Security Awareness Lead

UK Only Please - Sponsorship is Unavailable Hybrid Working - 3 days on site is Compulsory - London City Role Summary The Security  Awareness Lead is responsible for developing, delivering, and Continuously improving global security awareness and behaviour change programme across a multinational organisation of 2,000 users. This role Ensures employees, contractors, and partners understand their security

Responsibilities, make secure decisions, and actively contribute to a strong

Security culture.

The ideal candidate is a creative communicator, strategic thinker, and experienced

Security professional capable of driving organisation-wide Behavioural change.

Key Responsibilities:

1. Security Awareness Strategy Develop and own the global Security awareness and human risk management strategy. Align awareness initiatives With organisational risk, regulatory requirements, and the broader Cybersecurity roadmap. Establish a measurable, Outcomes-driven approach focused on Reducing human-related Cyber risks.
2. Awareness Programme Delivery Design and deliver engaging Security campaigns, training materials, microlearning modules, phishing Simulations, and behavioural nudges. Build a compelling internal "Security culture brand" to drive engagement and recognition. Launch role-based training for high-risk groups (e.g., executives, finance, developers, privileged access users). 3. Behaviour & Human Risk Management Conduct human risk assessments And behavioural baselining across regions and business units.

Develop KPIs and metrics to track behavioural change, susceptibility, and programme effectiveness. Use data insights from Phishing, security incidents, and SOC analytics to drive targeted Interventions.
4. Stakeholder Engagement Collaborate closely with HR, Communications, IT, Data Protection, Legal, and Regional Business Leads. Influence senior stakeholders And communicate the business value of a strong security culture. Support policy communication And ensure employees understand security responsibilities.
5. Tooling & Technology Manage the security awareness Platform (LMS), phishing simulation tools, and behavioural analytics Solutions. Evaluate and procure new Technologies to enhance the programme (awareness platforms, content Providers, risk scoring tools). Integrate awareness workflows Into existing processes (onboarding, JML, incident response). 6. Global Governance & Compliance Ensure training and reporting Align with global regulatory requirements (ISO 27001, NIST, SOC 2, GDPR, Industry-specific regulations).

Provide evidence and reporting For internal and external audits. Maintain training records and Ensure compliance across all regions.
7. Security Champions Network Build and manage a global Network of Security Champions to amplify awareness efforts. Deliver toolkits, content, and Community sessions to engage Champions across multiple business units and Countries. Skills, Experience &

Qualifications:

Essential Proven experience in delivering Security awareness, human risk, or behavioural change programmes in medium-to-large organisations (1,000 Users). Strong understanding of Cybersecurity fundamentals, threat landscape, and common human-related risks. Experience designing training, Campaigns, and communication for diverse global audiences. Knowledge of awareness Platforms (e.g., KnowBe4, Proofpoint, Cofense, Hoxhunt, Cyb Safe, LMS Tools). Excellent communication, Storytelling, and stakeholder-influencing Skills. Strong data-driven mindset with ability to Create metrics dashboards and analyse behavioural trends.

Desirable Certifications such as: SANS Security Awareness (SSAP), CISSP, Security, or equivalent. Experience in multinational or Complex matrixed environments. Experience building Security Champions/Advocacy networks. Background in behaviour Science, learning & development, psychology, or communications. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at