Security Governance & Awareness Lead

THE·TEAM operates at the epicenter of sports, music and entertainment, serving talent, brands and properties on a global scale. Headquartered in Los Angeles, THE·TEAM's presence spans 28 countries and more than 70 cities, including New York, London, Abu Dhabi, Amsterdam, Hong Kong, Madrid, Mexico City, Toronto, Paris and Sydney. For more information, please visit THE.TEAM.

THE·TEAM is seeking a Security Governance & Awareness Lead to help strengthen the organization’s cybersecurity culture, governance maturity, compliance readiness, and employee security engagement programs.

This role serves as a bridge between cybersecurity operations, governance/risk/compliance (GRC), and organizational education initiatives. The ideal candidate combines strong communication and training capabilities with practical cybersecurity knowledge, including exposure to security operations, vulnerability management, compliance frameworks, and emerging AI-related security risks.

The Security Governance & Awareness Lead will play a key role in reducing organizational risk through user education, policy alignment, regulatory awareness, and security culture development across the enterprise.

WHAT YOU'LL DO:

Security Awareness & Culture Development

• Lead and manage the organization’s cybersecurity awareness and education initiatives
• Administer and optimize security awareness platforms such as KnowBe4 or equivalent tools
• Design and execute phishing simulation campaigns and targeted awareness exercises
• Develop engaging security training materials including presentations, newsletters, micro-learning content, and awareness campaigns
• Deliver security education sessions for employees, leadership teams, and business units
• Track and report awareness program effectiveness using behavioral and risk-based metrics
• Promote a positive security-first culture across the organization

Governance, Risk & Compliance (GRC)

• Support organizational cybersecurity governance and compliance initiatives
• Assist with security policy development, communication, and employee adoption efforts
• Help reinforce compliance requirements related to GDPR, ISO 27001, NIST CSF, CIS Controls, and other applicable standards or regulatory frameworks
• Partner with Legal, HR, IT, and cybersecurity teams to support organizational risk management objectives
• Assist with audit readiness activities, evidence collection, and compliance awareness initiatives
• Translate compliance and governance requirements into practical guidance for employees and stakeholders

Security Operations & Risk Alignment

• Collaborate with SOC and cybersecurity operations teams to align awareness initiatives with real-world threat activity
• Incorporate incident trends, phishing attempts, and emerging threats into training and communications
• Support vulnerability awareness and remediation communication efforts across departments
• Participate in incident response exercises and security tabletop activities where appropriate
• Help improve organizational understanding of operational cybersecurity risks and responsibilities

AI Security & Emerging Technology Governance

• Support organizational efforts related to secure and responsible AI adoption
• Help develop and communicate guidance regarding acceptable use of generative AI platforms and emerging technologies
• Educate employees on risks associated with AI usage, including data exposure, privacy concerns, and security implications
• Stay informed on evolving AI-related cybersecurity risks, governance trends, and regulatory developments
• Collaborate with cybersecurity leadership to support AI governance and risk management initiatives

WHAT WE'RE LOOKING FOR:

• 3+ years of experience in cybersecurity, GRC, security operations, IT security, or security awareness roles
• Experience managing or supporting security awareness and training programs
• Familiarity with cybersecurity compliance frameworks and regulations such as GDPR, ISO 27001, NIST CSF, or CIS Controls
• Experience with security awareness platforms such as KnowBe4 or equivalent
• Exposure to SOC operations, vulnerability management, incident response, or cybersecurity monitoring processes
• Strong written, verbal, and presentation communication skills
• Ability to communicate technical and compliance concepts to non-technical audiences
• Strong organizational and cross-functional collaboration skills

Preferred Qualifications

• Experience supporting cybersecurity audits, assessments, or compliance initiatives
• Familiarity with SIEM, EDR, vulnerability management, or ticketing platforms
• Experience developing executive-level security metrics or reporting
• Understanding of privacy and data protection principles
• Exposure to AI governance, AI security risks, or enterprise AI acceptable use programs
• Relevant certifications such as Security+, CySA+, CISSP, CISM, CRISC, or similar

THE·TEAM does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.