications.Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)

Related Jobs

View all jobs

Information Security GRC Lead

Cloud Security Lead

Cyber Security Analyst

Information Security Manager

Security Manager

Information Security Manager

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Penetration Tester Jobs in the UK: What Employers Actually Want in 2026

The demand for skilled professionals in cyber security has never been higher, and penetration testers sit at the very heart of this rapidly evolving industry. As organisations across the UK continue to digitise their operations, protect sensitive data, and defend against increasingly sophisticated threats, the need for ethical hackers has grown dramatically. If you are considering a career in this field—or looking to advance within it—it is essential to understand what employers are really looking for in 2026. This guide breaks down the current expectations, required skills, certifications, and practical experience that can help you stand out in a competitive job market.

Jobs

SOC Analyst Jobs UK 2026: Salaries, Skills & How to Get Hired

Cyber security is one of the UK's fastest-growing career paths — and SOC analyst is where most people begin. It's in high demand, genuinely accessible, and you don't need a degree or years of experience to get started. But knowing what UK employers actually want in 2026 — what they pay, which certs matter, and how to stand out — is a different matter. This guide covers all of it.

Careers

How Many Cyber Security Tools Do You Need to Know to Get a Cyber Security Job?

If you are trying to build or move forward in a cyber security career, it can feel like the list of tools you are expected to know never ends. One job advert asks for SIEM platforms, another mentions penetration testing tools, another lists cloud security, threat intelligence platforms, endpoint detection, scripting languages and compliance frameworks. Scroll LinkedIn and it gets worse. Everyone seems to “know” dozens of tools, certifications and platforms. Here is the reality most cyber security hiring managers agree on: they are not hiring you because you know every tool. They are hiring you because you understand risk, can think like an attacker and a defender, follow process, communicate clearly and make good decisions under pressure. Tools matter — but only when they support those outcomes. So how many cyber security tools do you actually need to know to get a job? For most job seekers, the answer is far fewer than you think. This article explains what employers really expect, which tools are essential, which are role-specific and how to focus your learning so you look credible, not overwhelmed.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.