Security Education and Awareness
Role overview
The role of Security Education & Awareness (SEA) is to develop and deliver measurable SEA Programmes, aimed at embedding the desired security behaviours to reduce human risk and strengthen the security culture of the organisation.
Role level
Typical role expectations
- Undertake scoping, development, implementation and evaluation activities within the SEA Programme.
- Support the delivery of SEA initiatives to help embed desired security behaviours and improve security culture.
- Support best practice across Government.
Typical role expectations
- Build an understanding of the threat and risk picture through available sources of data and insight to inform areas of focus.
- Engage with stakeholders to inform SEA product development and delivery to ensure their effectiveness.
- Lead the scoping, development, implementation and evaluation of a risk-informed and measurable SEA Programme.
- Lead the collection and dissemination of evidence to demonstrate the effectiveness of the SEA Programme.
Typical role expectations
- Accountable for the delivery of a risk-informed and measurable SEA Programme, setting the direction via the SEA Strategy.
- Provide oversight to monitor performance and embed continuous improvement through lessons learned.
- Champion the importance of SEA across Senior Leadership, influencing a positive culture that helps to increase engagement from all colleagues across the organisation.
- Ensure that the SEA programme is evidence-based and that the effectiveness of the programme is reported via a robust governance process, providing opportunities to seek investment.
- Champion best practice across Government.
Skills
| Skill | Associate | Lead | Principal |
|---|---|---|---|
| Protective Security | Working | Practitioner | Expert |
| Threat Understanding | Awareness | Working | Practitioner |
| Applied research | Awareness | Working | Working |
| Risk understanding | Awareness | Working | Working |
| Legal & Regulatory Compliance | Awareness | Awareness | Awareness |
Core learning
Associate
NPSA – Reducing Insider Risk
Risk Management for Non-Risk Professional
NPSA – Security Culture Digital Learning
Lead
LDR433: Managing Human Risk
NPSA – Security Culture Digital Learning
NPSA – Reducing Insider Risk
Principal
LDR521: Security Culture for Leaders
LDR433: Managing Human Risk
FOR578: Cyber Threat Intelligence