Summary/Objective:
The Cybersecurity Awareness Analyst is responsible for developing, implementing, and managing a comprehensive security awareness program that reduces human risk and creates a security-aware culture across the organization. This individual leads the development and delivery of engaging training, communications, and awareness campaigns that influence positive changes in employee behavior.
Essential Responsibilities:
· Analyze the organization's threat landscape to identify and evaluate top human cybersecurity risks and the behaviors that need to change to mitigate those risks.
· Develop, review, implement, and maintain a cybersecurity awareness program that mitigates these human risks within the organization's operating environment.
· Collaborate with stakeholders across different departments, including IT, HR, Legal, and senior leadership to ensure alignment with business objectives and regulatory compliance requirements.
· Design and execute effective awareness training, communications, and marketing campaigns that resonate with different employee segments.
· Leverage diverse skills in training, instructional design, internal communications, marketing, and creative design to develop engaging and effective content.
· Utilize storytelling, analogies, current events, and relatable examples to connect with employees on an emotional level and emphasize the personal relevance of security practices.
· Explore innovative training approaches, such as gamification, interactive simulations, escape rooms, and partnerships with security awareness vendors, to enhance engagement and knowledge retention.
· Target specific user behaviors and develop training that provides practical skills and knowledge to handle real-world security scenarios.
· Continuously assess the effectiveness of awareness campaigns by establishing and managing a metrics framework that measures employee behavior, compliance, and program impact.
· Regularly review metrics, gather employee feedback, and iterate on existing campaigns to ensure ongoing improvement and relevance.
· Prepare and present program status reports to senior leadership, highlighting successes, challenges, and recommendations for future initiatives.
· Go beyond simple awareness and actively shape a positive security culture within the organization where security is a shared priority.
· Promote a culture of security awareness by regularly communicating security messages and updates through various channels.
· Collaborate with HR and senior leadership to incorporate security goals into performance reviews and recognize and reward employees who demonstrate secure behaviors.
Establish a formal network of "security culture carriers" or "ambassadors" who champion security values within their departments and provide feedback to the Security Awareness Training Leader.
Qualifications:
· Bachelor's degree in cybersecurity, education, marketing, communications, or a related field.
· Proven experience developing and implementing successful security awareness training programs, preferably in a corporate environment.
· Strong understanding of cybersecurity principles, best practices, and current threats.
· Excellent communication, presentation, and interpersonal skills with the ability to engage and influence diverse audiences.
· Experience with project management, including planning, budgeting, execution, and reporting.
· Familiarity with security awareness training tools, learning management systems (LMS), authoring tools, and other training delivery platforms.
· Passion for security awareness and a strong desire to make a difference in organizational culture.
· Fluency in Spanish is a plus.