Security Awareness Specialist

ABOUT SOUTH32 
South32 is a globally diversified mining and metals company. Our purpose is to make a difference by developing natural resources, improving people’s lives now and for generations to come. We are trusted by our owners and partners to realise the potential of their resources.

PERTH OFFICE

South32’s corporate office is based in the heart of Perth’s CBD. The corporate office houses key functions including HR, Legal and External Affairs, Finance, Corporate Development, Investor Relations, Group Risk, and Technical. Our office is conveniently located a 5-minute walk from the Perth Underground Train Station.

WHAT SOUTH32 OFFERS

• Competitive salaries, including Short-Term Incentive Bonus
• Additional employer superannuation contributions which depend on the level of employee contributions you choose.
• Participation in the Employee Share Plan
• Flexible working arrangements and industry-leading parental leave and family care policy

ABOUT THE ROLE

The Opportunity – 9 months - Fixed term Position. This role will preferably be based at our office in Perth or Johannesburg. We understand and value the benefits flexibility brings and operate a hybrid work model (in the office and from home)

The Security Awareness Specialist will be responsible for fostering cybersecurity awareness within our organization through delivering a global awareness program comprising communications, training, and simulations. You will develop, execute, and continually optimize the awareness program and associated materials to ensure the adoption of cybersecurity best practices, increase awareness of cyber threats, and compliance with training materials.

Reporting to the Manager of Cybersecurity & Privacy and working closely with the Cybersecurity Team and broader Technology team, the key responsibilities are, but are not limited to:

• Continually assess the human risk level and compliance across South32, including behaviours that must change to mitigate risks
• Develop and manage the ongoing cybersecurity awareness program, planning up to 12 months in advance
• Deliver security awareness campaigns and communications, including but not limited to online and classroom training, content development, and targeted support for high-risk teams
• Manage phishing simulations, including administration of the phishing simulation platform
• Manage user-reported phishing, including triage and technical assessment of emails and threats, engagement with users, and purge or block actions in Exchange Online and Microsoft 365 Defender.
• Keep up to date on emerging cybersecurity threats and how they should be communicated to the business
• Engage external partnerships to enhance collaboration on cybersecurity and to obtain actionable cyber threat intelligence, which may be utilized through security awareness activities

ABOUT YOU 

• A demonstrated interest in cybersecurity
• Strong stakeholder engagement and communication skills and a portfolio of high-quality content (for example, learning content, blogs, branding campaigns)
• Experience in the design and delivery of training and awareness programs, stakeholder engagement, and communications activities
• Sound understanding of the contemporary cybersecurity risk and the threat landscape
• Experience with industry security awareness or phishing simulation platforms
• Experience in an operational Cyber Risk or Security Operations role is desirable

Qualifications for this position are:

• Bachelor’s degree in Cybersecurity, Technology, Business and/or related field, or equivalent in experience.

OUR CULTURE

At South32, our people are fundamental to our success. We’re focused on creating an inclusive workplace, with the right people in the right roles, who are engaged, empowered, and appropriately rewarded. We encourage applications from people of all backgrounds.

The job advert will close on 26th October 2023