Junior Policy and Security Awareness Analyst

About The Position

Requirements

• Excellent communication (written and verbal) and effective interpersonal skills.
• Strong planning, prioritization, and execution skills, capable of managing multiple projects in fast-paced, evolving environments.
• Experience working with structured data (e.g., Excel, Google Sheets, SQL, or Python) to organize, analyze, or report on information is preferred.
• Experience using AI tools to analyze, summarize, or extract insights from documents.
• Familiarity with prompt structuring, workflow automation, or API-based usage is strongly preferred.
• A critical thinker, a solid drive to excellence, a strong attention to detail, an insatiable appetite for continuous improvement, and a constant need to learn, practice, and improve.
• Enthusiasm to learn through a combination of structured, on-the-job, and self-directed training.
• Desire to explore a career in Information Security or Information Security, Governance, Risk and Compliance
• Interest in pursuing foundational security certifications such as ISC2 Certified in Cybersecurity (CC), CompTIA Security+, or ISO 27001, with longer-term development toward certifications like CISA or CISSP.
• Ability to work efficiently and effectively in a remote team environment.
• Ability to communicate the value of compliance work in clear business terms, helping stakeholders understand how audit readiness, effective controls, and timely remediation reduce risk, protect trust, and support College Board’s mission.
• A passion for expanding educational and career opportunities and mission-driven work grounded in our Operating Principles and Manager Expectations.
• Curiosity and enthusiasm for emerging technologies, with a willingness to experiment with and adopt new AI-driven solutions and comfort with learning and applying new digital tools independently and proactively.
• Clear and concise communication skills, written and verbal
• A learner's mindset and a commitment to growth: welcoming diverse perspectives, giving and receiving timely, respectful feedback, and continuously improving through iterative learning and user input.
• A drive for impact and excellence: solving complex problems, making data-informed decisions, prioritizing what matters most, and continuously improving through learning, user input, and external benchmarking.
• A collaborative and empathetic approach: working across differences, fostering trust, and contributing to a culture of shared success
• Authorization to work in the United States

Nice To Haves

• Preferred backgrounds include Computer Science, Information Systems, Cybersecurity, Data Analytics, Public Policy (with quantitative or technology focus), or related disciplines.
• Working in a security environment with experience in security awareness or policy management.
• Bachelor’s degree preferred.
• The ability to travel 3-4 times a year to College Board offices or on behalf of College Board business.

Responsibilities

• Assist in planning, executing, and managing security policy reviews and approval activities to ensure alignment with industry standards and business objectives.
• Maintain and organize the enterprise policy library within One Trust and other designated repositories.
• Research, interpret, and map policy requirements to compliance controls for audit readiness.
• Conduct routine policy reviews to identify gaps or outdated content and recommend updates.
• Support policy enforcement efforts and work with leadership to ensure consistent organization-wide compliance.
• Maintain a Generative AI–powered chatbot built on Microsoft Copilot to answer common InfoSec policy questions.
• Develop dashboards and reports that highlight training gaps, policy risks, and awareness trends.
• Support and continuously improve organization-wide security awareness training using KnowBe4.
• Plan, execute, analyze, and report monthly phishing simulations.
• Support broader ISGRC initiatives designed to strengthen governance and risk management.
• Develop dashboards, reports, and metrics to inform leadership about progress and effectiveness of policy and security awareness initiatives.
• Perform other duties assigned to support ISGRC and enterprise security objectives.
• Contribute to automation or AI-enabled improvements in policy or security awareness workflows.

Benefits

• Annual bonuses and opportunities for merit-based raises and promotions
• A mission-driven workplace where your impact matters
• A team that invests in your development and success