Security Awareness Lead

Job Title: Security Awareness Lead

Reporting to: International CISO

Direct Reports: N/A

Position Type: Full Time Permanent

Why Tokio Marine HCC

Standing still is not an option in the current world of Insurance. TMHCC is one of the worlds leading Specialty Insurers. With deep expertise in our chosen lines of business our unparalleled track record and a solid balance sheet TMHCC evaluates and manages risk like no one else in the industry. Looking beyond profit empowering our people and delivering on our commitments are at the core of our customer values along with a desire to grow and provide creative and innovative solutions to our clients.

About Operations

Operations sits at the heart of TMHCC we ensure the smooth running of all business processes from policy administration and claims handling to data technology and delivery. We focus on driving efficiency which enables our teams across the business to deliver exceptional results every day. Our value statement: Ops makes it happen.

Operations is made up of 7 functions this role sits within: IT

We are the foundation for TMHCCs success - enabling the business to grow compete and innovate through technology security and solution design. From shaping strategy to delivering resilient operations we ensure every capability is aligned to business value. Our inclusive and collaborative culture empowers everyone to explore ideas solve meaningful challenges and build fulfilling careers that make a real impact.

Job Purpose:

To lead and evolve TMHCC Internationals security awareness and culture programme embedding a strong human-centric security mindset across the organisation. Reporting to the CISO for International you will define and deliver a comprehensive awareness strategy that reduces human risk improves security behaviours and supports compliance with regulatory and internal security requirements. You will work closely with business HR technology and risk teams to ensure security awareness is engaging measurable and aligned to organisational priorities.

Key Responsibilities:

• Define and deliver a global security awareness and culture strategy aligned to TMHCC Internationals risk profile and business objectives.

• Design and implement targeted awareness campaigns training programmes and initiatives to address key human risks (e.g. phishing social engineering data protection).

• Lead the phishing simulation programme including scenario design execution reporting and continuous improvement.

• Develop role-based and risk-based training tailored to different user groups including senior leadership and high-risk populations.

• Collaborate with HR Communications and Learning & Development teams to embed security into onboarding training and employee lifecycle processes.

• Establish and maintain a network of security champions to promote security awareness and good practices across the organisation.

• Measure programme effectiveness through metrics behavioural insights and reporting driving continuous improvement.

• Provide regular reporting to the CISO and senior stakeholders on human risk awareness maturity and programme impact.

• Ensure alignment with regulatory requirements and internal policies related to security training and awareness.

• Stay current with emerging threats and awareness best practices incorporating innovative approaches to engagement and behaviour change.

Performance Objectives:

• Deliver a measurable and effective security awareness programme that demonstrably reduces human-related security risk across TMHCC International.

• Improve employee engagement and security behaviours through targeted role-based training and awareness initiatives.

• Provide clear data-driven reporting on programme effectiveness supporting risk visibility and informed decision-making at senior levels.

Skills and Experience Specification:

Essential:

• Demonstratable experience in security awareness information security risk or related roles with a focus on human risk or behavioural change.

• Proven experience designing and delivering security awareness programmes in a global or enterprise environment.

• Strong understanding of common cyber threats including phishing social engineering and insider risk.

• Experience running phishing simulation platforms and interpreting results to drive improvements.

• Familiarity with learning management systems (LMS) and awareness platforms (e.g. KnowBe4 or similar).

• Ability to design engaging training and communication materials for diverse audiences.

• Experience defining and tracking metrics to measure awareness effectiveness and behavioural change.

• Strong stakeholder management skills with the ability to influence across all levels of the organisation.

• Excellent communication and presentation skills with the ability to convey security concepts in a clear and engaging way.

Desirable:

• Experience within financial services or other regulated industries.

• Knowledge of behavioural science or human risk management approaches.

• Relevant certifications (e.g. CISSP CISM).

• Experience building and managing security champion networks or community-led initiatives.

What We Offer

The Tokio Marine HCC Group of Companies offers a competitive salary and employee benefit package. We are a successful dynamic organization experiencing rapid growth and are seeking energetic and confident individuals to join our team of professionals.

The Tokio Marine HCC Group of companies is an equal opportunity employer. Please visit for more information about our companies.

#LI-PS1