Skip to main content

Program Manager Cybersecurity

Requisition R065877 Market Richmond, VA Department Shift Days Schedule Full-time

Thank you for considering a career at Bon Secours Mercy Health!


The role of the  Program Manager Cybersecurity    is responsible for supporting the enterprise wide cybersecurity user awareness and education  training program which includes but is not limited to monthly user awareness messages, sharable content reference model (SCORM)  integration and  training development with Workday. In addition,  maintain the mandatory  annual user acceptance training program, support  quarterly phishing security exercises  to support a culture of compliance.  The position will also support project management  for cybersecurity penetration test and vulnerability management  scanning analysis mitigation. This position requires the candidate to be able to work independently and with minimum supervision and have excellent written and verbal communication skills.  

This position is virtual remote/work from home with eastern standard time requirement.   This position reports to the Systems Director Security.

Essential Functions/Core Responsibilities

  • Administer and support  quarterly phishing simulations with Colene technology.
  • Support annual user awareness training education module updates
  • Support SANS  Sharable Content Reference Model (SCORM) integration with Workday and identify training modules that support role-based security awareness education.
  • Collaborate with information technology, privacy and other departments to support user awareness education maturity
  • Support  monthly user awareness communication messages
  • Develop metrics and monthly trend security analysis  threat reports
  • Maintain current knowledge of cybersecurity technology and security industry certifications
  • Maintain current knowledge of HIPAA, NIST,  PCI-DSS, GDPR, FERPA,  HITRUST requirements
  • Assist with regulatory program initiatives and compliance tasks
  • Design and implement enterprise wide cybersecurity user awareness program that meets Payment Card Industry Data Security Standard (PCI-DSS) and Health Information Trust Alliance (HITRUST), Health Insurance Portability and Accountability Act (HIPAA) requirements.
  • Ensure that the security awareness program communicates security policies and requirements so that people know, understand and can follow them.  Complete quarterly cybersecurity phishing exercises maintain annual user acceptance training program, and weekly user awareness messages.
  • Identify the top human risks to our organization and the behaviors we need to change to mitigate those risks. Develop and maintain a security awareness program that effectively changes these behaviors, so our employees act in a secure manner, reducing the most risk to our organization.
  • Create a positive program that engages employees, to include focusing on changing behaviors both at home and at work. Ensure that our security awareness program communicates our security policies and requirements so that people know, understand and can follow them. .  Ultimately, we want our associates  to demonstrate the same secure behaviors regardless of where they are or the devices they are using.
  • Structure and maintain cybersecurity user awareness program to be long term, so ultimately, we are not changing just behaviors but culture.
  • Implement a cybersecurity ambassador program
  • Coordinate and schedule cybersecurity guest speakers
  • Create a metrics framework that can effectively measure requirements.  Excellent communication and presentation abilities.
  • Support  project management for penetration test and vulnerability management mitigation
  • Performing additional security related tasks as assigned.

Qualifications Include:

  • Bachelor’s degree in  Computer Science, Information Technology, Information System, Cybersecurity, Business Management, Health Care Administration, Healthcare Business,  preferred
  • 5+ years professional work experience in  cybersecurity or information technology
  • Certifications such as CISSP, Certified HIPAA Professional  (CHP), GIAC  SSAP, GSNA, GSLC, GSEC,  PMP, HITRUST, CPHIMS, CAHIMS, CISA, CRISC, ITIL, HCISSP, PCIP, Security+,  Certified Security Compliance Professional (CSCS)  preferred
  • Experience with  administration and  supporting phishing simulation exercises
  • Project management experience
  • Experience supporting sharable content  reference model (SCORM) integration with Workday and user awareness education program development and delivery
  • Experience supporting user awareness and education programs
  • Experience supporting Cofense phishing simulation software
  • Experience creating PowerPoint presentations,
  • Experience with metric development with Microsoft Excel
  • Excellent communication skills to effectively annotate findings in both written and oral form
  • Ability to communicate clearly and present security findings with technical staff as well as non-technical colleagues
  • Sensitivity to accuracy, timeliness, and professionalism in all areas of support activity is imperative.
  • Strong analytical and problem-solving skills
  • Ability to work independently with minimum supervision
  • Ability to work with highly confidential information
  • Must have legal authorization to work in the U.S.
  • This position will provide training for candidates who successfully interview and  have  the attitude and  aptitude to be successful in  the Program Manager Cybersecurity role.

Bon Secours Mercy Healthis an equal opportunity employer.

We’ll also reward your hard work with:

  • Comprehensive, affordable medical, dental and vision plans
  • Prescription drug coverage
  • Flexible spending accounts
  • Life insurance w/AD&D
  • An employer-matched 403(b) for those who qualify
  • Paid time off
  • Educational Assistance
  • And much more

Scheduled Weekly Hours:


Work Shift:



SS I&T - Info Security

All applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, sexual orientation, gender identity, age, genetic information, or protected veteran status, and will not be discriminated against on the basis of disability. If you’d like to view a copy of the affirmative action plan or policy statement for Mercy Health – Youngstown, Ohio or Bon Secours – Franklin, Virginia; Petersburg, Virginia; and Emporia, Virginia, which are Affirmative Action and Equal Opportunity Employers, please email If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact The Talent Acquisition Team at

Apply Now
Luis F., RN

I wanted to get into a career where I’m happy to go to work.

Luis F. Registered Nurse
Check Out This Location Loctaion icon View Map
Back to top