Cybersecurity Behavior and Culture Specialist

About the role

As a Cybersecurity Behavior & Culture Specialist , you will lead the development and execution of Xylem's human-centered cybersecurity awareness and culture strategy. Working closely with the Enterprise Security Operations Center (SOC), Threat Intelligence, Incident Response, and business stakeholders, you will transform insights from emerging threats and real-world attacks into measurable improvements in cyber awareness, behavior, and organizational resilience. You will play a critical role in reducing human cyber risk by designing innovative awareness programs, delivering targeted training, driving culture change initiatives, and strengthening incident readiness across the organization. Core Responsibilities Partner with the Enterprise SOC and Threat Intelligence teams to stay current on emerging threats, attack trends, and adversary techniques, translating threat intelligence into awareness campaigns, simulations, and employee education initiatives. Design, execute, and continuously improve monthly phishing simulation programs aligned to real-world attack patterns, organizational risk exposure, user maturity levels, and evolving threat landscapes. Develop and maintain risk-based metrics that measure human cyber risk across business units and functions, providing executive and operational reporting that translates behavioral data into actionable risk insights. Identify high-risk user populations and recommend targeted interventions, awareness campaigns, and reinforcement activities to drive measurable improvements in cybersecurity behaviors. Lead the development and delivery of enterprise-wide cybersecurity awareness training, ensuring content reflects current threats, regulatory expectations, organizational priorities, and alignment with Ethics & Compliance initiatives. Design and deliver role-based and function-specific cybersecurity education programs while expanding the organization's cybersecurity culture through gamification, micro-learning, behavioral nudges, and other data-driven behavior change strategies. Lead the organization's annual Cybersecurity Awareness Month program by developing engaging campaigns that leverage interactive content, quizzes, challenges, recognition programs, and executive engagement to increase participation and awareness across the enterprise. Design, facilitate, and continuously improve cybersecurity tabletop exercises in partnership with the Enterprise SOC, Incident Response teams, and business stakeholders, identifying response gaps, strengthening cross-functional coordination, and improving organizational readiness over time. Required Qualifications Bachelor's degree in Cybersecurity, Information Technology, Communications, Organizational Development, Psychology, Education, or a related field; or equivalent combination of education and experience. 5+ years of experience in cybersecurity awareness, human risk management, cybersecurity culture, behavioral change, or related cybersecurity programs. Experience designing, implementing, and managing enterprise phishing simulation programs. Strong understanding of social engineering techniques, threat actor behaviors, and human cyber risk management concepts. Demonstrated ability to translate complex technical threats into engaging, business-focused communications and training programs for diverse audiences. Strong analytical, presentation, stakeholder management, and communication skills.

Requirements

• Experience working closely with or within a Security Operations Center (SOC), Incident Response, or Threat Intelligence function.
• Experience with security awareness platforms such as Proofpoint, KnowBe4, Microsoft Attack Simulation Training, or similar technologies.
• Familiarity with behavioral science, adult learning methodologies, Nudge Theory, habit formation principles, or other behavior-change frameworks.
• Experience developing risk-based reporting models and executive dashboards related to human cyber risk.
• Experience using Power BI or similar analytics platforms to analyze, visualize, and report phishing simulation and awareness program results.

Additional Information

Xylem is a Fortune 500 global water solutions company dedicated to advancing sustainable impact and empowering the people who make water work every day. As a leading water technology company with 23,000 employees operating in over 150 countries, Xylem is at the forefront of addressing the world's most critical water challenges. We invite passionate individuals to join our team, dedicated to exceeding customer expectations through innovative and sustainable solutions.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Xylem? Share your experience