Cyber Simulation Content Developer and Trainer

Job Title: Cyber Simulation Content Developer and Trainer

Location: Brooklyn, NY (Hybrid)

Duration: 24months+

Years of Experience: 4+ years

Required Hours/Week: 35 Hours/Week

Hybrid: Work location & Remote (3 days in office/2 days remote)

Job Overview:

• Apply incident response experience to develop realistic, operationally accurate cyber incident scenarios
• Translate real-world incidents, threat intelligence, and lessons learned into structured training simulations
• Align all simulations to the Citywide Cyber Incident Response lifecycle, including detection, triage, investigation, containment, remediation, and post-incident review

Develop and maintain Immersive Labs simulation content, including:

• Scenario narratives and timelines
• Injects and decision points
• Supporting artifacts (e.g., logs, alerts, reports)
• Role-based challenges for technical staff, management, and executives
• Customize simulations for agency-specific environments while maintaining consistency with Citywide standards
• Proctor and oversee Immersive Labs training sessions, including:
• Managing scenario flow and inject timing
• Monitoring participant engagement and progress
• Providing guidance without disrupting learning objectives
• Support annual cyber training delivery across approximately 70 agencies
• Document exercise outcomes, participant challenges, and improvement areas to inform future content
• Participate in structured knowledge transfer and shadowing with the current role holder to ensure continuity during military deployment
• Assume independent responsibility for simulation development and training proctoring
• following the transition period

Mandatory Skills:

• Minimum of 4 years of hands-on cybersecurity incident response experience, including detection, triage, investigation, containment, remediation, and post-incident activities
• Experience responding to common cyber incidents such as ransomware, phishing, credential compromise, data breaches, and third-party/vendor incidents
• Ability to apply real-world incident response experience to the development of realistic training scenarios
• Experience developing, supporting, or delivering cybersecurity training, simulations, or tabletop exercises
• Experience using cyber range or hands-on training platforms (e.g., Immersive Labs or similar)
• Familiarity with incident response frameworks and standards (e.g., NIST, MITRE ATT&CK)
• Experience working with security logs, alerts, and technical artifacts (e.g., SIEM, EDR, network or cloud logs)
• Experience supporting or proctoring live training sessions, simulations, or tabletop exercises
• Strong written and verbal communication skills
• Ability to work independently, manage multiple activities, and assume responsibilities quickly during a time-sensitive transition
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or equivalent professional experience

Desirable skills/experience:

• Direct experience developing content specifically within Immersive Labs
• Experience designing and delivering cyber tabletop exercises for executive, management, and technical audiences
• Experience supporting large-scale, multi-agency or enterprise training programs
• Prior experience working in government, public sector, or highly regulated environments
• Experience aligning training content to organizational policies, playbooks, and incident response plans
• Familiarity with cloud security incidents (e.g., identity, SaaS, IaaS/PaaS environments)
• Experience incorporating lessons learned, after-action reports, or threat intelligence into training content
• Basic instructional design or adult learning experience
• Experience collecting training metrics and contributing to post-exercise reporting
• Relevant cybersecurity certifications (e.g., Security+, GCIH, GCED, CySA+, CISSP)