Security Culture & Awareness Analyst

Job Posting Organization:
The European Bank for Reconstruction and Development (EBRD) is an international financial institution that was established in 199

• Its mission is to promote the transition to open market-oriented economies and to foster private and entrepreneurial initiative in countries from Central Europe to Central Asia and the Southern and Eastern Mediterranean. The EBRD operates in over 30 countries and employs a diverse workforce of approximately 2,000 employees. The organization is committed to sustainability, equality, and digital transformation, and values diversity as one of its core principles.

Job Overview:
The security" style="border-bottom: 1px dotted #007bff !important;">Security Culture & Awareness Analyst position is designed to support the delivery of security awareness and change initiatives throughout the organization. The role involves developing and delivering training materials, awareness activities, and communications that clarify cyber security concepts for employees. The analyst will work closely with senior team members and stakeholders to contribute to campaigns that promote positive security behaviors and facilitate the adoption of new security processes and tools. This position offers an excellent opportunity to gain experience in security culture, change management, and communication, while playing a crucial role in embedding good security practices into the organization's daily operations. The analyst will also assist in analyzing human-related security risks, gathering feedback, and tracking metrics to evaluate the effectiveness of security initiatives and identify areas for improvement, thereby enhancing the organization's overall security posture and resilience.

Duties and Responsibilities:
The duties and responsibilities of the Security Culture & Awareness Analyst include supporting collaboration with various teams to understand upcoming changes and document key impacts and messages. The analyst will assist in assessing change impacts and potential adoption challenges, contributing to change and communication plans under guidance. Building and maintaining relationships with business contacts to support security culture and awareness initiatives is essential. The analyst will measure the effectiveness of security culture and awareness activities by collecting data, tracking engagement, and preparing reports. Additionally, the analyst will contribute to the delivery of adoption and change activities to ensure effective use of security tools and processes across the organization. Responsibilities also include assisting in the development of training materials and user-friendly documentation, delivering training sessions, webinars, and briefings for end users, preparing content for communication channels, and supporting T-minus communications and readiness activities. The analyst will also assist in organizing and facilitating workshops and meetings, capturing feedback and actions, and acting as a point of contact for security culture and awareness communications.

Required Qualifications:
The position requires a foundational understanding of change management principles and an interest in their application within technology or security initiatives. Candidates should have some experience supporting user adoption of new tools, processes, or ways of working. Basic experience in creating training or communication materials, such as presentations and guides, is necessary. The analyst should be comfortable supporting workshops, meetings, or training sessions with guidance from more experienced colleagues. Strong written and verbal communication skills are essential, along with the ability to work collaboratively with a range of stakeholders. Typically, candidates should have 1-2 years of experience in roles involving change, communications, training, or technology support, including graduate or early career roles. Exposure to working with IT, security, or business teams is desirable but not essential.

Educational Background:
Candidates should possess a degree or equivalent experience in Business, Communications, Change, Technology, or a related field. Awareness of formal change management frameworks, such as Prosci or ADKAR, is desirable but not required. An interest in cyber security, human risk, or organizational behavior, along with a willingness to learn and develop in this area, is also important.

Experience:
The position typically requires 1-2 years of experience in a role that involves change management, communications, training, or technology support. This can include graduate or early career roles, and while exposure to IT, security, or business teams is beneficial, it is not a strict requirement.

Languages:
The job does not specify mandatory languages, but proficiency in English is likely essential given the international nature of the organization. Additional languages may be considered an asset, particularly those relevant to the regions in which the EBRD operates.

Additional Notes:
The contract for this position is fixed-term for a duration of 2 years. The EBRD promotes a flexible working environment, expecting employees to attend the office 50% of their working time. The organization encourages applications from qualified candidates who are nationals of EBRD member countries, regardless of their racial, ethnic, religious, or cultural background, gender, sexual orientation, or disabilities. Due to the high volume of applications, the EBRD may not provide detailed feedback to candidates who are not shortlisted.