Cybersecurity awareness analyst
who are we?
what will you contribute?
we are evolving the human risk management program, and this role is central to that transformation. As a cybersecurity awareness analyst, you will ensure the smooth execution of phishing simulations, manage awareness platforms, and support initiatives that strengthen security culture across the organization.
this is a hands‐on role with a clear trajectory: while your initial focus will be operational excellence, you'll have opportunities to leverage data‐driven insights, influence improvements, and contribute creative ideas for future awareness strategies. This role reports to the head of cybersecurity strategy & operations, with day‐to‐day guidance from the hrm program lead. You'll collaborate closely with cybersecurity leadership on high‐impact initiatives and have opportunities to expand your influence as the human risk management program matures. If you're passionate about reducing human risk and shaping a culture of security, this is your chance to make a meaningful impact.
key responsibilities
* execute phishing attack simulations, track and report metrics to leadership
* manage the security awareness training platform
* handle user inquiries and escalations, particularly repeat phishing failures
* support awareness campaigns such as newsletters, posters, and internal events
* assist with compliance reporting and audit preparation
* research and recommend engaging security awareness content
* utilize program data to identify trends and recommend improvements to reduce human risk
required qualifications
* 2‐4 years of experience in training administration or cybersecurity operations
* strong organizational skills and ability to manage multiple priorities
* ability to think like an attacker to design realistic phishing scenarios
* solid written, verbal, and presentation / communication skills
preferred qualifications
* certifications such as ssap, cissp, cism, security+, or sans security awareness credentials, demonstrating commitment to advancing in cybersecurity and human risk management
* hands‐on experience with phishing or hrm platforms showing readiness to optimize and innovate program delivery
* experience developing security awareness or training materials, indicating the ability to contribute to creative and impactful learning initiatives
benefits
* flexibility: enjoy unlimited vacation, based on your location and business priorities. Hybrid working arrangements, and inclusive policies such as paid time off for voting, bereavement, and sick leave.
* well‐being: access confidential one‐on‐one therapy through our employee assistance program, unlimited personalized coaching via our coaching app, and access to our gather groups for emotional and mental support.
* medical, life & disability insurance, retirement plan, lifestyle and other benefits
* esg: benefit from paid time off for volunteering and donation matching.
* career development: access online learning and accredited courses through our skills & career navigator tool.
* recognition: be part of our global recognition program, finastra celebrates, and contribute to regular employee surveys to help shape finastra and foster a culture where everyone is engaged and empowered to perform at their best.
* specific benefits may vary by location.
at finastra, each individual is unique, bringing their own ideas, thoughts, cultural beliefs, backgrounds, and experiences together. We learn from one another, embrace and celebrate our differences, and create an environment where everyone feels safe to be themselves.
be unique, be exceptional, and help us make a difference at finastra!
cybersecurity metrics analyst
as a cybersecurity metrics analyst, you will play a crucial role in ensuring the security and compliance of our organization. You'll be responsible for analyzing, measuring, and reporting on various security metrics to enhance our overall security posture. Your expertise will guide decision‐making and risk management efforts.
responsibilities
* passionate understanding and working knowledge of information security fundamentals and risk‐based approach to information security.
* understanding of end‐to‐end security metrics process including metrics collection, tracking and reporting, including ownership and responsibilities for each activity.
* define, develop, and implement cybersecurity metrics aligned with industry frameworks, such as nist csf, nist 800‐53, iso27001, pci and privacy.
* strong experience in developing automated tools used to calculate metrics and visualization tools for reporting.
* ability to analyze data using industry‐leading tools reporting, including the use of complex macros and scripts for reporting and data mining purposes from multiple sources.
* as directed, to identify, obtain, and cleanse suitable data, in a consistent and repeatable fashion, to design and produce reports and dashboards which provide insights into our organization's cybersecurity posture.
* collaborate with stakeholders to tailor metrics based on business objectives, risk appetite, and regulatory requirements.
* passion and expert skills in building elegant and interactive data visualizations of complex information, including drill‐down capability.
* advanced experience in the design and creation of security and compliance metrics and dashboards for senior management.
* advanced skills in microsoft powerpoint, publisher, and application development experience in one or more of the following environments: .net, cold fusion, lamp, etc.
* experience with scripting languages (python, perl, bash, php, etc.).
* strong information security industry background, including one or more security certifications (cissp, cism, cisa).
* solid understanding of security concepts.
qualifications
* bachelor's degree or equivalent experience, preferably with a technology and/or data analysis and visualization emphasis.
* expertise in data analysis and visualization using one or more of the following: microsoft power bi, tableau, alteryx, qliksense/qlikview, or similar.
* previous experience with it security standards and control frameworks is highly desirable.
* possession of relevant it and information security certifications such as sans, cissp, cisa, cism, or similar is a plus.
* experience in the manufacturing, information technology, or consulting industry is a plus.
preferred education
* bachelor's degree
preferred experience
* 5 years
skills: other
* analysis.
* assessment/evaluation.
* consulting.
* organization.
* problem identification and resolution.
skills: technology
* network administration reporting.
* network communications technologies.
* server security policies and procedures, access management.
* technical documentation.
cybersecurity data protection analyst
as the world around us becomes more connected and digital, there are increased opportunities for fraud and disruption due to cybersecurity attacks. The need for companies, products, and services to be secure is more important than ever in this constantly changing landscape.
are you passionate about keeping good people safe from bad actors? We are too! We are hp cybersecurity, and we are tasked with the security of the hp enterprise. As hp continues our digital transformation, the work of the cybersecurity professional is never complete and is always interesting. Come be a part of making a difference with us!
this position is a flexible full‐time remote working position with the expectation that the employee will be available when needed to join occasional meetings outside of core working hours.
what a cybersecurity data protection analyst does at hp
* gathers requirements, proposes solutions, implements new technologies and configurations to support change as the various data governance and protection programs mature.
* contributes to the continuous improvement and maturation of hp's data loss prevention tools and methods.
* creates and maintains comprehensive documentation for processes.
* monitors alerts and investigates possible policy violations or data loss events.
* knows the hp cyber policies and helps to direct employees to relevant policy language and/or acceptable technologies/processes.
* identifies, supports, trains and engages data protection champions as needed.
* assists in preparing training documentation and delivering training as needed.
* engages other teams in hp cybersecurity when needed, employing warm hand‐offs and developing strong partnerships.
* prepares and presents reports, communicates risk for inclusion in scorecards, and briefings as required.
* monitors industry cybersecurity threats, cybersecurity best practices, regulatory changes, corporate updates, and geo‐political changes impacting hp's security.
* advises on improvements to data handling procedures and applies good governance concepts.
individuals who thrive in this role at hp typically have
* bachelor's degree (preferably in a related area of study, or equivalent experience).
* 3‐5 years of relevant experience developing policy, reviewing data loss event alerts, and/or conducting investigations.
* technical cyber security certification through one of the recognized bodies a bonus: sans, isaca, (ics)2, comptia.
* solid working knowledge of industry frameworks and standards and best practices.
* results‐driven, strong analytical skills, ability to connect the dots to make better decisions.
* fluent in oral and written communications.
* able to work effectively in a team and with various stakeholders at various organizational levels.
* good responsiveness, organizational, and time management skills.
* proactive in seeking problem resolution.
about the team
the cybersecurity data protection team is a developing group of cyber security professionals who collaborate with all disciplines within cybersecurity as well as business and functional stakeholders as trusted advisors to effectively manage cyber security risks to the business.
knowledge & skills
* cybersecurity operations
* cybersecurity governance
* cybersecurity policies
* data analysis
* risk identification
* automation
* issue tracking
* security controls
cross‐org skills
* effective communication
* results orientation
* learning agility
* digital fluency
* customer centricity
#j-18808-ljbffr