About HighLevel
HighLevel is a cloud-based, all-in-one white-label marketing and sales platform that empowers marketing agencies, entrepreneurs, and businesses to elevate their digital presence and drive growth. We are proud to support a global and growing community of over 2 million businesses, from marketing agencies to entrepreneurs to small businesses and beyond. Our platform empowers users across industries to streamline operations, drive growth, and crush their goals.
HighLevel processes over 15 billion API hits and handles more than 2.5 billion message events every day. Our platform manages 470 terabytes of data distributed across five databases, operates with a network of over 250 micro-services, and supports over 1 million domain names.
Our People
With over 1,500 team members across 15+ countries, we operate in a global, remote-first environment. We are building more than software; we are building a global community rooted in creativity, collaboration, and impact. We take pride in cultivating a culture where innovation thrives, ideas are celebrated, and people come first, no matter where they call home.
Our Impact
Every month, our platform powers over 1.5 billion messages, helps generate over 200 million leads, and facilitates over 20 million conversations for the more than 2 million businesses we serve. Behind those numbers are real people growing their companies, connecting with customers, and making their mark - and we get to help make that happen.
About The Role
We are seeking a highly motivated and detail-oriented Security Awareness & Compliance Specialist to serve the organization’s efforts in reducing human risk through effective human risk management achieved through phishing simulations, security awareness training, and compliance monitoring. This role will be critical in developing and implementing strategies to educate employees on cyber threats, foster a security-conscious culture, and support adherence to internal and external compliance requirements and presenting monthly security metrics by collaborating with all the pillars and preparing review presentations.
Key Responsibilities
- Design and execute periodic phishing simulation campaigns using tools such as MetaCompliance, Proofpoint, KnowBe4, Microsoft Defender Attack Simulator, or similar.
- Analyze campaign results and deliver insights on click rates, reporting rates, and repeat offenders.
- Create tailored phishing scenarios that reflect real-world threats and align with organizational risk profiles.
- Track metrics over time and present monthly/quarterly phishing risk trends to leadership.
- Develop and manage the annual security awareness training plan, including onboarding and recurring training modules.
- Have exposure to working on collecting metrics and preparing professional presentations for management reviews.
- Collaborate with internal stakeholders (HR, IT, Legal, Compliance) to align training content with policies and compliance requirements.
- Source and manage vendors or platforms for training content and delivery (e.g., MetaCompliance, KnowBe4, SANS, Wombat).
- Measure training effectiveness through quizzes, feedback, and engagement rates.
- Maintain records of employee participation in training and simulations for audit readiness.
- Organize cybersecurity month activities, contests, newsletters, and workshops to reinforce security culture.
Required Qualifications
- Bachelor's degree in Business Administration, Information Systems, or related field
- 5+ years of experience in cybersecurity awareness, GRC, or IT training programs.
- Experience managing phishing simulation platforms and e-learning systems.
- Strong communication, presentation, and stakeholder engagement skills.
- Familiarity with compliance frameworks (e.g., ISO 27001, SOC 2, NIST CSF).
- Strong analytical and problem-solving abilities
- Exceptional communication and interpersonal skills
Preferred Qualifications
Certifications such as SSAP, GSEC, CISA, or equivalent.
Experience with behavior analytics and human risk scoring.
Knowledge of LMS platforms and integration with HRMS systems
EEO Statement
The company is an Equal Opportunity Employer. As an employer subject to affirmative action regulations, we invite you to voluntarily provide the following demographic information. This information is used solely for compliance with government record keeping, reporting, and other legal requirements. Providing this information is voluntary and refusal to do so will not affect your application status. This data will be kept separate from your application and will not be used in the hiring decision.