Job Title: Cyber Simulation Content Developer and Trainer
Location: Brooklyn, NY (Hybrid)
Duration: 24 months+
Years of Experience: 4+ years
Required Hours/Week: 35 Hours/Week
Hybrid: Work location & Remote (3 days in office/2 days remote)
We accept only NY/NJ Region candidates since this is Hybrid
Job Overview:
- Apply incident response experience to develop realistic, operationally accurate cyber incident scenarios
- Translate real-world incidents, threat intelligence, and lessons learned into structured training simulations
- Align all simulations to the Citywide Cyber Incident Response lifecycle, including detection, triage, investigation, containment, remediation, and post-incident review
Develop and maintain Immersive Labs simulation content, including:
- Scenario narratives and timelines
- Injects and decision points
- Supporting artifacts (e.g., logs, alerts, reports)
- Role-based challenges for technical staff, management, and executives
- Customize simulations for agency-specific environments while maintaining consistency with Citywide standards
- Proctor and oversee Immersive Labs training sessions, including:
- Managing scenario flow and inject timing
- Monitoring participant engagement and progress
- Providing guidance without disrupting learning objectives
- Support annual cyber training delivery across approximately 70 agencies
- Document exercise outcomes, participant challenges, and improvement areas to inform future content
- Participate in structured knowledge transfer and shadowing with the current role holder to ensure continuity during military deployment
- Assume independent responsibility for simulation development and training proctoring
- following the transition period
Mandatory Skills:
- Minimum of 4 years of hands-on cybersecurity incident response experience, including detection, triage, investigation, containment, remediation, and post-incident activities
- Experience responding to common cyber incidents such as ransomware, phishing, credential compromise, data breaches, and third-party/vendor incidents
- Ability to apply real-world incident response experience to the development of realistic training scenarios
- Experience developing, supporting, or delivering cybersecurity training, simulations, or tabletop exercises
- Experience using cyber range or hands-on training platforms (e.g., Immersive Labs or similar)
- Familiarity with incident response frameworks and standards (e.g., NIST, MITRE ATT&CK)
- Experience working with security logs, alerts, and technical artifacts (e.g., SIEM, EDR, network or cloud logs)
- Experience supporting or proctoring live training sessions, simulations, or tabletop exercises
- Strong written and verbal communication skills
- Ability to work independently, manage multiple activities, and assume responsibilities quickly during a time-sensitive transition
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or equivalent professional experience
Desirable skills/experience:
- Direct experience developing content specifically within Immersive Labs
- Experience designing and delivering cyber tabletop exercises for executive, management, and technical audiences
- Experience supporting large-scale, multi-agency or enterprise training programs
- Prior experience working in government, public sector, or highly regulated environments
- Experience aligning training content to organizational policies, playbooks, and incident response plans
- Familiarity with cloud security incidents (e.g., identity, SaaS, IaaS/PaaS environments)
- Experience incorporating lessons learned, after-action reports, or threat intelligence into training content
- Basic instructional design or adult learning experience
- Experience collecting training metrics and contributing to post-exercise reporting
- Relevant cybersecurity certifications (e.g., Security+, GCIH, GCED, CySA+, CISSP)
