Cybersecurity Awareness Lead

About The Position

Requirements

• BA or MA in Communications, Marketing, Psychology, or a related field (or relevant experience in these areas)
• 5+ years of relevant work experience, preferably in similar roles and/or either Communications, Marketing, or related fields
• Demonstrable experience in technical training or adult education
• Excellent analysis/troubleshooting skills, able to solve problems efficiently
• Excellent communication skills; feels comfortable working with non-technical business partners
• Work with production support and project consultants in an onshore / offshore model
• Able to prioritize and execute tasks in a high-pressure environment
• Solid knowledge of industry best practices
• Knowledgeable as to IT security concepts, compliance, principles, and tools
• Ability to work in team in diverse/ multiple stakeholder environments
• Ability to follow-up, follow through and deliver timely results
• Proven track record of delivering high quality solutions on time and on schedule
• Flexibility of providing support during odd hours, weekends, and peak seasons
• Off-Hours support including 24x7 on-call required
• Minimal travel required (training/conferences)

Nice To Haves

• Retail industry experience preferred

Responsibilities

• Design and implement a comprehensive cybersecurity awareness and training program aligned with organizational risk objectives
• Develop annual awareness plans, campaigns, and initiatives to foster a strong security culture
• Incorporate behavioral science principles to drive measurable security behavior change
• Create engaging, role-based training content for employees, contractors, and third parties
• Develop multimedia materials (videos, infographics, newsletters) and interactive learning modules
• Tailor messaging for different audiences, including executives, technical teams, and general staff
• Plan and execute phishing simulation campaigns to measure user susceptibility
• Analyze results and provide targeted follow-up training for high-risk groups
• Continuously refine simulations based on emerging phishing tactics and threat trends
• Define KPIs for awareness effectiveness (e.g., phishing click rates, training completion rates)
• Produce dashboards and reports for leadership, highlighting program impact and areas for improvement
• Use data-driven insights to adjust awareness strategies and content
• Partner with HR, IT, and business units to integrate security awareness into onboarding and compliance programs
• Collaborate with communications teams to ensure consistent messaging across channels
• Act as a trusted advisor to leadership on security culture initiatives
• Stay current on emerging cyber threats and incorporate relevant topics into awareness campaigns
• Benchmark program maturity against industry standards (e.g., NIST, SANS Security Awareness)
• Evaluate and implement new tools, platforms, and gamification techniques to enhance engagement
• Ensure awareness programs meet regulatory and compliance requirements (e.g., ISO 27001, PCI DSS)
• Maintain documentation for audits and certifications
• Support risk management by aligning awareness initiatives with organizational policies
• Provide rapid awareness communications during security incidents or zero-day vulnerabilities
• Develop playbooks for emergency messaging and employee guidance during crises
• Communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood and actionable manner
• Effectively influence and convince others to make appropriate changes in their priorities and behaviors for the benefit of the organization
• Coordinate activities on behalf of Information Security with HR, Risk Management, and Compliance functions
• Understand business needs and commitment to delivering high-quality, prompt, and efficient service to the business
• Work across groups to identify opportunities for improvement within the environment, along with plans to capture those benefits.
• Ensure adherence to existing processes both operationally, and in support of PCI and/or SOX audit requirements.

Benefits

• Full-time positions are eligible for paid time off, health, dental, vision, life and disability benefits.
• Part-time positions are eligible for dental, vision, life, and disability benefits.