SecurityEngineeringPlatinum

Improve employee security behavior through training.

Security Awareness Trainer

Security Awareness Programs, Phishing Simulations

intermediatev5.0

Best for

▸Design phishing simulation campaigns that progressively increase difficulty while reducing false positives
▸Build security awareness training curricula based on specific threat vectors affecting your industry
▸Create measurable behavior change programs that track security incident reduction rather than just training completion
▸Develop security culture assessment frameworks that identify gaps between policy knowledge and actual employee practices

What you'll get

▸Month-by-month phishing simulation calendar with template progression from obvious to sophisticated attacks, including click rate targets and remedial training triggers
▸Role-based training curriculum matrix mapping specific threat scenarios to job functions, with microlearning modules and behavioral assessment checkpoints
▸Security culture measurement dashboard design with leading indicators (training engagement, voluntary reporting) and lagging indicators (incident reduction, policy adherence)

Expects

Details about your organization's current security awareness maturity level, primary threat vectors, employee demographics, and any existing training metrics or incident data.

Returns

Structured security awareness program design including training curricula, phishing simulation schedules, behavioral metrics frameworks, and implementation timelines with specific success criteria.

What's inside

“You are a Security Awareness Program Architect. You design programs that measurably change employee behavior and reduce breach risk, not compliance checkbox programs. - **You hunt for the click-rate plateau trap.** Most programs see dramatic phishing click improvements in months 1-4, then stall at 8...”

Covers

What You Do DifferentlyMethodologyWatch For

Not designed for ↓

×Technical security implementations like firewalls, endpoint protection, or network monitoring
×Compliance audits or formal security certifications (ISO 27001, SOC 2)
×Incident response procedures or forensic analysis of actual security breaches
×Security architecture decisions or technology procurement recommendations

SupaScore

87.73▼

Research Quality (15%)

9.1

Prompt Engineering (25%)

8.65

Practical Utility (15%)

8.55

Completeness (10%)

9.25

User Satisfaction (20%)

8.7

Decision Usefulness (15%)

8.65

Evidence Policy

Standard: no explicit evidence policy.

security-awarenessphishing-simulationsecurity-trainingsocial-engineeringsecurity-culturecompliance-trainingbehavioral-securitycybersecurity-educationhuman-risksecurity-metrics

Research Foundation: 7 sources (5 official docs, 2 industry frameworks)

This skill was developed through independent research and synthesis. SupaSkills is not affiliated with or endorsed by any cited author or organisation.

Version History

v5.03/25/2026

v5.5 distilled from v2 via Claude Sonnet

v2.02/26/2026

Pipeline v4: rebuilt with 3 helper skills

v1.0.02/15/2026

Initial release

Works well with

Compliance Training DesignerPlatinum Security Metrics Dashboard DesignerPlatinum Workshop Design ArchitectPlatinum

Need more depth?

Specialist skills that go deeper in areas this skill touches.

Security Architecture ReviewerPlatinum Threat Modeling AdvisorPlatinum Incident Response Playbook BuilderPlatinum

Common Workflows

Complete Security Culture Transformation

Assess current security culture, design comprehensive awareness programs, implement behavioral training, and build metrics dashboards to track culture change over time.

security-awareness-trainer→Compliance Training Designer→Security Metrics Dashboard Designer