Information Security Manager - Awareness and Training

At Metro Bank, we believe the best banking experience starts with people who genuinely care. We’re not just delivering banking services - we’re building trust through authentic connections. Here, our people come first; our colleagues are part of a team that values individuality, collaboration, and long-standing relationships. We are also all about balance so most of our jobs offer the opportunity for hybrid working built around your role and home life, wherever possible.

What you will do

• Define and implement a global cyber security culture and awareness strategy aligned with organisational objectives.
• Act as a trusted advisor to senior leadership on human risk management and cultural transformation.
• Create and maintain an effective engagement programme for our clients and FANS to maximise the value of cyber security knowledge within Metro Bank.
• Establish measurable KPIs to track value, maturity and effectiveness of the roadmap and capability.
• Design a clear roadmap and deliver engaging security awareness programs, campaigns, and training tailored to different audiences.
• Ensure compliance with regulatory and industry standards for security training.
• Partner with HR, Communications, Technology, and other relevant teams to integrate security into onboarding, performance, and change initiatives.
• Influence senior leaders and business units to champion security culture.
• Identify human risk trends through phishing simulations, metrics, and incident analysis.
• Develop targeted interventions for high-risk groups and roles.
• Utilize modern tools (gamification, microlearning, AI-driven platforms) to enhance engagement.
• Stay ahead of emerging threats and adapt awareness programs accordingly.

And... we are a bank so risk is a part of everything we do. We love people who take responsibility, do the right thing for customers, colleagues and Metro Bank and have the ability to call out any concerns.

What you will need

• Proven experience in cyber security culture and awareness, culture change, or human risk management.
• Strong understanding of information security principles and frameworks (ISO 27001, NIST, etc.).
• Exceptional communication and influencing skills across all organisational levels.
• Ability to manage complex programs and budgets.
• Ability to develop run and maintain a security culture and awareness roadmap.

Our promise to you

We will make sure that you are well-rewarded by providing you with a competitive salary, discretionary annual bonus, and a wide range of benefits, including generous holiday allowance, attractive pension scheme, healthcare, life assurance, and a number of colleague discounts! We will give you the training to ensure you succeed in your role and plenty of internal opportunities to progress your career (around 40% of our recruitment comes from internal promotions!).

Diverse teams really are the best teams. We know that candidates (especially women, research tells us) may be put off applying for a job unless they can tick every box. We also know that ‘normal’ office hours aren’t always doable, and while we can’t accommodate every flexible working request we are happy to be asked. So if you are excited about working with us and think you can do much of what we are looking for but aren’t sure if you are 100% there yet… why not give it a whirl?

Please note that sometimes we may close a job earlier for applications if we are inundated with amazing candidates.. Good luck!