Awareness & Training Analyst

The Awareness and Training Analyst is responsible for developing and executing enterprise-wide cybersecurity education initiatives that promote a security-conscious culture. This role designs and delivers engaging training programs, coordinates targeted awareness campaigns, and manages proactive phishing simulations. Through strategic outreach, communications, and effective use of eLearning platforms, the analyst ensures employees are informed, vigilant, and equipped to recognize and respond to cyber threats.

At Sherwin-Williams, our purpose is to inspire and improve the world by coloring and protecting what matters. Our paints, coatings and innovative solutions make the places and spaces in our world brighter and stronger. Your skills, talent and passion make it possible to live this purpose, and for customers and our business to achieve great results. Sherwin-Williams is a place that takes its stability, growth and momentum and translates it to possibility for our people. Our people are behind the strength of our success, and we invest and support you in:

Life … with rewards, benefits and the flexibility to enhance your health and well-being
Career … with opportunities to learn, develop new skills and grow your contribution
Connection … with an inclusive team and commitment to our own and broader communities
It's all here for you... let's Create Your Possible

At Sherwin-Williams, part of our mission is to help our employees and their families live healthier, save smarter and feel better. This starts with a wide range of world-class benefits designed for you. From retirement to health care, from total well-being to your daily commute—it matters to us. A general description of benefits offered can be found at http://www.myswbenefits.com/. Click on “Candidates” to view benefit offerings that you may be eligible for if you are hired as a Sherwin-Williams employee.

Compensation decisions are dependent on the facts and circumstances of each case and will impact where actual compensation may fall within the stated wage range. The wage range listed for this role takes into account the wide range of factors considered in making compensation decisions including skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. The wage range, other compensation, and benefits information listed is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law.

Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable federal, state, and local laws including with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act where applicable.

Sherwin-Williams is proud to be an Equal Employment Opportunity employer. All qualified candidates will receive consideration for employment and will not be discriminated against based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, pregnancy, genetic information, creed, marital status or any other consideration prohibited by law or by contract.

As a VEVRAA Federal Contractor, Sherwin-Williams requests state and local employment services delivery systems to provide priority referral of Protected Veterans.

Please be aware, Sherwin-Williams recruiting team members will never request a candidate to provide a payment, ask for financial information, or sensitive personal information like national identification numbers, date of birth, or bank account numbers during the application process.

1. The Cybersecurity Awareness and Training Analyst is responsible for supporting the development, delivery, and continuous improvement of cybersecurity education and awareness programs across the organization. This role ensures that employees are equipped with the knowledge and tools necessary to recognize and respond to cyber threats, fostering a culture of security and compliance.

2. The incumbent will collaborate closely with cross-functional teams—including IT, HR, and Communications—to ensure training content is relevant, engaging, and aligned with organizational risk priorities. They will manage awareness platforms and learning management systems (LMS), ensuring accurate configuration, user access setup, and timely updates to training modules and resources.

3. The analyst will be skilled in analyzing training metrics and user engagement data to assess program effectiveness, identify gaps, and provide actionable insights to leadership. They will develop custom reports and dashboards to support strategic decision-making and compliance tracking.

4. This role also involves recommending improvements to awareness strategies, training delivery methods, and content formats to optimize user experience and reduce human risk. The analyst will lead user training sessions, coordinate phishing simulations, and serve as a key liaison between technical teams and business units to promote secure behaviors and practices.

Must be eighteen years or older

Must be legally authorized to work in the country of employment without needing sponsorship for employment work visa status now or in the future.

Job duties include contact with other employees and access confidential and proprietary information and/or other items of value, and such access may be supervised or unsupervised. The Company therefore has determined that a review of criminal history is necessary to protect the business and its operations and reputation and is necessary to protect the safety of the Company’s staff, employees, and business relationships.

EDUCATION:

Required:

• Bachelor’s Degree (or foreign equivalent) or in lieu of a degree, at least 12 years in experience in the field of Information Technology or Business (work experience or a combination of education and work experience in the field of Information Technology or Business)

Preferred:

• Associate Professional in Talent Development (APTD), SANS Security Awareness Professional (SSAP), CompTIA Security+, or CISSP (Certified Information Systems Security Professional)

EXPERIENCE:

Required:

• 1+ years of experience in IT/Cybersecurity
• 1+ years of experience in cybersecurity awareness, training development, or instructional design, preferably in a corporate or enterprise environment
• Basic understanding of adult learning principles and instructional methodologies for technical and non-technical audiences
• Familiarity with Learning Management Systems (LMS) and digital training platforms for course creation, deployment, and tracking
• Proficient in Microsoft Office Suite (Word, Excel, PowerPoint, Outlook) for content creation, spreadsheet management, and communications
• Strong analytical and problem-solving skills with the ability to interpret training metrics and user engagement data
• Effective communication skills with the ability to translate technical cybersecurity concepts into accessible, engaging content for diverse audiences
• General knowledge of tools and techniques related to training automation, phishing simulations, and awareness campaign management
• Understanding of data management principles and spreadsheet functions for tracking training completion, compliance, and reporting

Preferred

• 1+ years of experience supporting cybersecurity awareness programs or IT training initiatives
• Experience with Learning Management Systems (LMS) and digital training platforms for course creation, deployment, and tracking
• Knowledge of the NIST Cybersecurity Framework’s Protect function, with demonstrated ability to reduce enterprise risk
• Experience with communication strategies for internal campaigns, including newsletters, intranet posts, and email outreach
• Exposure to behavior-based risk analysis and human risk metrics in cybersecurity contexts
• Knowledge of U.S. privacy laws, GDPR, and other global data protection regulations, with the ability to incorporate compliance requirements into cybersecurity awareness and training initiatives.

TECHNICAL/SKILL REQUIREMENTS:

Required:

• Must possess expert knowledge of Microsoft Office tools (Word, Excel, PowerPoint)
• Learning Management System (LMS) Administration and Reporting
• Training Content Development (eLearning, instructor-led, microlearning formats)
• Communication and Engagement Strategy (email, intranet, newsletters)
• Phishing Simulation Tools and User Behavior Analysis
• Minimum of 1 years of experience in designing, delivering, or coordinating training programs, preferably within IT, cybersecurity, or technology-related fields.
• Strong facilitation, verbal, and written communication skills, with the ability to explain technical concepts
• Strong commitment to inclusion and diversity

Preferred:

• Knowledge of the following frameworks:
• NIST Privacy Framework (PF)
• NIST Cyber Security Framework (CSF)
• Basic Data Analysis and Visualization for training metrics and KPIs