Global Phishing Drill Service Senior Analyst

Reference Code 3024

Country:

US Locations: USA - Hermitage; USA - Nashville; USA - Tampa

Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.

Work you'll do

Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.

Work you'll do

Phishing Scenario Design & Development

• Designing and developing highly realistic and sophisticated phishing email templates and landing pages using HTML, CSS, and potentially JavaScript, to mimic real-world threats
• Crafting compelling social engineering narratives and scenarios that reflect current threat landscapes and target specific user behaviors
• Developing and maintaining a library of diverse phishing templates and scenarios for various client needs

Phishing Platform Management & Execution

• Configuring, launching, and managing phishing simulation campaigns using industry-leading platforms, with specific expertise in Microsoft Attack Simulator
• Scheduling and executing drills, ensuring campaigns are delivered effectively and with minimal disruption to business operations
• Monitoring campaign progress, tracking user interactions (e.g., clicks, credential entry, reported emails), and ensuring data integrity

Analysis & Reporting

• Analyzing the results of phishing simulations to identify trends, patterns of user susceptibility, and areas where security awareness needs improvement
• Generating comprehensive and insightful reports on campaign effectiveness, including key metrics, identified risks, and actionable recommendations
• Presenting findings to both technical and non-technical stakeholders, clearly articulating the impact and proposed solutions

Security Awareness Contribution

• Collaborating closely with security awareness and training teams to integrate phishing drill insights into ongoing educational programs
• Providing expert input on best practices for user education based on simulation outcomes and observed behaviors

Threat Intelligence & Best Practices

• Staying abreast of the latest phishing techniques, social engineering tactics, and cyber threat intelligence to ensure simulations remain relevant and challenging
• Contributing to the development of best practices for phishing simulation and security awareness within Deloitte and for our clients

The team

Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can be" to help Deloitte deliver and connect with its clients, its communities, and one another in ways not previously conceived.

Qualifications

Education (degree): Bachelor's degree in a quantitative field such as Computer Science, Data Science, Statistics, Mathematics, Information Technology, Cybersecurity, or a related discipline.

Master's degree in a relevant field is advantageous.
Relevant industry certifications such as Certified Analytics Professional (CAP), CompTIA Data+, or cybersecurity certifications (e.g., CompTIA Security+, CySA+, GSEC) are a plus.

Years of Experience: Minimum of 3+ years of experience in data analysis, cybersecurity, IT risk, or similar technical environment.

Qualifications and Desired Skills

• Proven experience in a cyber security role, with a focus on phishing simulations, security awareness, or social engineering
• HTML/CSS Proficiency: Strong ability to write, modify, and troubleshoot HTML and CSS for creating realistic email templates and web pages
• Phishing Platform Experience: Hands-on experience in configuring, launching, and managing phishing campaigns using simulation tools, preferably with expertise in Microsoft Attack Simulator
• Scenario Creation: Demonstrated ability to design and execute realistic and impactful social engineering scenarios
• A solid understanding of common cyber security concepts, attack vectors, and social engineering principles
• Familiarity with email protocols (e.g., SMTP, DMARC, SPF, DKIM) and email security controls
• Strong analytical skills to interpret campaign data and identify actionable insights
• Excellent communication, presentation, and report-writing skills, with the ability to convey complex information clearly

Preferred Qualifications

• Experience working in global or cross-functional environments.
• Familiarity with regulatory and compliance reporting (e.g., SOX, GDPR, CMMC).
• Certifications such as CISSP, CISM, CRISC, or CISA.

Our culture

At Deloitte Global people are valued and respected for who they are – with opportunities to bring their unique perspectives, talents and passions to business challenges. Our global workspace creates room for individuality and collaboration. Ours is an inclusive, supportive, connected culture with a focus on development, flexibility, and well-being. This culture makes Deloitte Global one of the most rewarding places to work, and to transform your career.

Professional development

From entry-level employees to senior leaders, we believe in investing in you, helping you identify and hone your unique strengths at every step of your career. We offer opportunities to build new skills, take on leadership opportunities, and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.

Benefits

At Deloitte, we value our people and offer employees a broad range of benefits. Our Total Rewards program reflects our continued commitment to lead from the front in everything we do—that’s why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being.

Recruiting for this role ends on 02/25/2026.