Cybersecurity Awareness Manager

The Cybersecurity Awareness Manager is responsible for designing, delivering, and continuously improving enterprise-wide cybersecurity awareness and risk mitigation programs. This role supports the effective adoption and ongoing operation of cybersecurity and risk management practices by equipping employees with the knowledge, skills, and behaviors required to protect organizational information assets. Through targeted education, communication, and engagement initiatives, the Cybersecurity Awareness Manager fosters a strong culture of security awareness across the organization.

• Cybersecurity Awareness Program Management: Design, implement, and manage comprehensive cybersecurity awareness and training programs tailored to diverse roles, functions, and risk profiles across the organization.
• Risk Awareness Alignment: Support the Governance, Risk and Compliance (GRC) Manager by translating enterprise cyber risks, control objectives, and risk scenarios into targeted awareness and training initiatives that reinforce desired risk behaviors.
• Training Content Development: Create high-quality, engaging educational materials, including e-learning modules, newsletters, multimedia campaigns, workshops, and reference resources that clearly communicate cybersecurity concepts, policies, and best practices.
• Phishing and Behavioral Exercises: Support phishing simulations and other behavioral assessments that evaluate employee awareness levels to drive continuous improvement in security behaviors.
• Training Cybersecurity Awareness Delivery and Facilitation: Deliver instructor-led and virtual training sessions to educate employees on cybersecurity risks, technology policies, procedures, and risk mitigation practices, ensuring content is accessible, relevant, and engaging.
• Awareness Campaigns and Communications: Lead ongoing cybersecurity awareness campaigns that promote secure behaviors and risk mitigation using multiple communication channels such as email, digital signage, newsletters, and internal platforms.
• Cross-Functional Collaboration: Partner with IT, cybersecurity subject-matter experts, Compliance, HR, and business leaders to define learning objectives, align training content with organizational priorities, and integrate cybersecurity education into onboarding, annual, and role-based learning programs.
• Security Advocacy and Engagement: Act as a visible champion for cybersecurity awareness initiatives, reinforcing the importance of employee engagement in protecting organizational systems and data.
• Incident Response Awareness: Provide training and guidance on incident response processes and employee responsibilities to ensure preparedness and timely, effective response to cybersecurity incidents.
• Program Measurement and Reporting: Assess the effectiveness of training and awareness initiatives through metrics, assessments, surveys, and feedback; analyze results and report insights, participation, and improvement opportunities to leadership.
• Policy and Process Enablement: Support the review and development of cybersecurity policies, procedures, and job aids to ensure expectations are clearly articulated, understandable, and aligned with organizational standards.
• Audit Readiness Support: Assist the GRC Manager in preparing training evidence, participation records, and awareness artifacts required for internal and external audits.
• Third-Party Risk Training: Support GRC initiatives by creating awareness content related to vendor security expectations, data sharing risks, and third-party incident reporting. Educate vendor owners and stakeholders on their responsibilities within the third-party risk management lifecycle.

Essential Regional or Country Requirements Education and/or Work Experience

• Bachelor’s degree in Information Technology, Cybersecurity, IT, Communications, Instructional Design, Education, Technical Writing, or similar with equivalent experience
• Minimum of 5 years of experience in training, content-creation, communications or a related field preferably within IT environments.

Knowledge and Skills and/or Abilities

• Strong understanding of information technology, cybersecurity principles, threats, and best practices.
• Passionate about information technology and cybersecurity and committed to fostering a culture of security awareness.
• Hands-on experience with Learning Management Systems (LMS) and training analytics tools
• Strong curiosity with willingness to try new ideas, assess results and make improvements.
• Excellent communication and presentation skills, with the ability to convey complex information clearly and effectively.
• Experience in instructional design and training delivery methods.
• Proficiency in using e-learning tools and platforms.
• Strong organizational skills and attention to detail
• Self-motivated, and able to work to meet deadlines
• Ability to work independently and as part of a team.
• Strong analytical and problem-solving skills.
• Availability and willingness to travel on company business based on requirements of the role (domestically and internationally)
• Requires occasional early morning or evening teleconferences
• Availability for on-call support and response to security incidents as needed.

Physical Requirements

• Works under general office environmental conditions
• Sits for extended periods, utilizes close visual acuity working with computers, etc.
• Stand for extended periods when representing information security at trade meetings and events