Cybersecurity Analyst

At Russell Investments, our purpose is to improve financial security for people., * Deliver and continuously enhance security awareness programs, including quarterly, threat-informed campaigns

• Execute phishing simulations, including scenario design, targeting, and performance analysis
• Support Cybersecurity Awareness Month and other enterprise-wide engagement initiatives
• Maintain internal cybersecurity resources to promote accessible guidance and best practices
• Contribute to external cyber trust centers/client assurance portals, ensuring accurate and current content
• Monitor and report on human risk metrics, providing actionable insights to stakeholders
• Partner with HR and Internal Communications to strengthen security culture and drive behavior change
• Support user access reviews (UARs), service accounts and non-human identities review ensuring coordination, completion tracking, and audit readiness
• Respond to client due diligence questionnaires (DDQs) on cybersecurity practices
• Support audit activities, including evidence collection and remediation tracking
• Support policy exceptions and technology risk issue tracking and remediation
• Partner with IT, Risk, Legal, and Business teams to align security initiatives
• Support client-facing teams with cybersecurity communications and inquiries

The ideal candidate combines expertise in security awareness with a strong understanding of human risk dynamics and core risk management practices and demonstrates the ability to collaborate effectively across global teams., * 3+ years of experience in cybersecurity, with exposure to both security awareness and GRC functions

• Demonstrated experience running security awareness programs and phishing simulations
• Familiarity with user access, service accounts and non-human identities review processes and identity/access governance concepts
• Experience completing or contributing to security questionnaires (e.g., DDQs, RFPs, client assessments)
• Strong understanding of cybersecurity principles, threats, and human risk factors
• Excellent written and verbal communication skills, with the ability to translate technical concepts for non-technical audiences

Technical Expertise

• Experience with security awareness platforms, phishing simulation tools, and GRC systems
• Understanding of Identity and Access Management (IAM), including authentication, authorization, and governance
• Knowledge of Privileged Access Management (PAM) and least privileged principles
• Familiarity with automation and scripting to support security and risk processes
• Working knowledge of cybersecurity frameworks such as NIST, ISO 27001, and CIS Controls

Core Competencies

• Drives behavior changes through effective, targeted communication
• Applies a pragmatic approach to prioritize and manage cyber risk
• Leverages data and metrics to inform decisions and improve programs
• Partners effectively across global, cross-functional teams
• Simplifies complex cybersecurity concepts for diverse audiences

Values & Culture

• Acts with non-negotiable integrity and maintains the highest professional standards.
• Demonstrates intellectual curiosity, seeking to continually advance the firm's cybersecurity engineering posture.
• Embodies collaboration, transparency, and accountability in all engagements.
• Dedicated to protecting client trust through security excellence and proactive risk management.

Special Requirements

• Hybrid work model (4 days onsite preferred)
• Occasional after-hours support for global operations

This role is not eligible for employment-based immigration sponsorship. Applicants must be legally authorized to work in the United States without employer sponsorship, now or in the future.

$90,000 USD - $100,000 USD

Specific compensation will be based on candidate's experience, skills, qualifications, commercial considerations, and other job-related factors permitted by law. At Russell Investments, salary is just one part of our compensation package. Our total rewards approach includes an annual performance bonus (subject to eligibility criteria) in addition to participation in our competitive benefits programs including healthcare, retirement, vacation, and wellbeing programs.