Information Security & Privacy Training Manager

Keen to become part of a truly global, collaborative team of professionals? Your journey begins here.

Job Title

Information Security & Privacy Training Manager

Department

Office of the General Counsel

Office Location

Birmingham or London

Reports To

Chief Information Security Officer

Working Hours

35 hours per week, 9:30am to 5:30pm but additional hours may be required.  We are happy to consider agile and flexible working patterns.  Our approach to hybrid working allows for up to 40% of time working from home and 60% working in the office, please contact a member of the recruitment team to discuss further.

Firm Description

Hogan Lovells is one of the leading global law firms.  Our distinctive market position is founded on our exceptional breadth of our practice, on deep industry knowledge, and on our 'one team' global approach.  Formed through the combination of two top international law firms, Hogan Lovells has over 40 offices in the Americas, Asia-Pacific, Europe, the Middle East and Africa. 

With a presence in the world's major financial and commercial markets, we are well placed to provide excellent business-oriented advice to our clients locally and internationally.  Our people are the key to our success, which is why we seek to recruit and retain the most talented individuals in all regions of our global practice.

In the UK Hogan Lovells has offices in Birmingham and London. The Birmingham office opened in 2015 and has a number of practice areas including Corporate/Commercial, Disputes, Finance and Real Estate, as well as our Legal Delivery Centre and Business teams. The office has recently trebled in size and moved into a new fitted out space in the Colmore Building.

Department Description

The General Counsels’ office is legal counsel to the firm. We are involved with all legal matters relating to conflicts, ethics, engagement terms and business intake; compliance with law and legal requirements in all of our jurisdictions; interactions with regulators; general firm policies; risk management and matters affecting the reputation of the firm; and legal issues in the business of the firm such as contracts and agreements.

Role Overview

The Information Security and Privacy Training Manager will:

(1) Identify and monitor security and privacy training needs within the organization;

(2) Create a strategic, global plan to measurably improve security and awareness within the firm and with targeted employee groups; and

(3) Design, plan, and implement security and privacy training programs, campaigns, policies, and procedures that fulfil those needs.

From time to time, the Manager will leverage content from vendors, but will also be responsible for developing our own curriculum, facilitate various virtual and in-person training workshops for executive audiences, and monitor the success of such programs. The Manager will build relationships, and both create and execute on campaigns to improve awareness and sophistication across the firm.

Key Responsibilities / Accountabilities

• Own, develop, and mature a global information security and privacy training and awareness program,

• Develop and implement security and privacy awareness program charter and strategy,

• Review existing training programs; suggest enhancements and modifications to improve engagement, learning, and retention,

• Ensure training materials and programs are current, accurate, and effective. Is able to create curriculum and deliver training across the organization,

• Manage the firm’s phishing simulation testing program Collaborates with vendors and third-party training providers to arrange employee registration for and participation in outside training programs,

• Ensures that training milestones and goals are met while adhering to approved training budgets,

• Conducts or facilitates required and recommended training sessions,

• Define ambitious measurable goals, objectives, and identify metrics and solutions that show impact and growth over time,

• Supports cross-functional collaboration to ensure projects are delivered according to agreed scope and budget,

• Perform other related duties as assigned,

• Specific duties or responsibilities may be reviewed from time to time to reflect changes in personnel and management structure, staff location or services.

Specific duties or responsibilities may be reviewed from time to time to reflect changes in personnel and management structure, staff location or services.

All members of the firm participate in our Responsible Business program.

Person Specification

Qualifications and Training

• Preference provided to individuals holding industry-relevant certifications (CIPP-E, CIPP-US, CISM, Security+, CISSP, etc),

• Education or training in executive education, professional development, corporate communications, or related areas preferred.

Skills & Experience

• Organized and detail-orientated,

• Strong executive presence, with an ability to moderate large, executive level meetings, both in person and virtually,

• At least five years’ experience in delivering, developing, and managing training development,

• At least three years’ experience in the cybersecurity / privacy fields,

• Experience in reviewing policies and requirements from the user perspective, providing a pragmatic approach to improving awareness,

• Experience with requirements gathering, analysis, and recommendations development,

• Experience in effectively communicating with both technical and non-technical roles,

• Experience with risk and issue management,

• Good organizational and time management skills; ability to be flexible and solve problems,

• Strong interpersonal skills, with the ability to build strong relationships with peers and executives,

• Strong project planning and management skills; ability to break down complex problems into manageable goals,

• Outstanding oral and written communication skills; with strong graphic design abilities,

• Knowledge of cyber security frameworks, such as NIST, ISO, MITRE, etc is desirable,

• Knowledge of privacy regulations, such as GDPR, HIPAA, CCPA, PIPL, etc, is desirable.

Agile Working Statement

Our goal is to embed flexibility across our business by giving everyone the opportunity to work in an agile way, whether as a regular pattern or on an ad hoc basis, and we will be happy to discuss this further.

Equal Opportunities Employment Statement

It is the policy of Hogan Lovells to provide equal opportunities for all employees in relation to recruitment, training and promotion.  Decisions in these areas will be made only by reference to the requirements of the job and shall not be influenced by any consideration of racial or ethnic origin, religion, sex , gender and gender identity, age, sexual orientation, marital and civil partnership status, pregnancy or disability.