ActiveJobs

Information Security Awareness Lead

Uniphar · CityWest Office

Full-timeOn-sitePosted 18 July 2026
Apply on Company Site →

Job description

Key Responsibilities: Security Awareness Programme Management Manage all aspects of the organisation’s security awareness training programme, including mandatory quarterly training for all employees. Own the security awareness roadmap and annual campaign calendar, ensuring coverage of key risks and regulatory expectations. Ensure awareness programme coverage across divisional and regional locations, including coordination of local delivery and site visits. Manage and administer the Proofpoint Security Awareness Platform, including:Training modules Phishing simulations Reporting and metrics Work with HRIS teams to deliver quarterly and ad‑hoc security training through Workday. Respond to and manage reported phishing emails via PhishAlarm, ensuring appropriate handling and feedback to users. Deliver monthly security awareness induction training for all new starters. Run regular awareness webinars, lunch‑and‑learn sessions, and other in‑person and virtual briefings. Select, deploy, and deliver role‑specific training for specialist job functions such as IT, Finance, HR, and other high‑risk roles. Run role‑specific awareness sessions, highlighting risks and attack scenarios relevant to specific job functions. Propose, design, and implement novel awareness initiatives (e.g. competitions, quizzes, games) to improve engagement and effectiveness. Phishing & Human Risk Testing Own and manage the phishing testing programme, including:Regular phishing simulations Analysis of results and trends Targeted follow‑up training for repeat failures Escalate risky user behaviour and repeat failures to line management in line with agreed processes. Work with SecOps and Incident Response teams to incorporate real‑world attack patterns into testing and training. Set up and manage restrictions on access to Uniphar resources for persistent failures Physical & Behavioural Security Audits Conduct physical USB testing (e.g. trojan USB drops) to assess user behaviour. Perform clean desk audits across office locations. Conduct unattended workstation locking audits and report findings. Use audit outcomes to inform targeted awareness campaigns and improvements. Awareness Communications & Campaigns Manage the Cybersecurity Intranet site, publishing regular security awareness updates and guidance. Design, procure, and distribute physical and digital awareness media, including:Posters Stickers Digital signage Deliver regular themed security awareness campaigns across all channels (physical media, desktop messaging, training modules). Lead the organisation’s October Security Awareness Month, including:Campaign planning Training Quizzes, games, and surveys Engagement reporting Metrics, KPIs & Continuous Improvement Produce regular metrics and reporting on:Training completion rates Programme reach Phishing simulation results Engagement and effectiveness Meet and report against defined KPIs for programme effectiveness. Conduct user surveys to gather feedback and measure awareness maturity. Incorporate survey results, metrics, and incident data into continuous programme improvements. Collaboration & Stakeholder Engagement Work closely with IT and SecOps to maximise delivery of security awareness messaging to end users, including:System notifications Pop‑ups and warnings Desktop backgrounds and banners Coordinate with divisional IT and communications teams to localise awareness delivery. Carry out divisional and regional site visits to distribute materials and deliver local workshops. Skills & Experience Essential Minimum of 5 years’ experience in IT, Information Security, learning development or related role Proven experience delivering security awareness, training, or behavioural risk programmes. Strong understanding of phishing, social engineering, and human‑centric cyber risks. Experience managing awareness platforms and learning delivery tools. Strong communication and presentation skills. Ability to engage effectively with both technical and non‑technical audiences. Please note that Uniphar is an equal-opportunity employer; we do not discriminate and welcome all responses. #uniphargroup

Verified and listed by ActiveJobs. Applications are made directly on Uniphar's own career page — we never sit in the middle.