Key responsibilities include:

• Project managing the research project process from initiation to completion,
• Conducting primary research with Members, e.g., interviews, online discussions, workshops and surveys,
• Conducting secondary (desktop) research to clarify information security business problems and identify potential responses,
• Synthesising and presenting complex data,
• Engaging directly with Members and a broad range of information security and risk  management experts to develop and validate insights,
• Synthesising research data to develop relevant and practical methodologies, processes and solutions,
• Leading weekly or biweekly quality circle discussions with colleagues to develop insights and thought leadership,
• Ensuring high level of engagement with Members using the online collaboration platform,
• Reporting weekly to the project management office on the project status, budget and risks,
• Writing high quality research reports (varying in length up to 60 pages), executive summaries and product launch materials,
• Working with the my clients design and publications team to produce reports with compelling infographics and layout
• Creating complementary deliverables to core reports (e.g., case studies, assessment tools),
• Developing and delivering education and training on research topics, using webcasts, webinars and at industry events

As part of a collaborative delivery team, you will also be required to:

• Peer review research outputs relating to other research projects,
• Present at Chapter meetings (at various international cities around the globe),
• Assist with the development and maintenance of the catalogue of research and tools products, including the Information Risk Analysis Methodology 2 (IRAM2) and the Standard of Good Practice for Information Security (SoGP),
• Assist with account management of the Members around the world,
• Execute other duties that support the business objectives (such as sales support).

About the role

This is an outstanding opportunity for someone who is a prolific reader, creative thinker, and enjoys collaboratively writing and developing thought leadership. There is occasional travel, and considerable exposure to the 400 global member organisations.

Essential requirements:

The candidate must have practical research, information technology, information security or consulting experience and demonstrate knowledge, skills and credentials in five areas.

1. Quantitative and qualitative data collection and synthesis

• Experience designing and conducting interviews, surveys and workshops to gather data
• Strong facilitation skills, able to lead large groups to develop and challenge ideas
• Experience analysing qualitative and quantitative data to identify key findings
• Ability to translate research findings into practical insights and recommendations

2. Structuring and writing research reports

• Experience writing substantial reports with logical structure leading to a conclusion
• Exceptional logical reasoning skills and ability to structure arguments based on evidence
• Exceptional writing skills, able to present arguments in a clear and compelling manner

3. Engagement with clients

• Experience engaging with senior managers and/or executives
• Strong verbal skills, with the ability to present complex ideas in a clear and simple way
• Experience working with or in large complex organisations

4. Project management

• Self-starter with experience initiating projects and successfully delivering through to completion
• Tenacious, with the ability to identify and pursue solutions through to a successful conclusion – delivering to time, cost and quality,
• Experience identifying delivery risks and resolving issues

5. Team working and collaboration

• Capable of taking initiative to solve problems with peers
• Experience leading delivery work in a multi-disciplinary team

Desirable requirements:

• Subject matter expertise in qualitative or quantitative research methods and techniques.
  Subject matter expertise in Cyber Security (information security).
• Knowledge of information risk management approaches (e.g., IRAM2).
• Knowledge of information security standards (e.g., ISO 27001, ISO 27005, ITIL, NIST Cyber Security Framework, PCI DSS and the Standard of Good Practice for Information Security)
• Operational experience in information technology (e.g., information risk assessment, information system architecture, IT security, systems development techniques, data or process modelling and threat modelling).
• Relevant security (e.g. CISSP, CISM, ITIL) or research accreditations (e.g. PhD, MBA)