Cyber Security Threat Awareness Expert

This is a remote position.

Job Title: Cybersecurity Threat Awareness Expert

Job Type: Contract; FullTime

Location: Canada (Remote)

About the Company:

Our client is a Crown corporation dedicated to helping and equipping Canadian companies with trade knowledge financial solutions equity insurance connections and to grow their business with confidence in global markets.

Position Summary:

The Cybersecurity Threat Awareness Expert services will play a pivotal role in enhancing Our client s security posture by developing and implementing a strategy to improve desired cybersafe behaviors as well as threat awareness and detection skills. The Cybersecurity Threat Awareness Expert services will lead the planning execution monitoring reporting operational and change initiatives under the Training & Awareness work stream.

Responsibilities:

• Oversees the execution of the phishing awareness program which includes allstaff and targeted simulated phishing campaigns.
  

• Runs the phishing awareness consequence management framework designed to improve an Our client employee s ability to detect and report phishing threats.
  

• Maintain phishing tools used at Our client perform admin role for Microsoft Attack Simulator.
  

• Address inquiries and triage emails coming to our Phishing inbox (daily).
  

• Research/plan and deliver content for ongoing cybersecurity awareness communications e.g. Cyber Tips (weekly) Yammer posts.
  

• Create engaging and interactive awareness materials including onboarding modules workshops scripts tip sheets/job aids short videos reports and simulations to effectively educate employees on cybersecurity best practices.
  

• Plan/organize and support the execution of cyber awareness events (quarterly basis). Support the development and rollout of Our client s annual cybersecurity awareness mandatory training.
  

• Stay abreast of the latest cybersecurity threats trends and technologies to continuously enhance cybersecurity awareness content.
  

• Collaborate with crossfunctional teams to reinforce desired behaviors and tailor awareness content based on specific roles and responsibilities within the organization (e.g. Finance HR Help Desk Product Owners).
  

• Conduct regular cybersecurity awareness assessments to measure the effectiveness of initiatives and identify areas for improvement.
  

• Act as a subject matter expert on cybersecurity matters providing guidance to internal stakeholders and contributing to the development of security policies and procedures.
  

• Define people change management approach to roll out security guidelines reduce risky behaviors and/or in support of cybersecurity led technical changes.
  

• Update training and awareness/phishing metrics (monthly) maintain AgilePlace board (tool we use as part of the agile methodology) team process documents including maintaining the content on the Cybersecurity Awareness Hub.
  

• Identify and evaluate risks issues dependencies and constraints escalating where appropriate.
  

• When necessary develop agree on and implement solutions to overcome these.
  

• Act as backup for phishing investigation/triage in Defender dashboard (manage/triage items reported direct from outlook/report message feature as back up for SOC resource).
  

Other Activities:

• Maintains team operational processes team SharePoint site (internal and external portal).
  

• Supports the planning and execution of team continuous improvements leading introduction of new processes and tools required to support cyber program (focus on change management communication activities).
  

• Leads and participate in troubleshooting sessions to find the root cause of issues and provide quick workarounds and timely resolutions within the defined team SLAs.
  

• Plans facilitates and documents team retrospectives/lessons learned that convey the results of events and/or exercises.
  

• Supports the collection measurement and analysis of key data related team operations cybersecurity metrics KPIs and KRIs and do reporting that is timely accurate consistent complete and relevant for providing comprehensive information for strategic cybersecurity management decisions.
  

• Completes benchmark on security services act as an advocate sharing knowledge on cybersecurity industry leading frameworks (i.e. NISTCSF).
  

Requirements

Specific Project Requirements:

• Bachelors or advanced degree in Cybersecurity Information Technology or a related field.
  

• 7 years experience in communication people change management or related field.
  

• Proven experience in leading and delivering cybersecurity awareness programs.
  

• Strong understanding of cybersecurity principles risk management and compliance standards.
  

Skills:

Top Skills Required:

• Analytical thinking and problem solving strong current state analysis stakeholder management process development ideally working in cyber domains.
  

• Strong experience on planning/tracking cyber change initiative and/or understand of Cyber hygiene.
  

• Excellent communication skills on English languages is required (verbal and written).
  

• Ability to influence stakeholders at all levels of the organization and manage crossteams dependencies.
  

• Expert knowledge on preparing and delivering presentations for business and executive level.
  

• Excellent meeting facilitation skills.
  

• Highly motivated and effective working independent (minimal guidance).
  

• Personal agility and organizational skills.
  

• Expert user of PowerPoint Excel Power BI Visio and other document creation/editing and team collaboration tools.
  

• Ability to quickly research (subjects outside of current scope of experience) and plan and execute tactical and strategic activities.
  

Other Skills Assets Required:

• Microsoft Attack Simulator phishing tools.
  

• Knowledge of Cybersecurity industry leading frameworks (i.e. NISTCSF) policies and privacy principles.
  

• Hands on experience on Business process maps requirements gathering and leading technology change.
  

• Handson experience with leading people change management.