Information security training lead

For more than 170 years, The Hanover has been committed to delivering on our promises and being there when it matters the most. We live our values every day, demonstrating we CARE through our values, Sustainability initiatives and inclusive corporate culture.

Our Information Security organization is currently seeking a Information Security Training Awareness Lead to join our growing team in our Worcester, MA office in a hybrid work arrangement or remote work location.

This is a full time, except position.

POSITION SUMMARY:

We are seeking a dynamic and experienced Information Security leader to drive our Information Security Training, Awareness, and Outreach initiatives. This role is critical to strengthening our cybersecurity posture by designing and executing engaging training programs, phishing simulations, and targeted outreach campaigns.

You will work closely with the Security Operations Center (SOC), Legal, HR, Corporate Communications, IT department and other stakeholders to foster a culture of security awareness across the enterprise.

In this role, annual plans will be created that provide a clear path to meeting program goals, milestones, regulatory requirements, and has the flexibility to address dynamic security challenges with agility.

This role will produce training materials for targeted audiences that address various learning styles through visual, auditory, and kinesthetic methods. This individual will build relationships with affected business units to meet objectives, and implement and manage phishing exercises, training modules, and communication materials. In addition, this individual will work closely with Hanover’s implementation managers to act as liaisons/change agents between the CISO and business units across the Enterprise.

WHAT YOU WILL DO IN THE ROLE:

Program Leadership & Strategy

• Have lead responsibility on significant course development of annual training and awareness plans aligned with regulatory requirements, threat landscape, and organizational goals.
• Lead the design and execution of phishing simulations and insider threat training programs based on NIST standards. Act as a change agent to promote adoption of security and IT best practices across business units.
  
  

Instructional Design & Delivery

• Create engaging, multi-modal training content tailored to diverse learning styles (visual, auditory, kinesthetic; inspired by the current cyber threat landscape.
• Translate complex technical and information security concepts into accessible, actionable learning materials.
• Deliver impactful presentations and facilitate training sessions for audiences at all organizational levels.
  
  

Outreach & Communication

• Build an outreach network to serve as liaisons between the Office of the CISO and business units.
• Develop and distribute awareness materials via newsletters, forums, digital signage, and online platforms.
• Establish and maintain an intuitive online hub for training schedules, resources, and security references.
• Create communications responding to active social engineering campaigns raising awareness to targeted parties, helping to protect The Hanover.
  
  

Metrics, Reporting & Analysis

• Develop and maintain key performance indicators (KPIs) and monthly metrics to measure the effectiveness of training, phishing simulations, and outreach efforts.
• Analyze trends and performance data to identify areas for improvement and inform future strategy.
• Collaborate with the GRC team to align reporting with compliance and risk management objectives.
• Prepare and present executive-level summaries and board communications to highlight program impact and progress.
• Ability to use automation tools such as Power BI is preferred but not required
  
  

Collaboration & Risk Mitigation

• Partner with Legal, HR, SOC, and Corporate Communications teams to address insider threats and develop mitigation strategies.
• Support incident response efforts through targeted education and outreach.
• Promote understanding of IT security responsibilities and organizational policies.
  
  

WHAT YOU NEED TO APPLY:

• Bachelor’s degree or 5+ years of relevant experience in cybersecurity, instructional design, or adult education.
• Proficiency in MS Office Suite and familiarity with security training platforms (e.g., Proofpoint).
• Knowledge of cybersecurity frameworks (NIST, ISO, MITRE) preferred.
• Experience designing and delivering training in virtual and matrixed environments.
• Strong organizational and time management skills; ability to adapt and solve problems creatively.
• Skilled in multimedia and web design tools (e.g., Articulate, Captivate, webinar platforms).
• Ability to influence stakeholders and execute strategic plans across a large enterprise.
  
  

Awareness & Outreach-Specific Certifications preferred, not required:

• SANS Security Awareness Professional (SSAP)
• Specifically designed for professionals managing security awareness programs.
• SANS Managing Human Risk
• Focuses on behavior change and building a culture of security.
  
  

CAREER DEVELOPMENT:

It’s not just a job, it’s a career, and we are here to support you every step of the way. We want you to be successful and fulfilled. Through on-the-job experiences, personalized coaching and our robust learning and development programs, we encourage you – at every level – to grow and develop.

BENEFITS:

We offer comprehensive benefits to help you be healthy, build financial security, and balance work and home life. At The Hanover, you’ll enjoy what you do and have the support you need to succeed.

Benefits include:

• Medical, dental, vision, life, and disability insurance
• 401K with a company match
• Tuition reimbursement
• PTO
• Company paid holidays
• Flexible work arrangements
• Cultural Awareness Day in support of IDE
• On-site medical/wellness center (Worcester only)
• Click here for the full list of Benefits
  
  

EEO statement:

The Hanover values diversity in the workplace and among our customers. The company provides equal opportunity for employment and promotion to all qualified employees and applicants on the basis of experience, training, education, and ability to do the available work without regard to race, religion, color, age, sex/gender, sexual orientation, national origin, gender identity, disability, marital status, veteran status, genetic information, ancestry or any other status protected by law.

Furthermore, The Hanover Insurance Group is committed to providing an equal opportunity workplace that is free of discrimination and harassment based on national origin, race, color, religion, gender, ancestry, age, sexual orientation, gender identity, disability, marital status, veteran status, genetic information or any other status protected by law.”

As an equal opportunity employer, Hanover does not discriminate against qualified individuals with disabilities. Individuals with disabilities who wish to request a reasonable accommodation to participate in the job application or interview process, or to perform essential job functions, should contact us at:[email protected] and include the link of the job posting in which you are interested.

Privacy Policy:

To view our privacy policy and online privacy statement, click here.

Applicants who are California residents: To see the types of information we may collect from applicants and employees and how we use it, please click here .

Compensation:

The target hiring range for this role may vary based on geographic location and other factors, including merit or performance, demonstrated proficiency, skills for the role, education, travel requirements, and experience. Additional compensation may include an annual bonus (which could take the form of a general bonus, sales incentive, or short-term incentive), long-term incentive or spot recognition awards. The posted range reflects our ability to hire at different position titles and levels depending on background and experience.