Security Awareness & Phishing Simulation Specialist

Role OverviewWe are seeking a skilled Security Awareness & Phishing Simulation Specialist with hands-on experience in KnowBe4 to design, execute, and manage enterprise-wide phishing campaigns and security awareness training programs.The role focuses on reducing human risk by improving employee security behaviour through data-driven phishing simulations, training campaigns, reporting, and continuous improvement. Key ResponsibilitiesPhishing Campaign Management (KnowBe4)Design, configure, and execute ongoing phishing simulation campaigns using KnowBe4.Customize phishing templates (emails, landing pages, attachments, URLs) based on:Risk profilesDepartment / regionThreat trendsSchedule baseline, monthly, and targeted campaigns (e.g., executives, finance, IT).Implement adaptive phishing and risk-based targeting.Tune difficulty levels over time to align with program maturity. Security Awareness TrainingPlan and administer security awareness training campaigns using KnowBe4 modules.Assign training based on:User roleRisk scorePrior phishing failuresManage mandatory, remedial, and role-based training.Track training completion, overdue users, and escalations. Reporting, Metrics & KPIsGenerate and analyze metrics such as:Phish-prone percentage (PPP)Click rates, credential submission ratesReporting ratesTraining completion ratesDeliver monthly and quarterly executive-ready reports.Provide insights and recommendations to improve user behavior.Maintain dashboards aligned to human risk reduction KPIs. Integration & AutomationIntegrate KnowBe4 with:Microsoft Entra ID / Azure ADOkta (if applicable)Email gateways (O365 / Exchange / Proofpoint)SIEM / SOAR platforms (e.g., Splunk, XSOAR – optional)Manage Phish Alert Button (PAB) deployment and reporting workflows.Support automation for user provisioning, group sync, and reporting. Governance & Program SupportSupport policy-aligned security awareness programs (ISO 27001, SOC 2, NIST, PCI DSS).Assist during internal audits and client assessments.Coordinate with HR, IT, and Compliance teams.Maintain SOPs, playbooks, and campaign calendars. Required Technical SkillsMandatoryStrong hands-on experience with KnowBe4, including:Phishing campaignsTraining campaignsReporting & dashboardsGood understanding of:Phishing techniques (credential harvest, attachments, smishing basics)Email security conceptsExperience with Microsoft 365 / Exchange Online environments.Strong Excel and reporting skills. Good to HaveIntegration experience with Proofpoint, Mimecast, Defender for Office 365.Awareness of human risk management concepts.Familiarity with NIST Security Awareness Framework.Experience supporting global / multi-geo organizations.Soft SkillsStrong stakeholder communication skills.Ability to translate metrics into clear executive insights.High attention to detail and governance mindset.Self-driven and process-oriented. Deliverables & KPIsReduction in phish-prone percentage over time.Improved email reporting rate.On-time completion of awareness training.Accurate and consistent executive reporting.Continuous improvement recommendations.