Cyber Security Training and Awareness Specialist

at  UK Power Networks

Reference Number - 79374
This Cyber Security Training and Awareness Specialist will report to the Cyber Security Architecture Manager and will work within the Information Systems directorate based in either our Ipswich, Crawley or London office. You will be a permanent employee.
You will attract a salary of £49,000.00 and a bonus of 7.5%. This role can also offer blended working after probationary period (6 months) - 3 days in the office and 2 remote
Close Date: . 07/08/2024
We also provide the following additional benefits
25 Days Annual Leave plus bank holidays
Personal Pension Plan – Personal contribution rates of 4% or 5% (UK Power Networks will make a corresponding contribution of 8% or 10%)
Tenancy Loan Deposit scheme
Tax efficient benefits: cycle to work scheme
Season ticket loan
Occupational Health support
Switched On – scheme providing discount on hundreds of retailers products.
Discounted access to sports and social clubs
Employee Assistance Programme.

QUALIFICATIONS:

Work experience: experience developing and delivering cyber security training and awareness programs, preferably in a large organization.
Instructional Design and Development: The ability to apply the principles and methods of instructional development to create engaging cyber security learning materials and activities, such as courses, modules, videos, games, simulations, quizzes, etc.
Training Delivery and Facilitation: deliver and facilitate cyber security training and awareness sessions using multiple modes and platforms, such as face-to-face, online, synchronous, asynchronous, etc., and to adapt to the needs and preferences of different learners and groups.
Communication and Presentation: The ability to present complex and technical cyber security information in a compelling way, using appropriate language, tone, and visuals, and to tailor the message to the audience and the context.
Stakeholder Management and Collaboration : The ability to collaborate with multiple partners, such as management, IT, HR, legal, compliance, etc., to align the cyber security training and awareness objectives with the organizational goals and policies, and to obtain their support and feedback.
Evaluation and Improvement: The ability to evaluate the effectiveness of the cyber security training and awareness programs, using different methods and metrics, such as surveys, tests, interviews, observations, etc., and to use the results to improve the development of the programs.
Certifications : A bachelor’s degree in cyber security, information technology, education, communication, or related field, or equivalent work experience.
Cyber Security Frameworks : Working knowledge of Cyber Essentials, ISO27001:2022, CSA Cloud Controls Matrix, NCSC CAF and GDPR, is important to ensure that data is being managed in a compliant manner.
Health & Safety Responsibilities
Managers and supervisors carry both legal and company responsibilities for ensuring the health and safety of their employees, those under their control and those who might be affected by the work undertaken, i.e. public, visitors and employees of other organisations. This includes briefing individuals working for them and ensuring there is the necessary understanding, competence and application of requirements to work safely and without harming the environment.
Employees will ensure they understand the health and safety risks involved in their work activities and their responsibility to apply the controls needed to manage those risks to acceptable levels. Similarly where work activities can have an adverse impact upon the environment, and where there are legal requirements, employees will understand those impacts and the controls they must ensure are applied.
If in doubt ask!
We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace

JOB PURPOSE:

You will develop and deliver cyber security education and awareness programs for UK Power Networks. Collaborate with the Cyber Security, Information Systems Teams, and partners to identify the training and awareness needs, design and implement solutions, and measure the impact and outcomes of the programs. The Cyber Security Training and Awareness Specialist will also promote a culture of cyber security awareness and best practice to all UK Power Networks employees, customers, and partners of the organisation.

PRINCIPAL ACCOUNTABILITIES:

Ensure highest standards of safety are applied across all responsibilities.
Develop the cyber security training and awareness roadmap that aligns with UK Power Networks goals, visions, and strategic goals.
Create engaging and interactive cyber security training and awareness content and materials, such as e-learning modules, webinars, workshops, newsletters, posters, videos, games, quizzes, etc.
Conduct regular assessments and surveys to evaluate the effectiveness and satisfaction of the cyber security training and awareness programs and provide feedback and recommendations for improvement.
Report on the progress and performance of the cyber security training and awareness programs and ensure compliance with the relevant standards.
Research and stay updated on the latest cyber security trends, threats, and best practices, and incorporate them into the training and awareness programs.
Collaborate with all partners, such as management, IT, HR, legal, vendors, customers, and partners, and solicit their input and support for the cyber security training and awareness programs.
Participate in cyber security events and projects, such as awareness campaigns, webinars, conferences, etc., and represent UK Power Networks as a cyber security advocate and expert.
Develop role-based Cyber Security Training for the Cyber Security Team, covering cyber operations, architecture, governance risk and compliance and testing. Maintain the cyber security skills matrix to inform the role-based training requirements.