We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Rogers Behavioral Health jobs

Cybersecurity Coordinator

Rogers Behavioral Health
vision insurance, tuition reimbursement, 401(k), retirement plan
United States, Wisconsin, Oconomowoc
Jul 30, 2025
Summary:

The Cybersecurity GRC Coordinator will lead and enhance our cybersecurity risk management and compliance initiatives. This role is instrumental in ensuring the organization's security posture aligns with industry regulations such as HIPAA, HITECH, and PCI DSS, and follows recognized frameworks like NIST and CIS. The ideal candidate will have deep experience in risk management and assessments, policy development, third-party risk management (TPRM), regulatory compliance, and security awareness programs. Job Duties & Responsibilities:

  • Lead enterprise-wide cybersecurity risk assessments and manage the risk lifecycle, including identification, analysis, mitigation, and reporting.

  • Ensure organizational compliance with HIPAA, HITECH, PCI DSS, and state/federal cybersecurity regulations.

  • Maintain and monitor risk registers and control inventories, ensuring alignment with NIST CSF, NIST 800-53/171, and CIS Controls.

  • Track and support remediation of risk and compliance gaps, ensuring timely resolution and reporting to stakeholders.

  • Develop and execute the third-party/vendor security risk management process, including assessments, due diligence, and risk mitigation strategies.

  • Collaborate with procurement, legal, and business teams to evaluate third-party contracts and data handling practices.

  • Maintain documentation for vendor security reviews and provide recommendations for risk acceptance or remediation.

  • Develop, maintain, and enforce cybersecurity policies, standards, and procedures aligned with regulatory requirements and best practices.

  • Ensure policy lifecycle management is followed, including regular reviews and updates based on evolving risks and regulations.

  • Serve as a subject matter expert on cybersecurity GRC topics across internal projects and initiatives.

  • Lead the design, development, and delivery of the organization's cybersecurity education and awareness programs.

  • Conduct phishing simulations, targeted training campaigns, and role-based security education.

  • Evaluate training effectiveness and adjust program strategies to reduce human risk.

  • Support internal and external audits, assessments, and regulatory reviews, including documentation gathering, evidence submission, and audit response.

  • Provide regular metrics, dashboards, and reports on compliance posture, risks, and program effectiveness to leadership and stakeholders.

  • Assist leading incident response activities, including forensic collection of images, and artifacts, analysis of resulting data, and development of remediation and mitigation recommendations.

Additional Job Description:

Physical/Mental Demands:

  • Position requires walking, sitting, and standing. Lifting is moderate; must be capable of lifting a minimum of forty (40) pounds. Reaching, handling, grasping and manual dexterity are necessary to operate various equipment.

  • Verbal and hearing ability are required to interact with staff, consultants, patients, and family members of patients. Numerical ability is required to maintain records and operate a computer.

  • Tact is required to interact effectively with employees and professional staff. Logical thinking and discretion required to make decisions in initiating and implementing policies, procedures, and standards.

  • Must be able to read and communicate through written, verbal, and auditory skills and abilities.

  • Must be physically/mentally able to perform job duties as verified by a physical exam by a licensed physician, per post-employment physical.

Qualifications Requirements:

  • 7+ years of professional experience in cybersecurity, risk management, and/or GRC, with at least 3+ years in a senior or lead capacity.

  • Strong knowledge of healthcare security and privacy regulations including HIPAA, HITECH, and PCI DSS.

  • Proficiency in applying security frameworks such as NIST CSF, NIST 800-53/171, and CIS Controls.

  • Hands-on experience conducting enterprise risk assessments, managing third-party risk, and developing GRC processes.

  • Excellent understanding of policy governance, audit readiness, and regulatory reporting.

  • Strong written and verbal communication skills; able to translate technical risks into business language for leadership.

Education/Training Requirements:

  • Bachelor's degree in the field of computer science, computer information systems, or computer engineering or equivalent professional experience.

  • Industry certifications strongly preferred, such as: CISSP, CISA, CRISC, HCISPP, CISM, or Certified in Healthcare Privacy and Security (CHPS)

With a career at Rogers, you can look forward to a Total Rewards package of benefits, including:

  • Health, dental, and vision insurance coverage for you and your family
  • 401(k) retirement plan
  • Employee share program
  • Life/disability insurance
  • Flex spending accounts
  • Tuition reimbursement
  • Health and wellness program
  • Employee assistance program (EAP)

Through UnitedHealthcare, UMR and HealthSCOPE Benefits creates and publishes the Machine-Readable Files on behalf of Rogers Behavioral Health. To link to the Machine-Readable Files, please visit Transparency in Coverage (uhc.com)

Applied = 0
MORE JOBS LIKE THIS

(web-6886664d94-nm6rc)