Salary: £100,000 - 100,000 per year Requirements: Proven experience in cyber security awareness, culture, or behavioural change programs within a large, complex organisation. Proven track record of working with senior partners to deliver metrics and reporting and progress updates. Strong understanding of human risk factors and security best practices. Excellent written, presentation and verbal skills with fluent English (written and verbal). Articulate and effective communicator across a range of formats, able to convey complex topics with ease to a variety of audiences and persuade others of the importance of security. Build excellent relationships, credibility and influence easily with people at different levels, working to persuade them of the need to work with security in-mind. (Desirable) Experience of working in a federated environment. (Desirable) Experience of operating security standards / frameworks such as ISO27001, NIST 800-53, NIS2. (Desirable) Experience and involvement with major Cyber Security transformation projects or programmes. Responsibilities: Define and own the long-term strategy for cyber security culture, ensuring alignment with business objectives, regulatory requirements, and industry best practice. Establish a clear roadmap for cultural maturity and embed security as a core value. Monitor and assess cultural maturity through surveys, KPIs, and behavioural metrics. Identify gaps and implement initiatives that strengthen security behaviours and reduce human risk. Champion best practices and foster collaboration between security teams and business units. Promote a high-performing, collaborative, and values-driven environment within and across the security teams. Develop initiatives that improve team engagement, communication, and alignment with the security vision. Act as a role model for cultural leadership within the security function. Plan, coordinate and facilitate Group Cyber Security (GCS) team meetings. Develop high-quality, impactful content for internal audiences, including executive communications, presentations, and thought leadership pieces. Ensure messaging reflects the Groups security vision, priorities, and cultural objectives. Collaborate with corporate communications to maintain consistency and clarity in all security-related messaging. Partner with Global Cyber Security peers to ensure cultural initiatives complement technical controls, risk frameworks, and strategic priorities. Work closely with the Cyber Transformation Programme and BTS to deploy phishing simulation campaigns and implement tools that uplift cyber culture. Align cultural objectives with broader security programmes to deliver a unified and effective security posture. Build strong relationships with senior leaders, divisional business units, and functional teams to influence and embed security culture. Represent the Group in relevant forums, working groups, and industry networks to share insights and adopt best practices. Define KPIs and success metrics for cultural initiatives and report progress to the CISO and senior leadership. Use data-driven insights to refine strategies and demonstrate measurable improvements in security culture. Technologies: Support Security More: We are transforming the way cyber security risk is managed across our organization. Our mission is to create a security-first mindset within our global, diverse workforce. The Cyber Security Culture Manager will play a vital role in setting the vision for cyber security culture, embedding security as a core value, and shaping behaviours that protect our people, processes, and assets. We offer a collaborative environment where continuous improvement and engagement are paramount, providing a unique opportunity to shape the future of security culture. With support from senior leaders and a focus on measurable improvements, we strive to ensure every colleague feels empowered to navigate cyber threats confidently. last updated 13 week of 2026