Job Summary
Job Summary:
We are seeking a Level 3 Security Awareness Lead to design and drive enterprise-wide security awareness programs with a strong focus on anti-phishing simulations. The role involves strategy, governance, campaign design, and improving human risk posture across the organization.
Key Responsibilities
Key Responsibilities:
- Design and execute enterprise-wide phishing simulation campaigns
- Develop and manage security awareness training programs and content
- Define metrics (click rates, reporting rates) and measure program effectiveness
- Identify human risk trends and recommend improvements
- Customize phishing templates and attack scenarios to emulate real-world threats
- Integrate awareness programs with SOC, IR, and governance frameworks
- Conduct targeted training for high-risk user groups
- Manage vendor tools for awareness and phishing simulations
- Present reports and insights to senior leadership
- Mentor junior analysts and drive continuous improvement initiatives
Skill Requirements
Required Skills:
- Strong experience in phishing simulation tools and platforms
- Knowledge of social engineering attack techniques
- Experience in designing awareness campaigns and training modules
- Strong understanding of email security threats (phishing, spear phishing)
- Analytical skills to interpret user behavior and metrics
- Strong stakeholder management and presentation skills
Other Requirements
Good to Have:
- Experience with tools like Cofense, KnowBe4, Proofpoint
- Knowledge of security frameworks (NIST, ISO 27001)
- Awareness of SOC processes and incident response
Certifications (Preferred):
- SANS Security Awareness Professional (SSAP)
- CISSP / CISM
Soft Skills:
- Leadership and program management
- Excellent communication and storytelling skills
- Ability to influence organizational behavior
- Strong documentation and reporting skills