1

Phishing Simulation Jobs (NOW HIRING)

Apply for Position

Reston, VA · On-site

$40K - $50K/yr

Set up phishing simulations to assess and improve the organization's resilience to phishing attacks. * Educate employees about phishing risks to enhance their ability to recognize and report phishing ...

Administer phishing simulation campaigns, security awareness training, user follow-up, and reporting; partner with IT and business leaders to improve user resilience against social engineering ...

Be Seen First

Administer KnowBe4 -- run security awareness training and phishing-simulation campaigns, track completion, and report results. Reporting * Generate recurring reports across the stack -- tool health ...

New

Manage email security and phishing defense, including phishing investigation and triage, security awareness training, and phishing simulation programs. * Lead security incident investigations and ...

... phishing simulation campaigns. • Support the development, testing, and ongoing improvement of Disaster Recovery plans to ensure the organization can effectively respond to and recover from ...

Own day-to-day GRC operations - including (but not limited to) user access reviews and certifications, security awareness and phishing/deepfake simulation facilitation, JML tracking, and triage and ...

... phishing simulation campaigns • Support the development, testing, and ongoing improvement of Disaster Recovery plans to ensure the organization can effectively respond to and recover from ...

Senior Security Engineer

Jersey City, NJ

$125K - $171K/yr

Design and execute phishing simulation campaigns, including realistic attack scenarios (e.g., credential harvesting, BEC, malicious attachments, QR phishing) * Analyze phishing campaign results (open ...

... phishing simulation program to reduce susceptibility to social engineering threats, including managing phishing campaigns and coordinating targeted remediation training for users with repeated ...

Senior Security Engineer

Jersey City, NJ · On-site

$125K - $171K/yr

Design and execute phishing simulation campaigns, including realistic attack scenarios (e.g., credential harvesting, BEC, malicious attachments, QR phishing) * Analyze phishing campaign results (open ...

Cybersecurity & Phishing Awareness * Assist with cybersecurity and phishing-prevention efforts, such as helping maintain or evaluate phishing simulation tools, analyzing basic results, and supporting ...

Cybersecurity & Phishing Awareness * Assist with cybersecurity and phishing-prevention efforts, such as helping maintain or evaluate phishing simulation tools, analyzing basic results, and supporting ...

$109K - $147K/yr

Oversee email security initiatives including mail filtering policies via Microsoft Defender for Office 365, anti-phishing controls, and user phishing simulation programs (Attack Simulation Training ...

... with phishing simulation campaigns as directed; help document results and participant follow-up. * Assist with triage and documentation of security incidents and findings surfaced by the MDR/SOC ...

New

Senior Security Operations Analyst

Los Angeles, CA · On-site

$103K - $135K/yr

... the phishing simulation and security awareness program, schedule and manage campaigns, track completion rates, report results to leadership, and follow up with repeat offenders or high-risk user ...

next page

Showing results 1-20

Phishing Simulation information

See salary details

$39K

$101.3K

$144K

How much do phishing simulation jobs pay per year?

As of Jul 17, 2026, the average yearly pay for phishing simulation in the United States is $101,255.00, according to ZipRecruiter salary data. Most workers in this role earn between $78,500.00 and $129,500.00 per year, depending on experience, location, and employer.

What are some common challenges faced by professionals running phishing simulation programs, and how can they be addressed?

Professionals managing phishing simulation programs often encounter challenges such as employee resistance, maintaining engagement, and ensuring simulations stay relevant to evolving threats. To address these, it's important to communicate the purpose of simulations clearly, provide timely feedback and education, and regularly update campaigns to reflect current phishing tactics. Collaborating closely with IT, HR, and leadership teams helps foster a culture of security awareness and ensures the program's effectiveness.

What is a phishing simulation?

A phishing simulation is a cybersecurity exercise where organizations send fake phishing emails to employees to test their ability to recognize and report malicious messages. The goal is to raise awareness about phishing tactics and improve employees' responses to real threats. These simulations help identify vulnerabilities within the organization and guide future training efforts to reduce the risk of successful phishing attacks.

What is the difference between Phishing Simulation vs Security Analyst?

AspectPhishing SimulationSecurity Analyst
CredentialsCertifications like CEH, CompTIA Security+Certifications like CISSP, CISA, CEH
Work EnvironmentTypically in cybersecurity teams, focusing on training and awarenessIn IT/security departments, analyzing threats and implementing security measures
Employer & IndustryUsed by organizations to test employee awareness in cybersecurityEmployed by organizations to protect IT infrastructure and respond to security incidents

While both roles are part of cybersecurity, Phishing Simulation focuses on testing and training employees against phishing attacks, whereas Security Analysts monitor, analyze, and respond to security threats within an organization.

What are the key skills and qualifications needed to thrive as a Phishing Simulation Specialist, and why are they important?

To thrive as a Phishing Simulation Specialist, you need a solid understanding of cybersecurity principles, social engineering tactics, and experience with security awareness training programs, usually backed by a degree in information security or related certifications like CEH or CISSP. Familiarity with phishing simulation platforms (e.g., KnowBe4, Cofense), email security systems, and data analytics tools is typically required. Strong analytical thinking, attention to detail, and effective communication are crucial soft skills for designing realistic scenarios and educating users. These skills and qualifications are essential for helping organizations identify vulnerabilities, reduce human risk, and strengthen their overall security posture.
More about Phishing Simulation jobs
What cities are hiring for Phishing Simulation jobs? Cities with the most Phishing Simulation job openings:
What states have the most Phishing Simulation jobs? States with the most job openings for Phishing Simulation jobs include:
Infographic showing various Phishing Simulation job openings in the United States as of July 2026, with employment types broken down into 5% Internship, 87% Full Time, 5% Part Time, and 3% Contract. Highlights an 84% In-person, 3% Hybrid, and 13% Remote job distribution, with an average salary of $101,255 per year, or $48.7 per hour.
Apply for Position

$40K - $50K/yr

Full-time

Medical, Dental, Vision, Retirement, PTO

Posted 15 days ago


Carahsoft rating

7.5

Company rating: 7.5 out of 10

Based on 40 frontline employees who took The Breakroom Quiz

99th of 210 rated it services


Job description

Career Opportunities
Interested in joining the Carahsoft Team?
BACK TO CAREERS
Security Operations Specialist
Carahsoft seeks an entry level Security Operations Specialist to join our IT team in Reston, VA. This position will play a critical role in identifying, analyzing, and mitigating phishing threats to protect our company's information and reputation. If you are passionate about cybersecurity and want to make a difference in protecting organizations from phishing threats, we encourage you to apply.
Primary Duties and Responsibilities:
  • Analyze suspicious activity
  • Responding and investigating security alerts.
  • Respond to and report incidents to mitigate or prevent attacks and unauthorized access.
  • Validate new customer domains to verify legitimacy as part of our initial checkpoint.
  • Set up phishing simulations to assess and improve the organization's resilience to phishing attacks.
  • Educate employees about phishing risks to enhance their ability to recognize and report phishing attempts effectively.

Requirements:
  • Bachelor's degree in Information Technology, Cybersecurity, Information Systems, or a related field (or equivalent work experience).
  • Excellent analytical and incident-response skills with attention to detail.
  • Effective communication and collaboration abilities.
  • Commutable distance to Reston, VA.

Nice to Have:
  • Prior IT work experience or internship.
  • Knowledge of cybersecurity concepts such as common attacks, security protocols, encryption, and security best practices.
  • Knowledge of phishing techniques, email security, and social engineering tactics.
  • Knowledge of Splunk and SEIM preferred.

Compensation and Benefits
  • Starting compensation range: $40,000 - $50,000 per year
  • Carahsoft offers benefits such as health insurance, dental insurance, vision insurance, and a 401(k) savings plan. All full-time employees are eligible for accrued vacation leave and sick leave.

Carahsoft is an equal opportunity company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability or protected veteran status.

What Carahsoft employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom