Cyber Human Factors Manager

As a member of the Information Security team, you will design and operate a framework and methodology to manage risks related to cyber security human factors and behaviour, manage the lifecycle of Information Security policies, and gather metrics that enable decision-making on cyber behaviours and culture, reporting to the Canopius Group CISO.

This role is crucial for ensuring that cybersecurity efforts within the organisation are aligned with human behaviour and organisational culture, ultimately strengthening the overall security posture.

Responsibilities will include:

Policy Development:

• Develop and maintain policies related to human factors in cybersecurity, aligning with NIST Cybersecurity Framework guidelines.


• Ensure policies are comprehensive, up-to-date, and effectively communicated throughout the organisation.


• Collaborate with legal and compliance teams to ensure policies meet regulatory requirements.


Training and Awareness:

• Design, implement, and manage cybersecurity training programs targeting employees at all levels of the organisation.


• Operate Defensive phishing campaigns and other human factors security testing activities.


• Develop engaging training materials and resources to promote awareness of cybersecurity best practices.


• Coordinate with departmental heads to tailor training programs based on specific job roles and responsibilities.


• Monitor training effectiveness and continuously improve training methodologies based on feedback and evolving threats.


Cyber Metrics:

• Define key metrics to assess human behaviour and cybersecurity culture within the organisation.


• Implement methodologies to collect and analyse data related to cybersecurity incidents, employee compliance, and adherence to security policies.


• Generate regular reports and dashboards to provide insights into trends, vulnerabilities, and areas for improvement.


• Collaborate with IT and security teams to integrate behavioural metrics into overall cybersecurity risk assessments.


Cross-Functional collaboration:

• Identify human-related cybersecurity risks and vulnerabilities within the organisation.


• Develop strategies to mitigate risks through a combination of technology, policy, and training interventions.


• Conduct regular risk assessments and audits to evaluate the effectiveness of mitigation efforts.


• Provide recommendations for improvements based on risk assessment findings.


• Work closely with IT, HR, Operational Resilience, Governance, and other relevant departments to integrate human factors considerations into cybersecurity initiatives.


• Collaborate with incident response teams to analyse human-related factors contributing to security incidents and breaches.


• Participate in cross-functional projects to ensure cybersecurity requirements are adequately addressed from a human perspective.
  
  Bachelor's degree in cybersecurity, psychology, human factors, or related field, or demonstrable equivalent knowledge. Advanced degrees (MSc or equivalent) will be taken into consideration.


• Proven experience in cybersecurity, with a focus on human factors, behaviour analysis, or organisational psychology.


• In-depth knowledge of the NIST Cybersecurity Framework and other relevant industry standards.


• Strong understanding of human behaviour, cognition, and decision-making processes in the context of cybersecurity.


• Experience developing and implementing cybersecurity policies and training programs.


• Proficiency in data analysis and the ability to derive insights from complex datasets.


• Excellent communication and interpersonal skills, with the ability to engage with stakeholders at all levels of the organisation.


• Desirable to have relevant certifications such as CISSP, CISM, or CIPM.


• Ability to work with little supervision and collaboratively in a fast-paced environment.
  
  Canopius is a global specialty lines (re)insurer. We are one of the leading insurers in the Lloyd's of London insurance market with offices in the UK, US, Singapore, Australia and Bermuda.


At Canopius we foster a distinctive, positive culture which enables us to bring our whole selves to work to flourish as people, and build a business which delivers profitable, sustainable results.

Based in incredible new offices in the heart of the City of London, Canopius operates a flexible, hybrid working model and is committed to providing an environment that challenges employees to be their best and where everyone's unique contributions are recognised, valued and respected.

We offer all employees a comprehensive benefits package that focuses on their whole wellbeing. This includes hybrid working, a competitive base salary, non-contributory pension, discretionary bonus, insurances including health (family) and dental cover, and many other benefits to enhance financial, physical, social and psychological health.