Job Summary
This role will focus on implementing and managing cybersecurity culture and awareness programs with a focus on social engineering and training campaigns to improve the overall cybersecurity awareness and resilience of our organization. The ideal candidate will have a passion for cybersecurity, a strong understanding of social engineering techniques, and the ability to create training and documentation as well as communicate effectively with diverse audiences.
Essential Functions
- The functions listed describe the business purpose of this job or position. Specific duties or tasks may vary and be documented separately. An associate might or might not be required to perform all functions listed. Additional duties may be assigned, and functions may be modified, according to business necessity.
- All assigned duties or tasks are deemed to be part of the essential functions, unless such duties or tasks are unrelated to the functions listed, in which case they are deemed to be other (non-essential) functions.
- Associates are held accountable for successful job performance. Job performance standards may be documented separately, and may include functions, objectives, duties or tasks not specifically listed herein.
- In performing functions, duties or tasks, associates are required to know and follow safe work practices, and to be aware of company policies and procedures related to job safety, including safety rules and regulations. Associates are required to notify superiors upon becoming aware of unsafe working conditions.
- All functions, duties or tasks are to be carried out in an honest, ethical and professional manner, and to be performed in conformance with applicable company policies and procedures. In the event of uncertainty or lack of knowledge of company policies and procedures, associates are required to request clarification or explanations from superiors or authorized company representatives.
Social Engineering Campaigns
- Design, execute, and manage phishing, vishing, and other social engineering campaigns to assess and enhance employee awareness and response to cybersecurity threats.
- Analyze results from social engineering exercises, identifying trends and areas for improvement.
Training
- Develop and deliver engaging cybersecurity awareness training materials, including presentations, e-learning modules, and infographics.
- Collaborate with the training team to ensure alignment with overall cybersecurity training strategies when appropriate.
Incident Response
- Assist in the investigation and analysis of social engineering incidents, providing insights and recommendations for remediation.
- Maintain detailed records of incidents and responses to improve future security measures.
Policy and Procedure Development
- Contribute to the development and updating of cybersecurity policies, procedures, and guidelines, ensuring they reflect current threats and best practices.
- Assist in the creation of awareness content that supports these policies and procedures.
Communication And Reporting
- Develop, curate, and disseminate security documentation, ensuring awareness amongst stakeholders and employees.
- Prepare regular reports on the effectiveness of social engineering campaigns and awareness initiatives, presenting findings to management and stakeholders.
- Communicate complex technical information to non-technical audiences in a clear and concise manner.
Research And Stay Current
- Stay up to date with the latest social engineering tactics, cybersecurity threats, and industry trends.
- Participate in professional development opportunities, including conferences, workshops, and certifications.
Minimum Qualifications At Entry
Additional qualifications may be specified and receive preference, depending upon the nature of the position.
Education/Experience
- Bachelor's degree in information technology or information security or High School diploma with equivalent work experience.
- 1-3 years' experience in cybersecurity, with a focus on social engineering and awareness programs preferred.
- Relevant certifications (e.g.Sans Security Awareness Professional, CompTIA Security +) are a plus.
Preferred Skills
- Experience with cybersecurity awareness tools and platforms.
- Develop, curate, and disseminate security documentation, ensuring awareness amongst stakeholders and employees.
- Familiarity with regulatory requirements and standards (e.g. HIPAA, NIST, GDPR).
- Basic knowledge of incident response and digital forensics.
COMPETENCIES: (as demonstrated through experience, training, and/or testing ):
- Strong analytical and problem-solving skills.
- Ability to work independently and as part of a team.
- Excellent project management and collaboration skills—setting goals and priorities, considering dependencies, and handling execution from start to finish.
- A drive to solve difficult problems and evolve the status quo with technical and non-technical solutions—-you're never satisfied by just ticking a box.
- Knowledge of common social engineering techniques and mitigation strategies.
Working Conditions And Physical/Mental Demands
With or without reasonable accommodation, requires the physical and mental capacity to perform effectively all essential functions. In addition to other demands, the demands of the job include:
- Maintaining composure in dealing with executives, clients, prospects, and staff, in group settings and in situations requiring high performance and results.
- Must undergo and meet company standards for controlled substance testing, and behavioral selection survey.
- Handling and being exposed to sensitive and confidential information.
- Required ability to handle multiple tasks concurrently.
- Up to 25% travel
- Occasional lifting and/or moving up to 10 pounds.
Securitas is committed to diversity, equity, inclusion and belonging in the workplace.
All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other applicable legally protected characteristic.
#AF-SSCorp
About Us
Securitas employees come from all walks of life, bringing with them a variety of distinctive skills and perspectives. United through our common purpose, we provide the security needed to safeguard our clients' assets and people. Our core values - Integrity, Vigilance and Helpfulness - are represented by the three red dots in the Securitas logo. If you live by these values, we're looking for you to join the Securitas team.
About The Team
Our Company Mission:
Securitas' mission is to protect homes, workplaces, and communities by providing the security services they need to protect their assets, safeguard their people, and maintain their ability to generate profits.
Our Values
Securitas' core values - Integrity, Vigilance and Helpfulness - are the foundation for our employees to build trust with customers, colleagues, and the surrounding community.
Integrity
Securitas employees are honest and trusted by customers to safeguard their premises and valuables. We don't compromise on integrity and create an open forum for our employees and customers to voice opinions, report improprieties, and share information.
Vigilance
Seeing, hearing, and evaluating. A Securitas employee is always attentive and often notices things that others don't. Their vigilance is necessary in order to be aware of potential risks or incidents that may take place on our customers' premises.
Helpfulness
As part of an on-going effort to ensure safety, Securitas employees are always ready to help if an incident occurs that requires intervention regardless of whether or not it is directly related to their job.