Position Title:  Security Culture and Human Risk Program Lead

Security Culture and Human Risk Program Lead

Be a part of a revolutionary change

At PMI, we’ve chosen to do something incredible. We’re redefining our business and building our future on one clear purpose – to deliver a smoke-free future.

With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and the space to move your career forward in endlessly new directions.

Your ‘day to day’

As a Security Culture and Human Risk Program Lead at PMI, you will play a pivotal role in redefining our business and contributing to our vision of a smoke-free future. The Security Resilience & Culture team sits within PMI's Information Security function, which operates in the 2nd line of defense. The team helps strengthen cyber resilience across the company by conducting programs focused on raising security knowledge, information security training, phishing simulations, targeted interventions, and broader security culture initiatives. The wider direction of the team is to evolve from a traditional awareness function toward a strengthened framework for handling risks associated with human behavior. You will support this transition by combining strong campaign and communications delivery with a more targeted, insightful driven approach to human risk. This role will assist in building better interventions by improving how they are measured and scaled. It will also support practical AI-enabled approaches to working that increase quality, speed, and consistency.

• Lead the planning and delivery of effective security awareness campaigns and communications aligned to priority risks, behaviors, and business needs.
• Use behavioral and risk signals to improve how campaigns, phishing-related interventions, and other security culture activities are targeted and refined.
• Support the development of a more mature Human Risk Management capability through stronger measurement, feedback loops, reports, dashboards, and proof-of-concept readiness.
• Develop clear, audience-appropriate messaging that supports safer behaviors, reinforces key priorities, and strengthens leadership visibility on security topics.
• Build strong relationships with collaborators across InfoSec and the wider organization through clear communication, alignment, and sound expectation management.
• Bring structure and focused execution to workstreams by clarifying results, ownership, timelines, dependencies, and priorities, while helping establish clear, scalable, and increasingly automated processes with effective handoffs across the team and key collaborators.
• Use relevant AI tools and digital environments responsibly to support content development, analysis, and reporting improvements, while streamlining operational processes in line with PMI governance and secure‑use expectations.

Who we’re looking for

This role is suited to a candidate who combines rigor, discipline, and sound judgment with curiosity, creativity, and a willingness to test better ways of working. The successful candidate will be able to operate with structure while also bringing fresh thinking to campaigns, communications, and the evolution of the function

• Bachelor’s degree (preferred).

• 7+ years of relevant professional experience.
• Fluency in English.
• Experience leading or delivering awareness campaigns, communications programs, or behavior-change initiatives in a structured enterprise environment.
• Strong analytical capability, including interpreting data, identifying patterns, and drawing on findings to improve campaigns, communications, and interventions.
• Experience producing structured, leadership-ready reporting, including dashboards, indicator or views reflecting KPI, KRI or equivalent, or other reporting that supports decisions and program improvement.
• Strong written and verbal communication skills, demonstrating the capacity to develop clear messaging and explain complex topics in a practical and credible way.
• Strong collaborator management and influencing skills, demonstrating skill in building trust, managing expectations, and driving alignment.
• Strong program and project execution capability, including planning, coordination, progress tracking, and management of risks and dependencies.
• Relevant security exposure in cybersecurity, information risk, security awareness, human risk, insider risk, or a related domain, with sufficient fluency to work credibly with security subject matter authorities.
• Fluency in AI tools and digital platforms relevant to the PMI context, with the ability to use them responsibly to support analysis, reporting, content development, and workflow efficiency.

What we offer

Our success depends on our dedicated employees who come to work here every single day with a sense of purpose and an appetite for progress. Join PMI and you too can:

• Seize the freedom to define your future and ours. We’ll empower you to do things differently, experiment and explore.
• Be part of an inclusive, diverse culture, where everyone’s contribution is respected; collaborate with some of the world’s best people and feel like you belong.
• Pursue your ambitions and develop your skills with a global business – our staggering size and scale provides endless opportunities to progress.
• Take pride in delivering our promise to society: to deliver a smoke-free future.

Please note that only shortlisted candidates will be contacted.

Philip Morris International is an equal opportunity employer. We are committed to creating a diverse and inclusive work environment and encourage applications from all qualified individuals. Should you require any reasonable accommodations or adjustments to support your application, please let us know.