JOB REQUIREMENTS: Discover. Achieve. Succeed. #BeHere Location:
US:WI:MENOMONEE FALLS at our WOODLAND PRIME 400 facility. This job is
REMOTE. FTE: 1.000000 Standard Hours: 40.00 Shift: 1st shift flexible 7
am to 5pm Shift Details: Holidays: Weekends: Job Summary: Froedtert
ThedaCare Health, Inc., a leading healthcare system located in Eastern
Wisconsin, is seeking a Cybersecurity GRC Analyst, Training & Awareness
professional to join the Cybersecurity Governance, Risk Management, and
Compliance (GRC) team. This role is critical in promoting a robust
security culture across the organization by designing, managing, and
improving cybersecurity training and awareness programs. The successful
candidate will focus on cybersecurity awareness, phishing program
operations, cybersecurity training, and GRC concepts while fostering
cultural engagement and workforce behavioral change through creative and
innovative initiatives. You will partner with cross-functional teams to
address cybersecurity risks in clinical and non-clinical environments,
ensure regulatory compliance, and contribute to the harmonization of
cybersecurity programs across the Froedtert ThedaCare ecosystem.
Position Responsibilities: Training and Awareness Program Management:
Develop, implement, enhance, and manage a comprehensive Cybersecurity
Training and Awareness framework tailored to healthcare's unique risks
and regulatory landscape (e.g., HIPAA, PCI DSS, and Joint Commission
requirements). Design role-based training for diverse audiences,
including clinicians, administrative staff, IT teams, and executives.
Continuously refine training materials to incorporate emerging threats,
organizational changes, and stakeholder feedback. Phishing Program
Operations: Build, enhance, and execute a dynamic, reality-based
phishing simulation program, addressing sector-specific threats such as
ransomware and patient data phishing schemes. Analyze simulation metrics
and provide actionable insights to improve employee awareness and reduce
risks. Develop and maintain educational material to support
cybersecurity initiatives and training activities. Deliver targeted
follow-up training for individuals or teams with repeated simulation
failures. Creative Engagement and Communications: Develop multimedia
content, including videos, infographics, and gamified training, to drive
engagement and retention. Design and execute large-scale security
awareness campaigns, ensuring alignment with cultural transformation
goals. Partner with leadership to create impactful security messaging
and content tailored to high-risk roles. Regulatory and Compliance
Integration: Ensure training programs align with healthcare-specific
regulations and standards, including HIPAA, PCI DSS, and Joint
Commission requirements. Collaborate with Compliance and Legal teams to
embed security awareness into broader compliance initiatives. Provide
support for audits and regulatory reviews by showcasing training program
effectiveness. Metrics, Reporting, and Continuous Improvement: Develop
and maintain KPIs and dashboards to measure the success of training
programs and awareness initiatives. Conduct quarterly and annual program
reviews to identify opportunities for innovation and enhancement.
Prepare reports and presentations for leadership to highlight program
impact and align with organizational goals. Collaboration and Change
Management: Partner with IT, Risk Management, and Clinical Operations
teams to ensure training initiatives integrate seamlessly across the
organization. Lead security awareness efforts during organizational
transitions, such as the Froedtert-ThedaCare merger, ensuring program
consistency and harmonization. Act as a trusted advisor to business
* ** APPLICATION INSTRUCTIONS: Apply Online:
https://www.aplitrak.com/adid=YmJnZW5lcmljLjQyMTcxLjg3NzBAZnJvZWR0ZXJ0Y29tcC5hcGxpdHJhay5jb20
