Compass Group USARemote
CYBER SECURITY ANALYST- (REMOTE- NATIONWIDE)
United States
Full Time
10 hours ago
$90,000 - $110,000 USD
H1B Sponsor Likely
Key skills
OAuthLeadershipCommunication
About this role
Compass Group USA is a leading organization focused on delivering enterprise-wide initiatives through its Compass Technology team. They are seeking a Cyber Security Analyst responsible for managing phishing simulations and security awareness programs to reduce risks from email threats.
Responsibilities:
- Administer the enterprise phishing simulation program, including campaign planning, user segmentation, scheduling, templates, landing pages, and reporting, ensuring simulations reflect current threat trends and business relevant scenarios
- Design and deliver targeted security awareness and training materials, such as microlearning's, job aids, tip sheets, and role or behavior based interventions informed by simulation results and observed attack patterns
- Analyze phishing simulation and awareness metrics, including susceptibility rates, reporting rates, repeat clickers, and false positives, and translate results into actionable insights and recommendations for technical and business stakeholders
- Continuously mature the phishing and awareness program, introducing new attack techniques (e.g., QR phishing, OAuth consent phishing, BEC scenarios) and adjusting cadence, difficulty, and messaging to align with organizational risk priorities
- Partner with Cybersecurity leadership, HR, and Compliance to align phishing simulations and awareness initiatives with policy requirements, training expectations, and broader culture of security objectives
- Serve as a subject matter resource for phishing related education, providing guidance to stakeholders on emerging social engineering trends and prevention strategies
- Monitor email security posture and phishing activity to identify trends and insights that inform awareness content and simulation design
- Coordinate with Incident Response and other cyber teams on confirmed incidents, ensuring lessons learned are fed back into simulations and training content to prevent recurrence
- Generate regular metrics for reporting and dashboards covering phishing simulation performance, awareness effectiveness, email threat trends, and communicate results clearly to both technical and nontechnical audiences
- Support tuning and optimization of phishing defense and email security tooling where improvements directly enhance reporting accuracy, user experience, or simulation fidelity
- Document simulations, investigations, and program changes to ensure repeatability, auditability, and continuous improvement
Requirements:
- 3+ years of experience in cybersecurity, security awareness, phishing defense, or a closely related discipline, with hands-on experience supporting phishing simulations and/or user education initiatives
- Practical experience with phishing simulation and email security platforms, ideally including KnowBe4, Abnormal, and/or Proofpoint (or comparable enterprise solutions)
- Strong understanding of phishing and social engineering techniques, attacker tradecraft, and how human behavior influences organizational security risk
- Working knowledge of email security fundamentals (message anatomy, headers, URLs, attachments, sender reputation) sufficient to support investigations and accurate training content
- Demonstrated ability to analyze metrics and trends and translate technical data into clear, actionable awareness messaging
- Strong written and verbal communication skills, with the ability to engage effectively with technical teams and end users
- Experience working with documentation, metrics, and repeatable processes to support program maturity and operational consistency