Cybersecurity Behavior and Culture Specialist

The Role

As a Cybersecurity Behavior & Culture Specialist, you will lead the development and execution of Xylem’s human-centered cybersecurity awareness and culture strategy. Working closely with the Enterprise Security Operations Center (SOC), Threat Intelligence, Incident Response, and business stakeholders, you will transform insights from emerging threats and real-world attacks into measurable improvements in cyber awareness, behavior, and organizational resilience.

You will play a critical role in reducing human cyber risk by designing innovative awareness programs, delivering targeted training, driving culture change initiatives, and strengthening incident readiness across the organization.

Core Responsibilities

• Partner with the Enterprise SOC and Threat Intelligence teams to stay current on emerging threats, attack trends, and adversary techniques, translating threat intelligence into awareness campaigns, simulations, and employee education initiatives.

• Design, execute, and continuously improve monthly phishing simulation programs aligned to real-world attack patterns, organizational risk exposure, user maturity levels, and evolving threat landscapes.

• Develop and maintain risk-based metrics that measure human cyber risk across business units and functions, providing executive and operational reporting that translates behavioral data into actionable risk insights.

• Identify high-risk user populations and recommend targeted interventions, awareness campaigns, and reinforcement activities to drive measurable improvements in cybersecurity behaviors.

• Lead the development and delivery of enterprise-wide cybersecurity awareness training, ensuring content reflects current threats, regulatory expectations, organizational priorities, and alignment with Ethics & Compliance initiatives.

• Design and deliver role-based and function-specific cybersecurity education programs while expanding the organization's cybersecurity culture through gamification, micro-learning, behavioral nudges, and other data-driven behavior change strategies.

• Lead the organization's annual Cybersecurity Awareness Month program by developing engaging campaigns that leverage interactive content, quizzes, challenges, recognition programs, and executive engagement to increase participation and awareness across the enterprise.

• Design, facilitate, and continuously improve cybersecurity tabletop exercises in partnership with the Enterprise SOC, Incident Response teams, and business stakeholders, identifying response gaps, strengthening cross-functional coordination, and improving organizational readiness over time.

Required Qualifications

• Bachelor's degree in Cybersecurity, Information Technology, Communications, Organizational Development, Psychology, Education, or a related field; or equivalent combination of education and experience.

• 5+ years of experience in cybersecurity awareness, human risk management, cybersecurity culture, behavioral change, or related cybersecurity programs.

• Experience designing, implementing, and managing enterprise phishing simulation programs.

• Strong understanding of social engineering techniques, threat actor behaviors, and human cyber risk management concepts.

• Demonstrated ability to translate complex technical threats into engaging, business-focused communications and training programs for diverse audiences.

• Strong analytical, presentation, stakeholder management, and communication skills.

Preferred Qualifications

• Experience working closely with or within a Security Operations Center (SOC), Incident Response, or Threat Intelligence function.

• Experience with security awareness platforms such as Proofpoint, KnowBe4, Microsoft Attack Simulation Training, or similar technologies.

• Familiarity with behavioral science, adult learning methodologies, Nudge Theory, habit formation principles, or other behavior-change frameworks.

• Experience developing risk-based reporting models and executive dashboards related to human cyber risk.

• Experience using Power BI or similar analytics platforms to analyze, visualize, and report phishing simulation and awareness program results.

At Xylem, you'll not only contribute to solving water issues but also have the chance to make a difference through our paid Volunteer Program, Xylem Watermark. We prioritize our employees' well-being through inclusion and belonging as well as our Employee Resource Groups (ERG). Proud to be an Equal Employment Opportunity (including disability and veterans) and Affirmative Action workplace, Xylem fosters an inclusive environment free from discrimination or harassment. 

Please note that the information in this job description outlines the general nature of the position and is not an exhaustive list of duties. Xylem is dedicated to providing reasonable accommodations to enable all employees to perform their essential job functions. We reserve the right to modify this job description and assign additional duties as needed. Embrace the opportunity to be part of Xylem's transformative journey in shaping the future of water technology! #XylemCareers #GlobalImpact #WaterInnovation