Summary/objective:
the cybersecurity awareness analyst is responsible for developing, implementing, and managing a comprehensive security awareness program that reduces human risk and creates a security-aware culture across the organization. This individual leads the development and delivery of engaging training, communications, and awareness campaigns that influence positive changes in employee behavior.
essential responsibilities:
· analyze the organization's threat landscape to identify and evaluate top human cybersecurity risks and the behaviors that need to change to mitigate those risks.
· develop, review, implement, and maintain a cybersecurity awareness program that mitigates these human risks within the organization's operating environment.
· collaborate with stakeholders across different departments, including it, hr, legal, and senior leadership to ensure alignment with business objectives and regulatory compliance requirements.
· design and execute effective awareness training, communications, and marketing campaigns that resonate with different employee segments.
· leverage diverse skills in training, instructional design, internal communications, marketing, and creative design to develop engaging and effective content.
· utilize storytelling, analogies, current events, and relatable examples to connect with employees on an emotional level and emphasize the personal relevance of security practices.
· explore innovative training approaches, such as gamification, interactive simulations, escape rooms, and partnerships with security awareness vendors, to enhance engagement and knowledge retention.
· target specific user behaviors and develop training that provides practical skills and knowledge to handle real-world security scenarios.
· continuously assess the effectiveness of awareness campaigns by establishing and managing a metrics framework that measures employee behavior, compliance, and program impact.
· regularly review metrics, gather employee feedback, and iterate on existing campaigns to ensure ongoing improvement and relevance.
· prepare and present program status reports to senior leadership, highlighting successes, challenges, and recommendations for future initiatives.
· go beyond simple awareness and actively shape a positive security culture within the organization where security is a shared priority.
· promote a culture of security awareness by regularly communicating security messages and updates through various channels.
· collaborate with hr and senior leadership to incorporate security goals into performance reviews and recognize and reward employees who demonstrate secure behaviors.
establish a formal network of "security culture carriers" or "ambassadors" who champion security values within their departments and provide feedback to the security awareness training leader.
requirements:
qualifications:
· bachelor's degree in cybersecurity, education, marketing, communications, or a related field.
· proven experience developing and implementing successful security awareness training programs, preferably in a corporate environment.
· strong understanding of cybersecurity principles, best practices, and current threats.
· excellent communication, presentation, and interpersonal skills with the ability to engage and influence diverse audiences.
· experience with project management, including planning, budgeting, execution, and reporting.
· familiarity with security awareness training tools, learning management systems (lms), authoring tools, and other training delivery platforms.
· passion for security awareness and a strong desire to make a difference in organizational culture.
· fluency in spanish is a plus.