Information Security Training Awareness Lead (REMOTE)

The Hanover Insurance Group•Worcester, MA

1d•$82,000 - $110,000•Remote

About The Position

The Hanover is seeking a dynamic and experienced Information Security leader to drive its Information Security Training, Awareness, and Outreach initiatives. This role is critical to strengthening the company's cybersecurity posture by designing and executing engaging training programs, phishing simulations, and targeted outreach campaigns. The individual will collaborate with the Security Operations Center (SOC), Legal, HR, Corporate Communications, IT department, and other stakeholders to foster a culture of security awareness across the enterprise. Annual plans will be created to meet program goals, milestones, and regulatory requirements, with flexibility to address dynamic security challenges. The role involves producing training materials for targeted audiences using various learning styles (visual, auditory, kinesthetic), building relationships with business units, and implementing/managing phishing exercises, training modules, and communication materials. This individual will also act as a liaison between the CISO and business units.

Requirements

Bachelor’s degree or 5+ years of relevant experience in cybersecurity, instructional design, or adult education.
Proficiency in MS Office Suite and familiarity with security training platforms (e.g., Proofpoint).
Knowledge of cybersecurity frameworks (NIST, ISO, MITRE) preferred.
Experience designing and delivering training in virtual and matrixed environments.
Strong organizational and time management skills; ability to adapt and solve problems creatively.
Skilled in multimedia and web design tools (e.g., Articulate, Captivate, webinar platforms).
Ability to influence stakeholders and execute strategic plans across a large enterprise.

Nice To Haves

Ability to use automation tools such as Power BI is preferred but not required
Awareness & Outreach-Specific Certifications preferred, not required: SANS Security Awareness Professional (SSAP), SANS Managing Human Risk

Responsibilities

Have lead responsibility on significant course development of annual training and awareness plans aligned with regulatory requirements, threat landscape, and organizational goals.
Lead the design and execution of phishing simulations and insider threat training programs based on NIST standards.
Act as a change agent to promote adoption of security and IT best practices across business units.
Create engaging, multi-modal training content tailored to diverse learning styles (visual, auditory, kinesthetic; inspired by the current cyber threat landscape.
Translate complex technical and information security concepts into accessible, actionable learning materials.
Deliver impactful presentations and facilitate training sessions for audiences at all organizational levels.
Build an outreach network to serve as liaisons between the Office of the CISO and business units.
Develop and distribute awareness materials via newsletters, forums, digital signage, and online platforms.
Establish and maintain an intuitive online hub for training schedules, resources, and security references.
Create communications responding to active social engineering campaigns raising awareness to targeted parties, helping to protect The Hanover.
Develop and maintain key performance indicators (KPIs) and monthly metrics to measure the effectiveness of training, phishing simulations, and outreach efforts.
Analyze trends and performance data to identify areas for improvement and inform future strategy.
Collaborate with the GRC team to align reporting with compliance and risk management objectives.
Prepare and present executive-level summaries and board communications to highlight program impact and progress.
Partner with Legal, HR, SOC, and Corporate Communications teams to address insider threats and develop mitigation strategies.
Support incident response efforts through targeted education and outreach.
Promote understanding of IT security responsibilities and organizational policies.