Lead Cybersecurity Operations Specialist

Cybersecurity Awareness and Operations Lead

The Cybersecurity Awareness and Operations Lead will play a pivotal role in enhancing the organization's cybersecurity posture by leading strategic initiatives to foster a security-first culture across the enterprise.

This position involves overseeing Security Operations Centre activities, driving continuous improvement in threat detection and incident response, and designing awareness programs that educate employees, stakeholders, and partners on cybersecurity best practices.

The ideal candidate will collaborate with cross-functional teams to ensure SOC operations align with regulatory standards, audit requirements, and industry best practices.

• Strategic Program Development & Execution:
  • Develop a Comprehensive Cybersecurity Awareness Program: Design and implement an awareness program tailored to various internal audiences, incorporating engaging content and interactive elements to promote behavior change.
  • Standard Operating Procedures (SOPs) for SOC Operations: Develop and document SOPs for SOC operations while continuously refining processes to enhance efficiency and effectiveness.
  • Annual Awareness Calendar: Create an annual calendar of campaigns, phishing simulations, newsletters, security champions initiatives, and gamified learning to maintain a consistent security awareness effort.
  • Global Security Framework Alignment: Align awareness efforts with global security frameworks and regulatory requirements to ensure consistency and compliance.
• Content Creation and Communication:
  • Security Content Development: Create engaging, informative, and easily digestible security-related content for various audiences, including localizing content for cultural and regional relevance.
• Training:
  • Role-Based Security Training: Develop role-based security training that addresses the specific needs of each business unit and employee group.
  • Training Effectiveness Metrics: Monitor training completion rates and effectiveness using data analytics to identify areas for improvement.
• Phishing Simulations & Metrics:
  • Regular Phishing Campaigns: Design and manage regular simulated phishing campaigns across business units to test employee vulnerability to phishing attacks.
  • Phishing Simulation Results Analysis: Analyze and report campaign results, identify risky user groups, and implement targeted follow-ups or remediation training to improve overall security awareness.
• Regulatory Compliance:
  • Regulatory Framework Alignment: Ensure SOC operations remain compliant with evolving regulatory frameworks to avoid potential risks and penalties.
• Audit Management:
  • Security Audit Oversight: Lead and oversee security audits by ensuring SOC processes align with audit standards and effectively communicating findings and remediation strategies to stakeholders.
• Stakeholder Engagement & Culture Building:
  • Partnerships and Collaboration: Partner with business units, risk teams, HR, compliance, and IT to embed cyber risk awareness into business-as-usual processes.
  • Security Champions Network: Build and manage a network of security champions or ambassadors to promote security awareness and advocate for security best practices.
  • Senior Management Updates: Present updates to senior management, audit committees, and regulators as needed to maintain transparency and accountability.

Qualifications

• Bachelor's degree in information technology, cybersecurity, communications, or a related field.
• Certifications preferred: CISM, CISA, CompTIA Security, or similar.

Required Skills

• Cybersecurity knowledge: Understanding of core security principles, threat vectors, and controls.
• Communication expertise: Excellent verbal and written communication with a knack for simplifying complex topics.
• Campaign execution: Experience planning and running large-scale campaigns, events, or training rollouts.
• Analytical mindset: Ability to analyze data from phishing campaigns or learning platforms to improve programs.
• Stakeholder management: Effectively communicating across all organisational levels to ensure timely outcomes.
• Creativity & innovation: Brings fresh ideas to improve engagement and reach.