Cybersecurity Human Risk Program Manager

About The Position

Requirements

• Minimum 4+ years in enterprise communications and 1+ years in cybersecurity, risk management, or security awareness.
• Skilled in technology and content development, including SharePoint site creation, multi-channel communication strategies, and interactive training tools.
• Practical understanding of security risk management and human risk factors; familiarity with frameworks such as NIST or ISO 27001.
• Proven experience managing large-scale culturally aware awareness programs for a global organization, coordinating stakeholders, and measuring impact through metrics.
• Excellent presentation skills – both in content development and owning the stage, presenting to both novice and executive audiences.
• Bachelor’s degree in computer science, information assurance, MIS and/or education, journalism, communication or equivalent industry experience.

Nice To Haves

• Security, audit or risk certifications a plus, such as SANS SSAP.

Responsibilities

• Human Risk Management: Identify top human risks and develop programs that change behaviors, ensuring employees act securely and reduce organizational risk.
• Engaging Education: Design dynamic, interactive education that captivates diverse audiences and transforms complex cybersecurity concepts into clear, actionable knowledge.
• Policy Development: Document and maintain IT and information security policies, standards, and guidelines aligned with regulatory requirements and business risk appetite.
• Phishing Simulations: Conduct simulated phishing exercises and develop creative campaigns to raise awareness of security responsibilities.
• Risk Management: Identify and communicate IT and security risks to leadership and stakeholders and drive mitigation.
• Program Management: Plan, manage, and maintain engaging, organization-wide security programs.
• Content Creation: Build engaging SharePoint sites and slide decks, and leverage technology for effective knowledge building and engagement.