1

Security Awareness Jobs (NOW HIRING)

Develop and deliver security awareness training programs for employees to enhance their understanding of security best practice to ensure that security and risk management continue to be integrated ...

You'll also help respond to security operations alerts and run our security awareness phishing simulation program. If you enjoy wearing different "hats" and want to grow in a fast-paced, cloud-native ...

$200/day

Head of Sales - Mid-Market (DACH) (m/f/d) | Security Awareness / Human Risk Management SaaS | €200-220k OTE (50/50) Location: Germany | Remote/Hybrid Opportunity Take ownership of a 6-8-strong team ...

Security Officer

Johnstown, PA · On-site

$14.50 - $17.25/hr

Security Awareness: * As a trained Security Officer practices security awareness in the context of the Criminal Justice System. * Practices information sharing to enhance overall awareness of ...

Security Officer

Johnstown, PA · On-site

$14.50 - $17.25/hr

Security Awareness: * As a trained Security Officer practices security awareness in the context of the Criminal Justice System. * Practices information sharing to enhance overall awareness of ...

Security Officer

Johnstown, PA · On-site

$15.75 - $18.75/hr

Security Awareness: * As a trained Security Officer practices security awareness in the context of the Criminal Justice System. * Practices information sharing to enhance overall awareness of ...

Security Director

New York, NY · On-site

$125K - $140K/yr

Conduct security awareness programs and training for employees to promote a culture of security awareness. * Provide guidance on how to respond to security incidents and promote a sense of ...

next page

Showing results 1-20

Security Awareness information

See salary details

$10

$19

$23

How much do security awareness jobs pay per hour?

As of Jul 8, 2026, the average hourly pay for security awareness in the United States is $19.19, according to ZipRecruiter salary data. Most workers in this role earn between $16.35 and $19.23 per hour, depending on experience, location, and employer.

How does a Security Awareness professional typically collaborate with other departments to strengthen an organization's cybersecurity posture?

Security Awareness professionals work closely with departments like IT, HR, and Compliance to design and deliver training programs, phishing simulations, and policy updates. They often coordinate with leadership to tailor initiatives for specific teams, ensuring that security protocols are understood and followed throughout the organization. Regular collaboration helps identify emerging risks and allows Security Awareness specialists to address department-specific threats or weaknesses. This cross-functional approach is key to building a culture of shared responsibility for cybersecurity.

What is security awareness?

Security awareness refers to the knowledge and practices that individuals and organizations use to recognize and respond to security threats, such as phishing, malware, and social engineering attacks. The goal of security awareness is to educate employees and users about potential cybersecurity risks and teach them how to protect sensitive information. Regular training and awareness programs help reduce the likelihood of security breaches caused by human error. By fostering a culture of security, organizations can better safeguard their data and systems from cyber threats.

What is the difference between Security Awareness vs Security Analyst?

AspectSecurity AwarenessSecurity Analyst
Required CertificationsNone or basic certifications (e.g., CompTIA Security+)Advanced certifications (e.g., CISSP, CEH)
Work EnvironmentTraining sessions, workshops, company-wide programsMonitoring, analyzing security threats, incident response
Employer & Industry UsageUsed across all industries to promote security cultureUsed in cybersecurity teams within various industries
Primary FocusEducating employees about security best practicesIdentifying and mitigating security threats

Security Awareness focuses on educating employees to prevent security breaches, while Security Analysts actively monitor and respond to security threats. Both roles are essential but serve different functions within cybersecurity.

What are the key skills and qualifications needed to thrive as a Security Awareness Specialist, and why are they important?

To thrive as a Security Awareness Specialist, you need a solid understanding of cybersecurity principles, risk management, and adult learning, often supported by a degree in information security or related certifications such as CISSP or Security+. Familiarity with security awareness platforms, phishing simulation tools, and learning management systems (LMS) is typically required. Strong communication, creativity, and the ability to influence behavior are crucial soft skills in this role. These competencies are vital to effectively educate employees, reduce organizational risk, and foster a proactive security culture.
More about Security Awareness jobs
What cities are hiring for Security Awareness jobs? Cities with the most Security Awareness job openings:
What states have the most Security Awareness jobs? States with the most job openings for Security Awareness jobs include:
Infographic showing various Security Awareness job openings in the United States as of July 2026, with employment types broken down into 1% As Needed, 61% Full Time, 37% Part Time, and 1% Contract. Highlights an 75% Physical, 1% Hybrid, and 24% Remote job distribution, with an average salary of $39,905 per year, or $19.2 per hour.

GRC Security Analyst II

Aquaamerica

Bryn Mawr, PA

Full-time

Re-posted yesterday


Job description

Essential Utilities, Inc. delivers safe, clean, reliable services that improve quality of life for individuals, families, and entire communities.


Operating as the Aqua (water and wastewater services) and the Peoples and Delta (natural gas) brands, Essential serves approximately 5.5 million people across 10 states. We are committed to sustainable growth, operational excellence, a superior customer experience, and premier employer status - including a competitive and comprehensive benefits package as well as a commitment to career growth opportunities.


We are advocates for the communities we serve and are dedicated stewards of natural lands, protecting more than 7,600 acres of forests and other habitats throughout our footprint.


Our company is one of the most significant publicly traded water, wastewater service and natural gas providers in the U.S.

The primary responsibilities of the GRC Security Analyst II (Governance & Risk) are to ensure the security and integrity of the organization's information systems, with a specific focus on risk & vulnerability management as well as security compliance. The Security Analyst will frequently engage with both technical teams and business process owners to analyze risk, communicate risk posture, and develop effective remediation strategies. Ready to take your career to the next level? Let's talk!

Essential Duties:

  • Manage execution of both enterprise-wide and focused risk, threat, and vulnerability assessments, including but not limited to Security Awareness, Vulnerability, Configuration, and Third-Party Assessments.

  • Analyze and prioritize risk, vulnerability, and compliance findings to define remediation priorities considering all available data sources; partnering with technology and business stakeholders to socialize and implement remediation plans.
    Define and manage qualitative and quantitative metrics and reporting to measure the success of vulnerability, third party, security awareness, security awareness, configuration, and asset management remediations.

  • Ability to lead ongoing vulnerability management processes, including working with IT and business stakeholders to prepare vulnerability remediation plans, track progress, and reduce overall vulnerability exposures.

  • Participate in development, implementation and operation of control/compliance frameworks and security best practices based on ISO 27001/27002, NIST (800-30, Cyber Security Framework/CSF), COBIT, Critical Security Controls, CIS Configuration Benchmarks.

  • Monitor compliance with security configuration standards for servers, endpoints, software, and networking platforms based on CIS Benchmarks.

  • Work closely with IT, development, and operations teams to ensure the integration of security practices into the software development lifecycle (SDLC) and IT operations.

  • Lead or assist with vendor and 3rd party risk assessments.

  • Create/maintain documentation of security solutions, services, configurations, and processes.

  • Work closely with engineers focused on intrusion detection, incident response and security operations to manage risk related to existing and emerging threats.

  • Collaborate with other security engineers to analyze, process, integrate, communicate, and respond to threat intelligence.

  • Ability to participate in or lead development, improvements and updates to continually improve security controls, policies, guidelines, processes and procedures.

  • Develop and deliver security awareness training programs for employees to enhance their understanding of security best practice to ensure that security and risk management continue to be integrated into the corporate culture.

  • Lead development and operation of the security awareness program to ensure that security and risk management continue to be integrated into the corporate culture.

  • Implement and maintain controls for compliance and privacy. Act as liaison to internal and external audit teams as needed.

  • Provide escalation support for the Information Technology Help Desk as required.

  • Ability to work off hours maintenance windows and participate in rotating on call shift periodically.

  • Ability to work alone or function effectively as part of a team.

  • All other duties as assigned by management.

MINIMUM QUALIFICATIONS:

Bachelors in Information Technology, Computer Science, Cyber Security, Security and Risk Analysis, Information Assurance.

3-5 years of previous Governance & Risk experience

Candidates must have a minimum of one of the following certifications or will be required to obtain within the first 12 months: CISSP, GIAC (GSEC, GSNA), CRISC, CISA, CISM, CCSP, SSCP, CAP, CSSLP, CSX Practitioner

KNOWLEDGE, SKILLS, AND ABILITIES:

  • Experience working with assessment tools such as Qualys Policy Compliance and CIS-CAT.

  • Experience developing and using Qualys, or other vulnerability management, platforms with experience in multiple modules and/or areas: Vulnerability Management, Policy Compliance, Continuous Monitoring, Policy Compliance, Web Application Scanning and Asset Management.

  • Experience leading security awareness program development including:

    • Leading regular phishing assessment campaigns.

    • Creating innovative security awareness campaigns using solution provider and custom-developed tools/trainings designed to be flexible and adaptable across a diverse employee population (executives, engineering, marketing and communications, finance, customer service, etc.).

    • Participate in aligning the security awareness program with the enterprise's greatest risks and measure the impact in risk reduction from security awareness efforts.

  • GRC platform experience, with RSA Archer knowledge a strong positive.

  • Strong written and verbal communication skills are required as this position will be responsible for working directly with technical teams and business stakeholders.

  • Demonstrates strong organizational skills and the ability to multi-task, prioritize workload and delegate responsibilities.

  • Strong analytical skills for assessing and prioritizing security risks.

  • Ability to promote a security-conscious culture within the organization.

  • Ability to adapt to evolving threats, technologies, and organizational needs.

  • Ability to understand and integrate security into project and application lifecycles for enterprise IT systems.

  • Minimum of 3 to 5 years experience in Information Technology focusing on information security auditing, risk analysis and vulnerability management.

  • General knowledge of the following technologies from a security perspective: Active Directory, database platforms, web server platforms, Middleware, PKI, cloud computing, Office 365 and Azure.

  • Experience using statistical, quantitative, and qualitative analysis techniques.

  • Proactive approach to staying informed on the latest security threats, vulnerabilities, and industry best practices.

Essential Utilities, Inc., is an Equal Opportunity/Affirmative Action employer. Equal employment opportunity is provided to all employees and applicants for employment without regard to the following legally protected characteristics: race, color, religion, sex, national origin, age, pregnancy (including childbirth and related medical conditions, including medical conditions related to lactation), physical or mental disability, covered-veteran status, genetic information (including testing and characteristics), sexual orientation, gender identity or expression or any other characteristic protected by applicable local, state or federal law.
Essential Utilities is committed to providing reasonable accommodation to individuals with disabilities. If you have a condition that may prevent you from applying for a job online or need to request an accommodation during the interview process, please call (1-877-271-9012).
To maintain the integrity of the recruitment process and to avoid real or perceived conflicts of interest due to employment and/or assignment of family members and personal referrals, specific guidelines apply to the hiring and assignment of these individuals including, but not limited to:

  • Family members cannot result in a supervisor/subordinate reporting relationship
  • Family members cannot work in the same department.