4 Phishing Simulation Jobs

The primary responsibility of this role will be to monitor security events and alerts utilizing Security Information and Event Management (SIEM) tools, Intrusion Detection/Prevention Systems (IDS/IPS), and other security monitoring platforms. You will be responsible for investigating and analyzing security incidents to identify the root cause, impact, and recommended remediation actions. Additionally, you will conduct in-depth analysis of security logs, network traffic, and other relevant data sources to detect and respond to potential threats. As part of your duties, you will be expected to perform real-time incident response activities, including containment, eradication, and recovery, following established procedures and guidelines. Collaboration with the SOC analysts will be essential, providing guidance and support in investigating and escalating security incidents. It will also be crucial to stay informed about the latest security threats, vulnerabilities, and industry best practices to enhance incident detection and response capabilities. You will play a key role in the development and implementation of SOC processes and procedures, including incident response plans, playbooks, and escalation protocols. Timely and accurate reporting on security incidents, including trend analysis and pattern identification to support proactive security measures, will be a significant part of your responsibilities. Furthermore, you will be involved in monitoring and maintaining endpoint security solutions to detect and prevent malware threats. Investigating and responding to malware incidents, delivering detailed reports, scheduling and managing phishing simulation campaigns to raise employee awareness, and analyzing campaign results to identify users at risk and recommend targeted training programs will all fall under your purview. Additionally, you will assist in coordinating Vulnerability Assessment and Penetration Testing (VAPT) with internal teams and external vendors, tracking vulnerabilities, ensuring timely remediation, and documenting progress. You will also be responsible for conducting Proof of Concept (POC) evaluations for various security solutions to assess their effectiveness and suitability, documenting POC findings, and preparing recommendation reports for stakeholders. Lastly, your role will involve contributing to the design and delivery of cybersecurity awareness programs to educate employees on security best practices.,

As a Specialist at CyberAssure Services (P) Ltd., your primary responsibility will be to conduct phishing simulations and assess vulnerability to social engineering attacks. You will play a crucial role in implementing security awareness training programs and providing recommendations to enhance the overall security posture of the organization. By analysing simulation results, you will identify trends, vulnerabilities, and areas for improvement, allowing you to develop effective strategies to mitigate risks effectively. It is essential to stay updated on the latest phishing trends and tactics to ensure the highest level of protection for the organization. Key Responsibilities: - Design and execute phishing simulation campaigns to evaluate employee vulnerability effectively. - Analyse simulation results to identify trends, vulnerabilities, and areas for improvement to enhance security measures. - Develop and deliver targeted training programs to improve employee awareness and response to phishing threats. - Create and disseminate awareness emails using the Salesforce email marketing tool to reach employees effectively. - Maintain phishing awareness content on the SharePoint site to keep information updated and easily accessible. - Conduct regular training sessions to raise awareness and share insights gained from phishing tests. - Collaborate with security teams to address false click situations for simulated phishing emails promptly. Requirements: - Minimum 3-5 years of experience in cybersecurity awareness, training, or a related field with at least 1 year of relevant experience in Phishing Simulation. - Proven experience with phishing simulation tools and conducting awareness campaigns. - Excellent communication, training, and presentation skills to effectively convey security information to employees. - Familiarity with Salesforce email marketing tool and SharePoint to create and disseminate awareness materials. - Experience with Proofpoint or Knowbe4 would be advantageous. - Strong analytical and problem-solving skills to identify and address security vulnerabilities effectively.,

KEY ACCOUNTABILITIES Monitor and analyze user activities for signs of potential insider threats. Develop and maintain threat detection tools, techniques, and procedures. Utilize threat intelligence platforms to gather, analyze, and disseminate relevant information. Perform advanced analysis of insider threat and DLP alerts across various egress channels in on-premise and cloud environments, prioritizing threats using available tools. Investigate and document event/alert patterns, collaborating with Cyber Defence, Legal, Privacy, and HR teams during incidents as necessary. Create detailed reports on security incidents, investigations, and mitigation efforts. Contribute to refining detection tool policies, rules, and operational documents by highlighting areas for improvement. Lead the simulated phishing program, including metrics and executive summaries. Coordinate with internal and external partners to develop and update quality training content. Develop and distribute enterprise-wide communications on information security risks and guidance. Create marketing materials and content for global Security Awareness events, including in-person site events as needed. Ensure the security awareness program effectively communicates security policies, fostering a global security culture. MINIMUM QUALIFICATIONS Education Full time graduation from an accredited university (Mandatory- Note: This is the minimum education criteria which cannot be altered) Minimum 4 years of experience in SOC, Incident Response, Insider Threat or Security Awareness. PREFERRED QUALIFICATIONS Excellent written, verbal communication and presentation skills. Ability to create engaging and effective training materials. Strong organizational and project management skills. Ability to work effectively in a team environment and collaborate with various stakeholders. Certifications: The following certificates are preferred but not mandatory, CompTIA Security+ CompTIA Cybersecurity Analyst (CySA+) EC-Council Computer Hacking Forensics Investigator (CHFI) EC-Council Certified Incident Handler (ECIH) SANS GIAC Security Essentials (GSEC) Microsoft Certified: Azure Fundamentals (AZ900) Microsoft Certified: Information Protection and Compliance Administrator Associate (SC400)

4-7 years Experience 1. Training Content Creation: Work with colleagues to design and produce phishing simulation exercises using Microsoft Attack Simulator. Ensure that the training content is easy to understand, aligned to the Virgin tone of voice and accessible to employees at all levels. 2. Take end to end ownership of phishing reporting ensuring that processes and metrics are working effectively, and changes are managed to ensure reporting processes are kept clear and simple for colleagues. 3. Champion simple and intuitive phishing reporting processes to encourage reporting and avoid disruption to productivity. 4. Build colleague confidence in recognising and responding to phishing threats. 5. Supporting and guiding staff in their skill development and identifying training needs and gaps. 6. Track and maintain records of employee participation and learning outcomes. 7. Analyse metrics and feedback to identify areas for improvement and implement necessary adjustments to enhance the training impact. 8. Promote a strong security culture throughout the organisation. 9. Compliance and Regulatory Adherence: Stay up to date with industry best practices, security trends, and relevant regulations. Ensure the security awareness program aligns with compliance requirements and industry standards. Primary : Phishing Simulation Secondary :Training content creation and Phishing simulation reporting & compliance