Senior Security Analyst

We are seeking a creative and organized Senior Security Analyst to join our Information Security Strategy & Programs team. In this role, you will act as a partner for our security culture initiatives, supporting the Security Awareness Program Lead in delivering world-class training, phishing simulations, and firm-wide engagement activities. You will also support day-to-day PMO activities for the Information Security department (maintaining JIRA projects, generating reports, tracking milestones, and coordinating updates). This is an execution-focused role perfect for someone who excels at content creation, project coordination, and translating technical security concepts into engaging, human-friendly stories. Proficiency with AI tools (e.g., effective prompting, drafting and summarization, responsible use with human review) is required and will be leveraged to enhance content, analytics, and communications. You will play a vital role in building our "human firewall" by ensuring our employees are educated, empowered, and vigilant. How You'll Make an Impact:

• Content Development & Design: Support in drafting and formatting customized, engaging communications (articles, emails, slides etc.) that translate complex topics into plain language and align with brand and accessibility standards.
• Phishing Simulation Support: Assist in the day-to-day execution of the firmwide phishing program. This includes drafting realistic templates, monitoring results, and coordinating follow-up education for "repeat clickers" to enhance resiliency.
• Awareness Campaign Coordination: Support the planning and implementation of major initiatives, such as National Cybersecurity Awareness Month, by coordinating logistics, calendars, stakeholder communications, and interactive activities/webinars.
• Internal Communications: Assist in drafting and editing content for the monthly cybersecurity newsletter and regularly update intranet sites to ensure security messaging is consistent and accessible.
• Role-Based Training Support: Help create and execute cybersecurity awareness trainings tailored to specific departments and high-risk roles within the organization.
• Employee Engagement: Foster a culture of responsibility by encouraging participation in awareness activities and helping to recognize employee contributions to the firm's security in coordination with the Lead
• Data & Reporting: Assist in gathering metrics from training platforms and phishing simulations to assess program effectiveness and identify areas for improvement.
• Executive Reporting: Take ownership of gathering and organizing information for Executive reports, including Board, Executive Committee, Quarterly Business Reviews and Ad hoc reports. Ensure accuracy and clarity in report content, collaborating with relevant stakeholders to collect necessary data.
• PMO Support: Provide hands-on support for PMO operations, including JIRA project administration, report generation, milestone tracking, and stakeholder updates.

• Experience: 1-3 years of experience in cybersecurity awareness, corporate training, or communications.

• Communication Skills: Exceptional writing and presentation skills with an ability to make complex security topics feel approachable and interesting.

• Technical Literacy: A foundational understanding of cybersecurity principles (e.g., social engineering, AI-related risks, phishing, and data protection).

• Creativity: A "marketing mindset"-the ability to create visually appealing materials that capture employee attention in a busy corporate environment.

• Collaboration: Strong interpersonal skills and the ability to work effectively with key partners across the firm

• Proficiency with AI tools : Working knowledge of AI-enabled productivity tools; ability to craft effective prompts and validate outputs.

• Organizational Skills: Proactive and able to work independently to manage multiple deadlines and keep campaign schedules on track.

• Project Management: A demonstrated interest in project management activities.

What Would Make You Stand Out:

• Platform Skills: Hands-on experience with MS Office Suite, JIRA, SharePoint, Confluence and Proofpoint (or any other phishing simulation platform)

• Degree/Certifications: Security+, GSSP, or any relevant degree/certification in Cybersecurity or Communications or Marketing or Information Management

• Project Management: PMO experience is welcome but not required, and training will be provided.

• A Culture of Learning & Mobility: Dedicated trainings, leadership development and mentorship programs designed to ensure that your time at Fitch will be a continuous learning opportunity
• Investing in Your Future: Retirement planning, financial wellness and tuition reimbursement programs that empower you to achieve your short and long-term goals
• Promoting Health & Wellness: Comprehensive healthcare offerings that prioritize a healthy body & mind
• Supportive Parenting Policies: Family-first policies, including a generous global parental leave plan, designed to help you balance career and family life effectively
• Dedication to Giving Back: Paid volunteer days and support for community engagement initiatives

As a leading, global financial information services provider, Fitch Group delivers vital credit and risk insights, robust data, and dynamic tools to champion more efficient, transparent financial markets. With over 100 years of experience and colleagues in over 30 countries, Fitch Group's culture of credibility, independence, and transparency is embedded throughout its structure, which includes Fitch Ratings, one of the world's top three credit ratings agencies, and Fitch Solutions, a leading provider of insights, data and analytics. With dual headquarters in London and New York, Fitch Group is owned by Hearst.