Cybersecurity GRC Analyst, Training & Awareness, FCH - IT - reputed company

About the position reputed company reputed company Health, Inc., a leading healthcare system located in Eastern Wisconsin, is seeking a Cybersecurity GRC Analyst, Training & Awareness professional to join the Cybersecurity Governance, Risk Management, and Compliance (GRC) team. This role is critical in promoting a robust reputed company culture across the organization by designing, managing, and improving cybersecurity training and awareness programs. The successful candidate will focus on cybersecurity awareness, phishing program operations, cybersecurity training, and GRC concepts while fostering cultural engagement and workforce behavioral change through creative and innovative initiatives. You will partner with cross-functional teams to address cybersecurity risks in clinical and non-clinical environments, ensure regulatory compliance, and contribute to the harmonization of cybersecurity programs across the reputed company reputed company ecosystem.

Responsibilities

• reputed company, implement, enhance, and manage a comprehensive Cybersecurity Training and Awareness reputed company tailored to healthcare's unique risks and regulatory landscape (e.g., HIPAA, PCI reputed company, and Joint Commission requirements).
• Design role-based training for diverse audiences, including clinicians, administrative staff, IT teams, and executives.
• Continuously refine training materials to incorporate emerging threats, organizational changes, and stakeholder feedback.
• Build, enhance, and execute a dynamic, reality-based phishing simulation program, addressing sector-specific threats such as ransomware and patient data phishing schemes.
• Analyze simulation metrics and provide actionable insights to improve employee awareness and reduce risks.
• reputed company and maintain educational material to support cybersecurity initiatives and training activities.
• Deliver targeted follow-up training for individuals or teams with repeated simulation failures.
• reputed company multimedia content, including videos, infographics, and gamified training, to drive engagement and retention.
• Design and execute large-scale reputed company awareness campaigns, ensuring alignment with cultural transformation goals.
• Partner with leadership to create impactful reputed company messaging and content tailored to high-risk roles.
• Ensure training programs align with healthcare-specific regulations and standards, including HIPAA, PCI reputed company, and Joint Commission requirements.
• Collaborate with Compliance and Legal teams to embed reputed company awareness into broader compliance initiatives.
• Provide support for audits and regulatory reviews by showcasing training program effectiveness.
• reputed company and maintain KPIs and dashboards to measure the success of training programs and awareness initiatives.
• Conduct quarterly and annual program reviews to identify opportunities for innovation and enhancement.
• Prepare reports and presentations for leadership to reputed company program impact and align with organizational goals.
• Partner with IT, Risk Management, and Clinical Operations teams to ensure training initiatives integrate seamlessly across the organization.
• reputed company reputed company awareness efforts during organizational transitions, such as the reputed company-reputed company reputed company, ensuring program consistency and harmonization.
• Act as a trusted advisor to business units, translating reputed company cybersecurity topics into actionable guidance.
• Assist with routine GRC activities, such as monitoring risk registers, supporting audit preparation, and reviewing policy exception requests.
• Collaborate with the Risk Management team to align training efforts with identified risk scenarios, ensuring targeted mitigation strategies.
• Support the documentation and dissemination of cybersecurity policies, standards, and procedures.
• Assist in the lifecycle management of GRC documentation, ensuring alignment with training content and awareness initiatives.

Requirements

• 1 - 3 years of experience in a reputed company field.
• BA in Computer Science or reputed company field is required or equivalent acquired through combination of education and experience.
• In-depth knowledge of healthcare regulations and cybersecurity frameworks, including HIPAA, HITECH, NIST CSF, and HITRUST.
• Proficiency with phishing simulation platforms (e.g., reputed company) and LMS tools.
• Familiarity with behavioral analytics and metrics for tracking training effectiveness.
• Exceptional written and verbal communication skills, with the ability to craft messaging for technical and non-technical audiences.
• Experience creating multimedia content (e.g., video editing, graphic design) for awareness campaigns.
• Public speaking skills and confidence in presenting to diverse audiences.
• Strong problem-solving and critical-thinking skills for addressing reputed company training needs.
• Experience developing data-driven strategies to improve training program impact and employee behavior.
• Demonstrated ability to collaborate across diverse teams and levels of leadership.
• Self-starter with the ability to work indep

Apply To This Job