Our client in the public sector is seeking a contract based Cyber Awareness specialist to help with the development and execution of the cyber awareness and related training programs.

Location: Hybrid 2d - 3d Toronto

Duration: 6 months + extension option

Responsibilities

• Lead the development and execution of the enterprise-wide cyber awareness and training program, including all associated campaigns and sub-programs.
• Engage with cross-functional teams to build organizational alignment on key initiatives and develop comprehensive execution roadmaps.
• Apply industry-standard frameworks (e.g., NIST Cybersecurity Framework) to guide awareness initiatives and ensure alignment with recognized security best practices.
• Design, launch, and manage monthly phishing simulations using enterprise-grade tools, including the customization of email templates and landing pages to maximize realism.
• Oversee the deployment of mandatory security training modules, monitoring enrollment, completion rates, and follow-up activities.
• Facilitate cyber security awareness sessions and training workshops, acting as a subject matter expert for diverse internal audiences.
• Analyze behavioral data and training outcomes, translating results into meaningful KPIs and KRIs.
• Develop dashboards and reports that clearly communicate cyber risk and trends in business-friendly language.
• Identify and quantify gaps in security awareness, escalating findings and enlisting executive support to mitigate identified risks.
• Build strong working relationships with internal stakeholders and strategic external partners to advance the cyber awareness agenda.
• Provide senior-level advisory input on emerging threats and security issues, conducting reviews to identify potential exposures and recommend mitigation strategies.

Requirements:

• 4 years of experience in Information Security, Cybersecurity, or IT Operations.
• 1+ year of hands-on experience in Security Awareness, Phishing, or Social Engineering programs.
• Strong understanding of project management techniques and methodologies.
• Advanced data analysis skills, including mastery of Pivot Tables, VLOOKUP/XLOOKUP, and data visualization.
• Ability to write scripts for data manipulation and analysis.
• Demonstrated experience designing and executing complex phishing campaigns, including benchmarking click rates, repeat offenders, and behavioral trends.
• Experience developing and delivering technology-based learning programs.
• Familiarity with SCORM files and learning platforms such as Cornerstone or Terranova.
• Certs (nice to have): CompTIA Security+, SANS SSAP, CySA+, CISSP, CRISC, CISM, ISO/IEC 27001, Training or Learning Consultant certification