UK Only Please - Sponsorship is Unavailable Hybrid Working - 3 days on site is Compulsory - London City

Role Summary

TheSecurity Awareness Lead is responsible for developing, delivering, andContinuously improving global security awareness and behaviour change programme across a multinational organisation of 2,000+ users. This roleEnsures employees, contractors, and partners understand their securityResponsibilities, make secure decisions, and actively contribute to a strongSecurity culture. The ideal candidate is a creative communicator, strategic thinker, and experiencedSecurity professional capable of driving organisation‑wideBehavioural change.

Key Responsibilities:

1. Security Awareness Strategy

Develop and own the global Security awareness and human risk management strategy. Align awareness initiatives With organisational risk, regulatory requirements, and the broader Cybersecurity roadmap. Establish a measurable, Outcomes‑driven approach focused on Reducing human‑related Cyber risks.2. Awareness Programme Delivery

Design and deliver engaging Security campaigns, training materials, microlearning modules, phishing Simulations, and behavioural nudges. Build a compelling internal "Security culture brand" to drive engagement and recognition. Launch role‑based training for high‑risk groups (e.g., executives, finance, developers, privileged access users).3. Behaviour & Human Risk Management

Conduct human risk assessments And behavioural baselining across regions and business units. Develop KPIs and metrics to track behavioural change, susceptibility, and programme effectiveness. Use data insights from Phishing, security incidents, and SOC analytics to drive targeted Interventions.4. Stakeholder Engagement

Collaborate closely with HR, Communications, IT, Data Protection, Legal, and Regional Business Leads. Influence senior stakeholders And communicate the business value of a strong security culture. Support policy communication And ensure employees understand security responsibilities.5. Tooling & Technology

Manage the security awareness Platform (LMS), phishing simulation tools, and behavioural analytics Solutions. Evaluate and procure new Technologies to enhance the programme (awareness platforms, content Providers, risk scoring tools). Integrate awareness workflows Into existing processes (onboarding, JML, incident response).6. Global Governance & Compliance

Ensure training and reporting Align with global regulatory requirements (ISO 27001, NIST, SOC 2, GDPR, Industry‑specific regulations). Provide evidence and reporting For internal and external audits. Maintain training records and Ensure compliance across all regions.7. Security Champions Network

Build and manage a global Network of Security Champions to amplify awareness efforts. Deliver toolkits, content, and Community sessions to engage Champions across multiple business units and Countries. Skills, Experience & Qualifications:

Essential

Proven experience in delivering Security awareness, human risk, or behavioural change programmes in medium‑to‑large organisations (1,000+ Users). Strong understanding of Cybersecurity fundamentals, threat landscape, and common human‑related risks. Experience designing training, Campaigns, and communication for diverse global audiences. Knowledge of awareness Platforms (e.g., KnowBe4, Proofpoint, Cofense, Hoxhunt, CybSafe, LMS Tools). Excellent communication, Storytelling, and stakeholder‑influencing Skills. Strong data‑driven mindset with ability to Create metrics dashboards and analyse behavioural trends.Desirable

Certifications such as: SANS Security Awareness (SSAP), CISSP, Security+, or equivalent. Experience in multinational or Complex matrixed environments. Experience building Security Champions/Advocacy networks. Background in behaviour Science, learning & development, psychology, or communications.Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)