ZipRecruiter

Log In

1

Phishing Simulation Jobs (NOW HIRING)

Abrigo

Cybersecurity Operator

Raleigh, NC ยท On-site +1

This position also supports recurring security operations activities, including access reviews, phishing simulation reporting, security metrics collection, and audit support. All activities are ...

Securitas

Cybersecurity Awareness Specialist

$113K - $115K/yr

Design and deploy multi-channel simulations, including: * Phishing (email) * Smishing (SMS) * Vishing (voice) * Configure campaigns, including targeting, scheduling, and automated training ...

Russell Investments

Cybersecurity Analyst

Seattle, WA ยท Hybrid

$90K - $100K/yr

Execute phishing simulations, including scenario design, targeting, and performance analysis * Support Cybersecurity Awareness Month and other enterprise-wide engagement initiatives * Maintain ...

Soni Resources

IT Security Analyst

Shrewsbury, NJ ยท On-site

$105K/yr

Administer security awareness and phishing simulation programs. * Analyze training results and recommend targeted educational initiatives. * Support onboarding and annual security training programs.

Russell Investments

Cybersecurity Analyst

Seattle, WA ยท On-site

$90K - $100K/yr

Execute phishing simulations, including scenario design, targeting, and performance analysis * Support Cybersecurity Awareness Month and other enterprise-wide engagement initiatives * Maintain ...

Lowe's

Sr Analyst, Information Security

Charlotte, NC ยท On-site

Conduct realistic initial-access scenarios aligned to approved rules of engagement, including external attack surface testing, phishing simulation, identity abuse, public-facing application ...

Capricor Therapeutics

Security Analyst

San Diego, CA ยท On-site

Oversee KnowBe4 security awareness training and phishing simulations * Coordinate with SIEM platforms for log analysis and threat correlation SOX IT General Controls (ITGCs) * Support SOX ITGC ...

next page

Showing results 1-20

All JobsPhishing Simulation Jobs

Phishing Simulation information

See salary details

$39K

$101.3K

$144K

How much do phishing simulation jobs pay per year?

As of Jun 26, 2026, the average yearly pay for phishing simulation in the United States is $101,255.00, according to ZipRecruiter salary data. Most workers in this role earn between $78,500.00 and $129,500.00 per year, depending on experience, location, and employer.

What are some common challenges faced by professionals running phishing simulation programs, and how can they be addressed?

Professionals managing phishing simulation programs often encounter challenges such as employee resistance, maintaining engagement, and ensuring simulations stay relevant to evolving threats. To address these, it's important to communicate the purpose of simulations clearly, provide timely feedback and education, and regularly update campaigns to reflect current phishing tactics. Collaborating closely with IT, HR, and leadership teams helps foster a culture of security awareness and ensures the program's effectiveness.

What is a phishing simulation?

A phishing simulation is a cybersecurity exercise where organizations send fake phishing emails to employees to test their ability to recognize and report malicious messages. The goal is to raise awareness about phishing tactics and improve employees' responses to real threats. These simulations help identify vulnerabilities within the organization and guide future training efforts to reduce the risk of successful phishing attacks.

What is the difference between Phishing Simulation vs Security Analyst?

AspectPhishing SimulationSecurity Analyst
CredentialsCertifications like CEH, CompTIA Security+Certifications like CISSP, CISA, CEH
Work EnvironmentTypically in cybersecurity teams, focusing on training and awarenessIn IT/security departments, analyzing threats and implementing security measures
Employer & IndustryUsed by organizations to test employee awareness in cybersecurityEmployed by organizations to protect IT infrastructure and respond to security incidents

While both roles are part of cybersecurity, Phishing Simulation focuses on testing and training employees against phishing attacks, whereas Security Analysts monitor, analyze, and respond to security threats within an organization.

What are the key skills and qualifications needed to thrive as a Phishing Simulation Specialist, and why are they important?

To thrive as a Phishing Simulation Specialist, you need a solid understanding of cybersecurity principles, social engineering tactics, and experience with security awareness training programs, usually backed by a degree in information security or related certifications like CEH or CISSP. Familiarity with phishing simulation platforms (e.g., KnowBe4, Cofense), email security systems, and data analytics tools is typically required. Strong analytical thinking, attention to detail, and effective communication are crucial soft skills for designing realistic scenarios and educating users. These skills and qualifications are essential for helping organizations identify vulnerabilities, reduce human risk, and strengthen their overall security posture.
More about Phishing Simulation jobs
What cities are hiring for Phishing Simulation jobs? Cities with the most Phishing Simulation job openings:
What states have the most Phishing Simulation jobs? States with the most job openings for Phishing Simulation jobs include:
What job categories do people searching Phishing Simulation jobs look for? The top searched job categories for Phishing Simulation jobs are:
Phishing Simulation jobs near you
Infographic showing various Phishing Simulation job openings in the United States as of June 2026, with employment types broken down into 5% Internship, 87% Full Time, 5% Part Time, and 3% Contract. Highlights an 82% In-person, 3% Hybrid, and 15% Remote job distribution, with an average salary of $101,255 per year, or $48.7 per hour.

Cybersecurity Analyst Consultant

Pivotal Solutions Inc

Manhattan, NY โ€ข On-site

Other

Posted 6 days ago

Job description

Our client, based in New York, NY, is looking to hire a Cybersecurity Analyst Consultant.
Project duration: 3 months
I have listed below a detailed job description for your review.
If you have the required experience and interest, please email me a current resume, along with your responses to the following questions:
*** How much experience in years do you have in cybersecurity?
*** How much experience in years do you have with security awareness?
*** How much experience in years do you have with Governance, Risk Management, and Compliance (GRC) functions?
*** How much experience in years do you have running security awareness programs and phishing simulations?
*** How much experience in years do you have completing or contributing to security questionnaires (e.g., DDQs, RFPs, client assessments)?
*** Do you have working knowledge of cybersecurity frameworks such as NIST, ISO 27001, and CIS Controls?
*** What is your desired hourly rate?
*** Where do you currently reside (city, state)?
*** Are you able to work in New York, NY?
*** What is your availability to start a new project?
Thank you!
Steven Edelman
Pivotal Solutions, Inc.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Job Description:

We are seeking a Cybersecurity Analyst to advance our Human Cyber Risk Management program while supporting enterprise-wide risk and compliance efforts. This role is instrumental in strengthening the organization s security posture by promoting secure behaviors, managing user-centric risk initiatives, and addressing regulatory and client-facing cybersecurity requirements.

The ideal candidate combines expertise in security awareness with a strong understanding of human risk dynamics and core risk management practices and demonstrates the ability to collaborate effectively across global teams.

Key Responsibilities
  • Deliver and continuously enhance security awareness programs, including quarterly, threat-informed campaigns
  • Execute phishing simulations, including scenario design, targeting, and performance analysis
  • Support Cybersecurity Awareness Month and other enterprise-wide engagement initiatives
  • Maintain internal cybersecurity resources to promote accessible guidance and best practices
  • Contribute to external cyber trust centers/client assurance portals, ensuring accurate and current content
  • Monitor and report on human risk metrics, providing actionable insights to stakeholders
  • Partner with HR and Internal Communications to strengthen security culture and drive behavior change
  • Support user access reviews (UARs), service accounts and non-human identities review ensuring coordination, completion tracking, and audit readiness
  • Respond to client due diligence questionnaires (DDQs) on cybersecurity practices
  • Support audit activities, including evidence collection and remediation tracking
  • Support policy exceptions and technology risk issue tracking and remediation
  • Partner with IT, Risk, Legal, and Business teams to align security initiatives
  • Support client-facing teams with cybersecurity communications and inquiries
Qualifications and Experience
  • 3+ years of experience in cybersecurity, with exposure to both security awareness and GRC functions
  • Demonstrated experience running security awareness programs and phishing simulations
  • Familiarity with user access, service accounts and non-human identities review processes and identity/access governance concepts
  • Experience completing or contributing to security questionnaires (e.g., DDQs, RFPs, client assessments)
  • Strong understanding of cybersecurity principles, threats, and human risk factors
  • Excellent written and verbal communication skills, with the ability to translate technical concepts for non-technical audiences
Technical Expertise
  • Experience with security awareness platforms, phishing simulation tools, and GRC systems
  • Understanding of Identity and Access Management (IAM), including authentication, authorization, and governance
  • Knowledge of Privileged Access Management (PAM) and least privileged principles
  • Familiarity with automation and scripting to support security and risk processes
  • Working knowledge of cybersecurity frameworks such as NIST, ISO 27001, and CIS Controls
Core Competencies
  • Drives behavior changes through effective, targeted communication
  • Applies a pragmatic approach to prioritize and manage cyber risk
  • Leverages data and metrics to inform decisions and improve programs
  • Partners effectively across global, cross-functional teams
  • Simplifies complex cybersecurity concepts for diverse audiences
Values & Culture
  • Acts with non-negotiable integrity and maintains the highest professional standards.
  • Demonstrates intellectual curiosity, seeking to continually advance the firm s cybersecurity engineering posture.
  • Embodies collaboration, transparency, and accountability in all engagements.
  • Dedicated to protecting client trust through security excellence and proactive risk management.
Special Requirements
  • Hybrid work model (4 days onsite preferred)
  • Occasional after-hours support for global operations

Apply