Jobs · Information Technology · Missouri

Security Specialist (GRC & Awareness)

Focus Financial Partners · St Louis, MO · 1 wk ago
Information Technology$140k–$160k/yrFull-time

About the role

This Security Specialist role will serve as a lead for cybersecurity awareness & training program responsible for the execution and continuous improvement of the firm’s cybersecurity awareness and training program across all Focus firms.

Responsibilities

  • Execute the firm-wide cybersecurity awareness and training program across all Focus firms.
  • Deliver mandatory annual security training, role-based training, and targeted campaigns addressing key cyber risks (e.g., phishing, social engineering, data protection).
  • Manage and execute phishing simulation programs, including campaign design, delivery, analysis, and follow-up education.
  • Cook up training rollouts, schedules, and communications to ensure consistent adoption across diverse business units.
  • Develop, maintain, and refresh cybersecurity training content to ensure relevance, clarity, and engagement.
  • Tailor training materials for different audiences, including employees, advisors, leadership, and specialized roles.
  • Incorporate lessons learned from incidents, phishing results, regulatory feedback, and emerging threat trends into training content.
  • Work closely with Legal, Privacy, and Regulatory Compliance teams to ensure training content aligns with applicable laws, regulations, and contractual obligations.
  • Support regulatory examinations, audits, and client due diligence efforts by providing training materials, metrics, and evidence.
  • Define and track key training and awareness metrics (e.g., completion rates, phishing susceptibility, behavioral improvements).
  • Analyze trends and results to identify risk areas and inform targeted training initiatives.
  • Partner closely with Cybersecurity Risk, Engineering, and Operations teams to align training with real-world threats and controls.
  • Coordinate with HR and Communications teams to support onboarding, policy acknowledgment, and change-management initiatives.
  • Provide regular reporting and insights to the Head of Cybersecurity Governance and other stakeholders.

Qualifications & Experience

  • 5–8+ years of experience in cybersecurity awareness, training, GRC, or related security roles.
  • Hands-on experience delivering cybersecurity training programs in a regulated or complex environment.
  • Strong understanding of common cybersecurity risks, user behavior factors, and awareness best practices.
  • Experience partnering with Legal, Privacy, and Compliance teams on regulatory or audit-driven initiatives.
  • Excellent communication and content-development skills, with the ability to explain security concepts to non-technical audiences.
  • Highly organized and self-directed, with the ability to manage multiple initiatives across a distributed organization.

Preferred Qualifications

  • Experience in financial services or similarly regulated industries.
  • Familiarity with cybersecurity frameworks and regulatory requirements (e.g., NIST CSF, NYDFS, GLBA).
  • Experience with phishing simulation and training platforms.
  • Professional certifications such as CISSP, CISM, Security+, or relevant security awareness credentials.

Similar jobs

Security GRC Specialist

ProfoundNew York, NY· 1 wk ago
Information Technology$230k–$275k/yrapply on tryprofound.com

Security Specialist

Banner Defense, IncHuntsville, AL· 2 mo ago
Information Technologyapply on bannerdefenseinc.applicantpro.com

Security Specialist

Hyve SolutionsFremont, CA· 2 wk ago
Information Technologyapply on synnex.wd5.myworkdayjobs.com

Security Specialist

Corps SolutionsQuantico, VA· 1 mo ago
Information Technology$70k–$170k/yrapply on recruitingbypaycor.com