Détails de l'offre
Identifiant de la mission: 5633
Ajoutée: avril 15, 2022
Description de la mission :
Group Security Awareness Coordinator (Gamification, KnowBe4, Phising, CISSP, CISM, SSAP) Remote and Paris 6-12 MONTHS+
(Security Awareness, Security, Securite)
One of our Blue Chip Clients is urgently looking for a Group Security Awareness Coordinator.
This role will be a mix of being based in Paris and remote working
Please find some details below:
The customer is a global critical financial infrastructure company. Security is at the core of the company’s services, firmly embedded in their management systems and processes. The Group Chief Information Security Office is in charge of putting in place the required controls to adequately and effectively protect our information assets.
The Chief Information Security Office team’s main responsibility is to ensure a coherent and dynamic enterprise response to the evolving security threats.
We are looking for a Group Security Awareness Coordinator to provide innovative and engaging training and awareness, on both physical and cyber security matters.
Reporting to the Group Security Awareness and Culture manager, the function develops, delivers and maintains the security training and awareness programme. It is responsible for training and awareness on policies and group security threats. The role is also required to report on these activities and work collaboratively with other teams.
Contribute to the development and delivery of an innovative security awareness programme to change and reinforce behaviours and culture across the Group.
Ensure staff’ awareness of and adherence to security policies and best practices.
Contribute to the management and training of a network of security ambassadors representing all divisions and departments.
Create and deliver communications in regard to existing and evolving security threats
Provide input to the development of the Security Management System and its associated policies and guidelines.
Ensure security training and awareness activities across the Group are relevant and accurate.
Ensure CIS controls related to awareness are embedded in the processes
Create process descriptions for the processes in the security awareness team
Embed the CIS controls related to security awareness and training by clearly defining the scope and activities per control
Propose a training plan for developers related to secure coding and application security
Create a variety of fun, innovative and engaging training sessions on security threats, policies, and best practices.
Deliver staff training utilising a variety of delivery methods, including online and face to face.
Liaise with other departments to ensure that training is relevant to their roles. e.g High Risk Profiles, Newcomers.
Identify any staff training and development needs and plan follow up activities.
Create and provide training and awareness activities for security at home, not just at work
Create and deliver phishing emails, ensuring that they represent current and future threats
Implement and lead a Phishing School’, providing additional training and awareness to staff where required
Communicate ‘ad hoc’ awareness guidance to all staff related to evolving or persistent threats
Create communications to increase staff engagement levels
Create and provide content and training to the Security Ambassadors, helping them to reinforce secure behaviours of their colleagues
Measure and report to senior management the results of awareness activities (Completion, reach and effectiveness)
Identify different behaviours and challenges of staff across the group, to tailor the content of training and awareness activities
Take a pivotal role in the designing, planning, delivering, and reviewing of Cyber Month activities
Organise quality and satisfaction surveys for the Group
Organise tests to measure staff’s security awareness maturity eg. physical intrusion tests.
Identify potential technological and procedural controls to encourage secure behaviour
Contribute to the content and maintenance of Security Awareness policies
Support group wide risk assessments
Provide guidance to central and local security teams and business teams
Previous experience in a Security Awareness, training or educational role is essential. Experience with Gamification is an added value.
Experience with KnowBe4 is an added value
Sound experience in a training or education field. A professional certification is an added value.
Previous experience with Phishing or communication campaigns is an added value.
Professional security qualification or certification such as CISSP, CISM, or SSAP is an added value.
Computer literate, with a good working knowledge of Microsoft Office. Advanced Excel capability or knowledge of Power Bi is an added value.
An excellent level of English is essential.
Experience with implementing the CIS controls
Excellent presentation skills, oral and written communication skills, and an ability to communicate with different audiences.
You like to work in a team but can also work independently, prioritising your own workload to achieve deadlines.
You are comfortable working with other departments which may have conflicting priorities and can adapt your approach depending on the situation.
Have a high level of integrity, with the ability to handle sensitive and confidential information on a need to know basis.
Have good persuasion abilities, expressing well-founded opinions whilst understanding their consequences.
Have a passion for learning and helping others
Adapting to, and acting with consideration to the dynamics within the organisation
Please send CV for full details and immediate interviews. We are a preferred supplier to the client.
Lien source: www.freelance-info.fr/mission/group-security-awareness-coordinator-gamification-knowbe-phising-cissp-cism-ssap-1678428