Cybersecurity Awareness Consultant (REMOTE)
Client: United Nations
Application Deadline: ASAP
To apply for this position, please send your resume at email@example.com and mention the job title that you are applying for.
IdealStaffs Consulting is looking for a Security Awareness services to facilitate the execution of projects that are either internal to UN or externally done to provide service to a partner. The candidate must be flexible, able to work in a highly collaborative environment, prioritize across multiple competing tasks, and be able to complete tasks on time.
Under the direct supervision of Lead, Cyber security Governance:
Establish an Information Security Awareness strategy and Roadmap for UN and other Partner agencies.
Establish a calendar of Awareness activities and ensure timely execution
Produce general awareness eLearning on security and privacy awareness that can be made mandatory for all users.
Produce awareness eLearning for focused groups and risky user groups.
Produce awareness eLearning for executive management.
Develop phishing education use cases in line with the objectives of the awareness programme.
Operate the chosen phishing platform.
Deliver phishing exercises as a part of the ongoing awareness service.
Create an awareness metrics framework that can effectively measure the effectiveness of the awareness programme.
Provide quarterly awareness assessment reports to include phishing statistics and course completion metrics.
Perform other related duties and fulfil responsibilities as required.
Knowledge and Skills
Minimum of seven years’ experience in information security, risk management.
Experience in developing information security policies and procedures, as well as successfully executing programmes.
Ability to deliver complex communications in a simple, clear and concise manner to the various stakeholders within the organization that take into account individual different cultures and languages.
Expert knowledge of information security risks and the different elements that constitute risk.
Ability to operate commercial Information Security Awareness platforms (e.g. Knowbe4, ProofPoint, Terranova, Cofense, etc.)
Knowledge of different message distribution techniques to ensure end-users understand and continually apply the required behavioral change necessary to reduce the human factor’s risk.
Ability to understand technical and business aspects of IT risk, and to communicate those risks to management, business and technical units so that the organization can make informed decisions regarding appropriate levels of information security control.
Strong analytical and problem-solving skills.
Ability to act calmly and competently in high-pressure, high-stress situations.
Excellent written and verbal communication skills, interpersonal and collaborative skills.
High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity.
High degree of initiative, dependability and ability to work with little supervision.
Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT, etc.
Five years’ experience working in security awareness consulting engagements.
Project management skills and ability to manage multiple projects under strict timelines.
University degree (Bachelors’ degree) or equivalent experience in computer science, information systems, mathematics, statistics or related field.
Certifications like CISSP or similar
Ten (10) years or more of progressively responsible professional experience in information technology and/or related area, including at least five years (5) working in information security.
Experience in medium/complex size projects
Experience in working with Microsoft office tools and Microsoft Project.