Program Manager CybersecurityRequisition R065877 Market Richmond, VA Department Shift Days Schedule Full-time
Thank you for considering a career at Bon Secours Mercy Health!
The role of the Program Manager Cybersecurity is responsible for supporting the enterprise wide cybersecurity user awareness and education training program which includes but is not limited to monthly user awareness messages, sharable content reference model (SCORM) integration and training development with Workday. In addition, maintain the mandatory annual user acceptance training program, support quarterly phishing security exercises to support a culture of compliance. The position will also support project management for cybersecurity penetration test and vulnerability management scanning analysis mitigation. This position requires the candidate to be able to work independently and with minimum supervision and have excellent written and verbal communication skills.
This position is virtual remote/work from home with eastern standard time requirement. This position reports to the Systems Director Security.
Essential Functions/Core Responsibilities
- Administer and support quarterly phishing simulations with Colene technology.
- Support annual user awareness training education module updates
- Support SANS Sharable Content Reference Model (SCORM) integration with Workday and identify training modules that support role-based security awareness education.
- Collaborate with information technology, privacy and other departments to support user awareness education maturity
- Support monthly user awareness communication messages
- Develop metrics and monthly trend security analysis threat reports
- Maintain current knowledge of cybersecurity technology and security industry certifications
- Maintain current knowledge of HIPAA, NIST, PCI-DSS, GDPR, FERPA, HITRUST requirements
- Assist with regulatory program initiatives and compliance tasks
- Design and implement enterprise wide cybersecurity user awareness program that meets Payment Card Industry Data Security Standard (PCI-DSS) and Health Information Trust Alliance (HITRUST), Health Insurance Portability and Accountability Act (HIPAA) requirements.
- Ensure that the security awareness program communicates security policies and requirements so that people know, understand and can follow them. Complete quarterly cybersecurity phishing exercises maintain annual user acceptance training program, and weekly user awareness messages.
- Identify the top human risks to our organization and the behaviors we need to change to mitigate those risks. Develop and maintain a security awareness program that effectively changes these behaviors, so our employees act in a secure manner, reducing the most risk to our organization.
- Create a positive program that engages employees, to include focusing on changing behaviors both at home and at work. Ensure that our security awareness program communicates our security policies and requirements so that people know, understand and can follow them. . Ultimately, we want our associates to demonstrate the same secure behaviors regardless of where they are or the devices they are using.
- Structure and maintain cybersecurity user awareness program to be long term, so ultimately, we are not changing just behaviors but culture.
- Implement a cybersecurity ambassador program
- Coordinate and schedule cybersecurity guest speakers
- Create a metrics framework that can effectively measure requirements. Excellent communication and presentation abilities.
- Support project management for penetration test and vulnerability management mitigation
- Performing additional security related tasks as assigned.
- Bachelor’s degree in Computer Science, Information Technology, Information System, Cybersecurity, Business Management, Health Care Administration, Healthcare Business, preferred
- 5+ years professional work experience in cybersecurity or information technology
- Certifications such as CISSP, Certified HIPAA Professional (CHP), GIAC SSAP, GSNA, GSLC, GSEC, PMP, HITRUST, CPHIMS, CAHIMS, CISA, CRISC, ITIL, HCISSP, PCIP, Security+, Certified Security Compliance Professional (CSCS) preferred
- Experience with administration and supporting phishing simulation exercises
- Project management experience
- Experience supporting sharable content reference model (SCORM) integration with Workday and user awareness education program development and delivery
- Experience supporting user awareness and education programs
- Experience supporting Cofense phishing simulation software
- Experience creating PowerPoint presentations,
- Experience with metric development with Microsoft Excel
- Excellent communication skills to effectively annotate findings in both written and oral form
- Ability to communicate clearly and present security findings with technical staff as well as non-technical colleagues
- Sensitivity to accuracy, timeliness, and professionalism in all areas of support activity is imperative.
- Strong analytical and problem-solving skills
- Ability to work independently with minimum supervision
- Ability to work with highly confidential information
- Must have legal authorization to work in the U.S.
- This position will provide training for candidates who successfully interview and have the attitude and aptitude to be successful in the Program Manager Cybersecurity role.
Bon Secours Mercy Healthis an equal opportunity employer.
We’ll also reward your hard work with:
- Comprehensive, affordable medical, dental and vision plans
- Prescription drug coverage
- Flexible spending accounts
- Life insurance w/AD&D
- An employer-matched 403(b) for those who qualify
- Paid time off
- Educational Assistance
- And much more
Scheduled Weekly Hours:40
Department:SS I&T - Info Security
All applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, sexual orientation, gender identity, age, genetic information, or protected veteran status, and will not be discriminated against on the basis of disability. If you’d like to view a copy of the affirmative action plan or policy statement for Mercy Health – Youngstown, Ohio or Bon Secours – Franklin, Virginia; Petersburg, Virginia; and Emporia, Virginia, which are Affirmative Action and Equal Opportunity Employers, please email firstname.lastname@example.org. If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact The Talent Acquisition Team at email@example.com.
I wanted to get into a career where I’m happy to go to work.Luis F. Registered Nurse