Cyber Safety Awareness Consultant

Time Type: Full timeWorker Type: EmployeeAt QBE, our purpose is to give people the confidence to achieve their ambitions inside and outside of work. From development opportunities, to flexible work options and highly competitive reward and benefits packages, we understand the importance of living our values when it comes to our people. Everything we do at QBE is underpinned by our company’s cultural elements – because we know it's not just what we do that matters, it's how we do it that makes the difference.
This opportunity is responsible for embedding a cyber security-aware culture by ensuring QBE’s workforce has access to regionally-relevant, effective cyber security training and resources by creating and executing a regional cyber safety awareness strategy. Ensure QBE’s workforce effectively manages information security risks by keeping up-to-date of the changing cyber threat landscape and satisfying local regulatory obligations. Partner with the Divisional Information Security Officer to promote the Group Cyber Security team through stakeholder engagement and leverage influencing skills to support Technology and business outcomes.

• Conduct practical tests to assess regional employees’ awareness and susceptibility to cyber threats and provide reporting to various forums for Executive Leadership oversight
• Partner with Communications, Learning and Development, Risk & Compliance and Technology teams to deliver engaging cyber safety awareness resources for the QBE workforce, partners and customers
• Maintain high standards of service delivery to enable continuous improvement and effective response to stakeholder feedback
• Translate complex concepts into engaging and accurate written/verbal communication for a diverse range of audiences, including senior stakeholders
• Create high-quality, easy-to-understand resources and educational content that assists QBE’s workforce in understanding their role in managing information security risks
• Manage risk and meet policy and compliance requirements
• Develop and execute regional cyber safety strategy and ensure alignment with global strategy
• Produce regular management information to support Divisional Information Security Officer on all aspects of the cyber safety awareness program
• Support Divisional Information Security Officer through engagement and influence of technology and business stakeholders and provide training to high-risk employee groups
• Build and manage strong and effective relationships with business stakeholders and project teams to deliver services that meet stakeholder expectations
• Develop awareness of and participate in projects and other change initiatives where cyber safety awareness inputs are required to achieve defined outcomes and ensure safety risks are proactively managed
• Act as a point of reference to guide and advise others by sharing knowledge and best practice; promoting the team to develop the broader cyber security and IT functions

• Self management – ability to apply excellent attention to detail, have strong organizational skills and manage and deliver conflicting priorities
• Customer service – sound customer service focus, able to provide advice and recommendations to address customer needs or strategic business issues; supporting the implementation of any agreed actions
• Analytical and problem solving skills
• Actively undertake personal development to ensure up to date knowledge and skills
• Influence – ability to develop and leverage relationships to achieve the right outcome for QBE. Represents Group Cyber Security team in a range of internal and external forums
• Experience at managing and influencing relationships at senior level
• Communication – strong verbal and written communications. Ability to communicate clearly and concisely to a broad audience; translating technical information into business-relevant language

• Experience at managing and influencing relationships at a senior level
• Experience with large, complex organizational change and communications initiatives

• Membership in industry groups (e.g. security awareness, cyber threat, information security and privacy)

• Broad knowledge of regulatory requirements within the finance/insurance industry
• Understanding of information security risk and familiarity with current trends/developments
• Broad knowledge of industry best practice in security awareness
• Research and understand emerging cyber security threats and relevance to divisional business
• Broad knowledge of basic cyber security concepts

• We are accountable
• We are inclusive
• We are technical experts
• We are a team
• We are fast-paced
• We are courageous