Back to Jobs
Cyber Sec Archt/Engr II
Actively Reviewing
Honeywell Technologies
Job Description
JOB DESCRIPTION
Operate the established end-to-end lifecycle of the Microsoft Defender Attack Simulation Training program. This role is responsible for designing realistic phishing simulations, analyzing user behavior at scale, and driving targeted remediation to measurably reduce organizational phishing risk. The position partners closely with IT, HCM, and Security Awareness teams to ensure simulations, reporting, and training are aligned to business and compliance objectives.
As a Phishing Simulation & Remediation Lead at Honeywell, you will play a vital role in strengthening our cybersecurity defenses by managing phishing simulation campaigns and remediation efforts that educate and protect our workforce from phishing threats. You will report directly to cybersecurity leadership and work on a hybrid schedule.
RESPONSIBILITIES
Phishing Simulation Program Management
Core Technical Skills
Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments – powered by our Honeywell Forge software – that help make the world smarter, safer and more sustainable.
Operate the established end-to-end lifecycle of the Microsoft Defender Attack Simulation Training program. This role is responsible for designing realistic phishing simulations, analyzing user behavior at scale, and driving targeted remediation to measurably reduce organizational phishing risk. The position partners closely with IT, HCM, and Security Awareness teams to ensure simulations, reporting, and training are aligned to business and compliance objectives.
As a Phishing Simulation & Remediation Lead at Honeywell, you will play a vital role in strengthening our cybersecurity defenses by managing phishing simulation campaigns and remediation efforts that educate and protect our workforce from phishing threats. You will report directly to cybersecurity leadership and work on a hybrid schedule.
RESPONSIBILITIES
Phishing Simulation Program Management
- Design, execute, and continuously improve phishing simulation campaigns using Microsoft Defender Attack Simulation Training.
- Develop and maintain phishing templates aligned to current threat trends and real-world attack techniques.
- Launch enterprise-wide simulation campaigns, targeting a minimum of four simulations per employee annually.
- Correlate simulation outcomes with real-world phishing reports to assess risk reduction and program effectiveness.
- Monitor and analyze phishing simulation data using Splunk; identify anomalies, ingestion issues, and trends.
- Build, maintain, and enhance Splunk dashboards for simulation performance, user behavior, and reporting metrics.
- Produce ad hoc analysis and reporting in response to business, leadership, or compliance requests.
- Own phishing susceptibility metrics and reporting in Power BI for executive and business unit visibility.
- Partner with IT and development teams to support data ingestion, automation, and platform reliability.
- Leverage Python and Splunk knowledge (directly or via developers) to resolve data issues and improve automation.
- Validate simulation outcomes using Defender Advanced Hunting where needed.
- Coordinate with the HCM/Learning team on assignment, delivery, and tracking of phishing remediation training.
- Structure and maintain phishing-related training content; obtain and use administrative access where appropriate.
- Collaborate with content creators to develop targeted training based on user risk levels and repeat offender trends.
- Support creation of awareness campaigns, documentation, and communications tied to simulation outcomes.
- Partner with security awareness, content, and business teams to deliver ad hoc or recurring campaigns.
- Support regulatory and compliance driven initiatives (e.g., CMMC) by designing targeted simulations and reporting.
- Communicate program results and risk context clearly to technical and non-technical stakeholders.
Core Technical Skills
- Microsoft Defender for Office 365 (Advanced/Expert): Hands-on experience with Attack Simulation Training, creation of custom payloads (login tease, malware attachment, link-based attacks), use of simulation automations and user targeting (e.g., new hires, repeat offenders), and understanding of email delivery mechanics to ensure realistic simulations.
- Splunk (Required): Ingesting and analyzing Defender/O365 data via Splunk Add-ons, writing SPL queries for simulation and real-world phishing analysis, building and maintaining operational and executive dashboards.
- Strong communication and coordination skills across technical and non-technical teams.
- Ability to manage workstreams, influence stakeholders, and drive outcomes without direct authority.
- Analytical mindset with the ability to translate data into actionable risk insights.
- HTML & CSS (Required): Ability to modify phishing templates and landing pages.
- Power BI & Data Visualization: Building interactive dashboards and risk scorecards; integrating Defender data via OData or Microsoft Graph.
- Python Automation: Scripting automation for user tagging, reporting, or data extraction.
- Security Awareness or Instructional Design: Customizing or localizing training content beyond vendor-provided materials.
- Global Security Awareness: Ability to plan simulations across time zones and cultural contexts.
- Instructional Design Mindset: Focus on behavior change, not just simulation metrics.
- Executive Communication: Ability to contextualize results (e.g., simulation difficulty vs. click rate) for leadership decision-making.
- Bachelor’s degree in Cybersecurity, Computer Science, or equivalent experience.
- 2+ years of experience in Information Security or Information Technology fields.
- 2+ years of experience in a cybersecurity role.
- English language proficiency.
- Good technical knowledge of Windows/Linux operating systems, various types of applications, and networking technologies.
- Analytical skills in threat, vulnerability, and intrusion detection analysis.
- Attention to detail.
- Ability to develop and follow complex work instructions and documentation.
- Willingness to learn.
- Experience working in a global, process-driven environment.
- Experience in cybersecurity with a focus on phishing simulation, security awareness, or incident remediation.
- Certifications such as CISSP, CISM, or Security+ are a plus.
- Strong analytical skills and attention to detail.
- Ability to work collaboratively across teams and communicate technical information effectively.
Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments – powered by our Honeywell Forge software – that help make the world smarter, safer and more sustainable.
Required Skills
Similar Jobs
View all →
VLSI Program manager
F.Robin Technologies Private Limited
Bangalore
₹30–60 LPA
VLSI Design
Program Management
Sr. Data Analyst
RSCP
Noida
₹6–9 LPA
Dashboard Development
Data Analysis
ETL Validation
+1
Corporate Trainer
Unknown
Chennai
Machine Learning
Deep Learning
Spring Boot
+43
Product Manager
Nexus Venture Partners
Bengaluru
Usability Testing
Data Analysis
Adobe Illustrator
+12
Senior Professional - Application Support Analyst/Developer - Tier 2 - Technology Operations Planning & Support
LPL Financial Global Capability Center
Hyderabad
Six Sigma
Data Analysis
Root Cause Analysis
+12
Similar Jobs
View all →
VLSI Program manager
F.Robin Technologies Private Limited
Bangalore
Sr. Data Analyst
RSCP
Noida
Corporate Trainer
Unknown
Chennai
Product Manager
Nexus Venture Partners
Bengaluru
Senior Professional - Application Support Analyst/Developer - Tier 2 - Technology Operations Planning & Support
LPL Financial Global Capability Center
HyderabadShare
Quick Apply
Upload your resume to apply for this position
–