BJC HealthCare is seeking a Security Program Awareness Administrator.
Role will focus on communication within the Information Security Organization and be responsible for writing communications, creating training material and coming up with unique ways to educate the BJC Workforce.
Ideal candidates should possess strong communication skills and be able to establish and maintain relationships across the organization.
Hybrid position, should reside in the Greater St. Louis area.
Overview
BJC HealthCare is one of the largest nonprofit health care organizations in the United States, delivering services to residents primarily in the greater St. Louis, southern Illinois and southeast Missouri regions. With net revenues of $6.3 billion and more than 30,000 employees, BJC serves patients and their families in urban, suburban and rural communities through its 14 hospitals and multiple community health locations. Services include inpatient and outpatient care, primary care, community health and wellness, workplace health, home health, community mental health, rehabilitation, long-term care and hospice.
BJC is the largest provider of charity care, unreimbursed care and community benefits in the state of Missouri. BJC and its hospitals and health service organizations provide $785.9 million annually in community benefit. That includes $410.6 million in charity care and other financial assistance to patients to ensure medical care regardless of their ability to pay. In addition, BJC provides additional community benefits through commitments to research, emergency preparedness, regional health care safety net services, health literacy, community outreach and community health programs and regional economic development.
BJC’s patients have access to the latest advances in medical science and technology through a formal affiliation between Barnes-Jewish Hospital and St. Louis Children’s Hospital with the renowned Washington University School of Medicine, which consistently ranks among the top medical schools in the country.
IS Security Services serves as an independent, objective catalyst for implementing effective and efficient controls to protect BJC HealthCare (BJC) information resources through collaboration with customers. We provide value to our customers and the organization by: Ensuring compliance with internal policies and external regulations; evaluating information system and application controls; educating BJC employees and other strategic partners on information systems security practices and concepts; acting as a resource on security controls for new and existing information systems and applications; recovering mission critical applications and data vital to the organization and strategic partners; investigating practices not in compliance with established BJC Information Services security policies and standards.
Preferred Qualifications
Role Purpose
Develops security awareness communications and training programs in the healthcare setting.� Understands and ensures compliance with various information security regulations, including HIPAA, HITECH, PCI DSS, Meaningful Use, among others. Works in various governance frameworks, including the NIST Cybersecurity Framework, SANS/CIS Top 20 Critical Security Controls, NIST 800-53, ISO 27001, COBIT, ITIL, etc. Works independently with minimal supervision; interacts and communicates effectively with a diverse array of workforce members, including executive management, business process owners, vendors, and end users.
Responsibilities
Responsible for all IT Security Communications: Develops and implements an IT Security Awareness Communication plan that includes, at a minimum, formal enterprise-wide articles, targeted e-mail campaigns and internal social media posts. Provides ongoing written communication of upcoming IT Security initiatives and programs as well as articles about security current events that impact the BJC workforce. Manages the IT Security Website ?internal to IT Security, internal to BJC and public facing for BJC patients and patient families.
BJC Security Awareness Training, including: Develop and implement an enterprise-wide training program that includes, but is not limited to: New Hire Orientation, Semi-Annual Security Awareness Events, Ad-Hoc Events, Phishing Campaigns, Security Awareness Videos (e.g., YouTube), and Other.
Collaborate with Corporate Compliance to provide IT Security input as part of in person (e.g., Fall Forum) and online (Annual Compliance) annual, required compliance training.
Promote an understanding of BJC IT Security policies and procedures as well as minimum security requirements, security best practices, applicable regulatory standards and risks to BJC in the IT department as well as across the enterprise.
Demonstrate a solid understanding of various cybersecurity measures, such as: Security risk management and governance; complex business and information technology management processes and controls in the practical context of day to day business settings; emerging technology and security governance implications; best practices related to: business solution security (e.g., on-premise, SaaS, mobile, wireless, etc.); Common data protection strategies (e.g., encryption, segmentation, layering, etc.); vulnerability assessment and penetration testing; patch management; security monitoring; and incident management.
Minimum Requirements
Education
Associate's Degree
Experience
5-10 years
Supervisor Experience
No Experience
Preferred Requirements
Education
Bachelor's Degree
Experience
10+ years
Licenses & Certifications
CIA
Cert Information Privacy Prof
CISA
Cert. Info Security Officer
CISSP
Certified in Risk & IS Control
Benefits and Legal Statement
BJC Total Rewards
At BJC we’re committed to providing you and your family with benefits and resources to help you manage your physical, emotional, social and financial well-being.
Comprehensive medical, dental, vison, life insurance, and legal services available first day of the month after hire date
Disability insurance* paid for by BJC
Pension Plan*/403(b) Plan funded by BJC
401(k) plan with BJC match
Tuition Assistance available on first day
BJC Institute for Learning and Development
Health Care and Dependent Care Flexible Spending Accounts
Paid Time Off benefit combines vacation, sick days, holidays and personal time
The above information on this description has been designed to indicate the general nature and level of work performed by employees in this position. It is not designed to contain or be interpreted as an exhaustive list of all responsibilities, duties and qualifications required of employees assigned to this job. Equal Opportunity Employer
BJC HealthCare is one of the largest nonprofit health care organizations in the United States, delivering services to residents primarily in the greater St. Louis, southern Illinois and southeast Missouri regions. With net revenues of $5.5 billion and more than 30,000 employees, BJC serves patients and their families in urban, suburban and rural communities through its 15 hospitals and multiple community health locations. Services include inpatient and outpatient care, primary care, community health and wellness, workplace health, home health, community mental health, rehabilitation, long-term care and hospice.
BJC is the largest provider of charity care, unreimbursed care and community benefits in the state of Missouri. BJC and its hospitals and health service organizations provide $785.9 million annually in community benefit. That includes $410.6 million in charity care and other financial assistance to patients to ensure medical care regardless of their ability to pay. In addition, BJC provides additional community benefits through commitments to research, emergency preparedness, regional health care safety net services, health literacy, community outreach and community healt...h programs and regional economic development.
BJC’s patients have access to the latest advances in medical science and technology through a formal affiliation between Barnes-Jewish Hospital and St. Louis Children’s Hospital with the renowned Washington University School of Medicine, which consistently ranks among the top medical schools in the country.