Summary
The role you would be accountable for is development and delivery of the Global AZ Cyber Security educational programme which includes developing engaging materials and messages, building an engaged and cyber award ambassador network and supporting the creation and communication of end user security policies aligned to IT Security strategy, broader IT strategies and the AstraZeneca business strategy.
The primary goal of which is to deliver a comprehensive cyber security education capability to the AZ business in an engaging and creative way through which there is a measurable and sustainable adoption of cyber security awareness leading to a positive culture change.
Additionally, you will be responsible for the delivery of an evidenced based metric and scoring framework to measure the success of the programme against culture change
Your role will be closely aligned to the IT Security organisation, Cyber Risk team and NIST programme and works closely with suppliers, vendors, industry peers and wider security enterprises to identify new Cyber Security education opportunities, communications and learning methodologies.
Typical Accountabilities
- You will be accountable for the creation and delivery of training materials for the purpose of growing the cyber security awareness of all AZ colleagues including where appropriate suppliers and collaborators.
- You will be responsible for consistent adoption of cyber security awareness training leading to a positive culture change.
- You will ensure materials are compatible with AZ brand and tools e.g. AZ LMS and co-ordinate resolution of user issues preventing access to training materials
- Be responsible for the development of an evidenced based metric and scoring framework to measure the success of the programme against culture change
- Responsible for education of colleagues (IT and business), customers and partners on the strategic importance of Cyber Security
- Work closely with IT Security Teams and the Cyber Risk Team to understand and prioritise human cyber risks
- You would engage with the wider AZ business beyond IT to understand specific and unique risks based on workstyle profile for different business areas and locations
- Represent AstraZeneca in key working groups and user groups to ensure AstraZeneca is remaining abreast of Cyber Security and Bio-Pharma regulations and directions.
- Maintain awareness of vendor and industry developments and standard methodologies and use this information to ensure AstraZeneca gains maximum value from existing services as well as using this to further refine the roadmap for Cyber Security as a Culture
- Develop and support an ambassador network of cyber security advocates to help reinforce cyber security messages and behaviours in the wider AZ business areas
- Support security incident response with messaging and additional awareness communications to AZ business
- Maintain an up to date security portal on Nucleus ensuring an informative easy to navigate security resource for AZ people
- Support the maturity and reporting against the NIST Control PR.AT-1
- Work reciprocally with key AZ IT and business areas to ensure knowledge and support to the programme messages and goals to and to secure feedback to continually craft and improve the direction and content of the programme
- You will be responsible for delivering evidence based metrics and scoring framework to measure the success of the programme against culture change
Education, Qualifications, Skills and Experience
Essential
- Excellent written, presentation and verbal skills with fluent English (written and verbal)
- Experienced in crafting global campaigns to support cultural change programmes in large global organisations
- Experienced in engaging global workforce through social media channels
- Experienced in developing learning and development content for diverse global audiences
- Ability to work cross-team in a global environment
- Proven track record of working with senior partners to deliver metrics and reporting and programme updates
- The ability to travel both domestically and internationally.
- Experienced in leading a programme budget and forecasting requirements
Desirable
- Experience of operating security standards / frameworks such as ISO27001, NIST 800-53.
- An understanding of the principles of security governance, risk and controls.
- Project or programme management experience
- Experience in working with data to validate risks and priorities
- Ability to seek out and build Innovative solutions with new suppliers and/or driving suppliers to propose and develop new innovative solutions.
- Experience and involvement with major IT Security transformation projects or programmes.
- Experience of developing and running Phishing simulation campaigns
- Adobe Creative software (Photoshop, Illustrator, Premiere, After Effects, Audition, InDesign, Animate ).
- Photography
- Content management system/Web Design
- Design infographics
- Design presentations & use of graphic elements to engage audiences
- Design of individual elements for Animators
Key Relationships to reach solutions
- Functional leadership
- IT Operational teams including Customer Facing IT & End User Services teams
- Cyber Security operational and leadership team members
- IT & Global Compliance teams
- HR & Saba Cloud Learning Management team for approval to use LMS and content compatibility
- Communications & Corporate affairs for compliant branding & tone of voice
- Procurement for 3rd party suppliers to the programme
- 3rd party Suppliers
- Security organisations and government bodies
- Other pharma organisations engaged in knowledge share (subject to approval)
Apply now to learn more about this exciting opportunity with a world renowned pharmaceutical brand!
AstraZeneca is an equal opportunity employer. AstraZeneca will consider all qualified applicants for employment without discrimination on grounds of disability, sex or sexual orientation, pregnancy or maternity leave status, race or national or ethnic origin, age, religion or belief, gender identity or re-assignment, marital or civil partnership status, protected veteran status (if applicable) or any other characteristic protected by law.
