Additional Information About the Role BJC is hiring for a Security Risk II Analyst. Ideal candidate will have experience in Security Risk Assessments and 3rd Party Risk Assessments. Experience with Logic 8 Platform is preferred. This is a remote position, but we are looking for candidates in the St. Louis Metro area. Overview BJC HealthCare is one of the largest nonprofit health care organizations in the United States, delivering services to residents primarily in the greater St. Louis, southern Illinois and southeast Missouri regions. With net revenues of $6.3 billion and more than 30,000 employees, BJC serves patients and their families in urban, suburban and rural communities through its 14 hospitals and multiple community health locations. Services include inpatient and outpatient care, primary care, community health and wellness, workplace health, home health, community mental health, rehabilitation, long-term care and hospice. BJC is the largest provider of charity care, unreimbursed care and community benefits in the state of Missouri. BJC and its hospitals and health service organizations provide $785.9 million annually in community benefit. That includes $410.6 million in charity care and other financial assistance to patients to ensure medical care regardless of their ability to pay. In addition, BJC provides additional community benefits through commitments to research, emergency preparedness, regional health care safety net services, health literacy, community outreach and community health programs and regional economic development. BJC’s patients have access to the latest advances in medical science and technology through a formal affiliation between Barnes-Jewish Hospital and St. Louis Children’s Hospital with the renowned Washington University School of Medicine, which consistently ranks among the top medical schools in the country. IS Security Services serves as an independent, objective catalyst for implementing effective and efficient controls to protect BJC HealthCare (BJC) information resources through collaboration with customers. We provide value to our customers and the organization by: Ensuring compliance with internal policies and external regulations; evaluating information system and application controls; educating BJC employees and other strategic partners on information systems security practices and concepts; acting as a resource on security controls for new and existing information systems and applications; recovering mission critical applications and data vital to the organization and strategic partners; investigating practices not in compliance with established BJC Information Services security policies and standards. Preferred Qualifications Role Purpose Technology role responsible for the management of risk in a pragmatic and cost-effective manner to ensure stakeholder confidence formal system certification and accreditation technical assessment and evaluation to determine control effectiveness across a large and complex corporate portfolio. Responsibilities - Able to research, analyze, interpret, evaluate, and integrate complex data from a wide variety of sources and provide creative solutions that align with strategic clinical and business workflows. While ensuring compliance of system and application security within scope of responsibility, in accordance with defined service levels, security practices/guidelines, and relevant technology standards. - Perform reviews of business solution self-assessments and assign risk rating. This includes performing a limited control review, completing documentation and presenting assessment in a formal review meeting. - Perform timely vendor vetting assessments on potential business solutions based on business partner requests, highlighting security posture and control gaps and need mitigating activities. This includes but is not limited to conducting meetings with business process owners and vendors, investigating vendor security posture and performance, reviewing baseline controls and gaps, documenting results, and reporting findings in a formal report. - Skillfully interact with business process owners, Technology and security personnel as well as vendors, management and other interested parties is required. This includes but is not limited to conducting meetings with business process owners and vendors, investigating vendor security posture and performance, reviewing baseline controls and gaps and documenting results while effectively report findings in a formal Security Risk Assessment report. Identify and complete Risk Acceptance forms where an exception to a policy or requirement is significant and needs to be reported to Management for approval. - Responsible for adding and maintaining status updates for high and critical findings for high and critical business solutions on the Risk Register. Minimum Requirements Education - Bachelor's Degree Experience - 2-5 years Supervisor Experience - No Experience Preferred Requirements Licenses & Certifications - CIA - CISA - Cert Info Systems Manager - CPA - Certified in Risk & IS Control Benefits and Legal Statement BJC Total Rewards At BJC we’re committed to providing you and your family with benefits and resources to help you manage your physical, emotional, social and financial well-being. - Comprehensive medical, dental, vison, life insurance, and legal services available first day of the month after hire date - Disability insurance* paid for by BJC - Annual 4% BJC Automatic Retirement Contribution - 401(k) plan with BJC match - Tuition Assistance available on first day - BJC Institute for Learning and Development - Health Care and Dependent Care Flexible Spending Accounts - Paid Time Off benefit combines vacation, sick days, holidays and personal time - Adoption assistance To learn more, go to our Benefits Summary. *Not all benefits apply to all jobs The above information on this description has been designed to indicate the general nature and level of work performed by employees in this position. It is not designed to contain or be interpreted as an exhaustive list of all responsibilities, duties and qualifications required of employees assigned to this job. Equal Opportunity Employer

Discover. Achieve. Succeed. #BeHere Location: US:WI:MENOMONEE FALLS at our WOODLAND PRIME 400 facility. This job is REMOTE. FTE: 1.000000 Standard Hours: 40.00 Shift: 1st shift flexible 7 am to 5pm Shift Details: Holidays: Weekends: Job Summary: Froedtert ThedaCare Health, Inc., a leading healthcare system located in Eastern Wisconsin, is seeking a Cybersecurity GRC Analyst, Training & Awareness professional to join the Cybersecurity Governance, Risk Management, and Compliance (GRC) team. This role is critical in promoting a robust security culture across the organization by designing, managing, and improving cybersecurity training and awareness programs. The successful candidate will focus on cybersecurity awareness, phishing program operations, cybersecurity training, and GRC concepts while fostering cultural engagement and workforce behavioral change through creative and innovative initiatives. You will partner with cross-functional teams to address cybersecurity risks in clinical and non-clinical environments, ensure regulatory compliance, and contribute to the harmonization of cybersecurity programs across the Froedtert ThedaCare ecosystem. Position Responsibilities: Training and Awareness Program Management: • Develop, implement, enhance, and manage a comprehensive Cybersecurity Training and Awareness framework tailored to healthcare's unique risks and regulatory landscape (e.g., HIPAA, PCI DSS, and Joint Commission requirements). • Design role-based training for diverse audiences, including clinicians, administrative staff, IT teams, and executives. • Continuously refine training materials to incorporate emerging threats, organizational changes, and stakeholder feedback. Phishing Program Operations: • Build, enhance, and execute a dynamic, reality-based phishing simulation program, addressing sector-specific threats such as ransomware and patient data phishing schemes. • Analyze simulation metrics and provide actionable insights to improve employee awareness and reduce risks. • Develop and maintain educational material to support cybersecurity initiatives and training activities. • Deliver targeted follow-up training for individuals or teams with repeated simulation failures. Creative Engagement and Communications: • Develop multimedia content, including videos, infographics, and gamified training, to drive engagement and retention. • Design and execute large-scale security awareness campaigns, ensuring alignment with cultural transformation goals. • Partner with leadership to create impactful security messaging and content tailored to high-risk roles. Regulatory and Compliance Integration: • Ensure training programs align with healthcare-specific regulations and standards, including HIPAA, PCI DSS, and Joint Commission requirements. • Collaborate with Compliance and Legal teams to embed security awareness into broader compliance initiatives. • Provide support for audits and regulatory reviews by showcasing training program effectiveness. Metrics, Reporting, and Continuous Improvement: • Develop and maintain KPIs and dashboards to measure the success of training programs and awareness initiatives. • Conduct quarterly and annual program reviews to identify opportunities for innovation and enhancement. • Prepare reports and presentations for leadership to highlight program impact and align with organizational goals. Collaboration and Change Management: • Partner with IT, Risk Management, and Clinical Operations teams to ensure training initiatives integrate seamlessly across the organization. • Lead security awareness efforts during organizational transitions, such as the Froedtert-ThedaCare merger, ensuring program consistency and harmonization. • Act as a trusted advisor to business units, translating complex cybersecurity topics into actionable guidance. Risk and Compliance Integration: • Assist with routine GRC activities, such as monitoring risk registers, supporting audit preparation, and reviewing policy exception requests. • Collaborate with the Risk Management team to align training efforts with identified risk scenarios, ensuring targeted mitigation strategies. Policy and Procedure Maintenance: • Support the documentation and dissemination of cybersecurity policies, standards, and procedures. • Assist in the lifecycle management of GRC documentation, ensuring alignment with training content and awareness initiatives. EXPERIENCE DESCRIPTION: 1 - 3 years of experience in a related field. 3 or more years of experience in a related field is preferred. At least three years of experience in Cybersecurity training, GRC, or a related role within healthcare or similarly regulated industries preferred Proven track record managing phishing simulation programs and security training platforms (e.g., KnowBe4, LMS). Experience creating and executing large-scale awareness campaigns using multimedia tools EDUCATION DESCRIPTION: BA in Computer Science or related field is required or equivalent acquired through combination of education and experience. Bachelor’s degree in Information Security, Computer Science, Communications, or a related field is preferred. Relevant certifications (e.g., CISSP, CISM, CISA, or GIAC) are a plus. SPECIAL SKILLS DESCRIPTION: Technical Expertise: • In-depth knowledge of healthcare regulations and cybersecurity frameworks, including HIPAA, HITECH, NIST CSF, and HITRUST. • Proficiency with phishing simulation platforms (e.g., KnowBe4) and LMS tools. • Familiarity with behavioral analytics and metrics for tracking training effectiveness. Creative and Communication Skills • Exceptional written and verbal communication skills, with the ability to craft messaging for technical and non-technical audiences. • Experience creating multimedia content (e.g., video editing, graphic design) for awareness campaigns. • Public speaking skills and confidence in presenting to diverse audiences. Analytical and Strategic Thinking • Strong problem-solving and critical-thinking skills for addressing complex training needs. • Experience developing data-driven strategies to improve training program impact and employee behavior. Collaboration and Leadership: • Demonstrated ability to collaborate across diverse teams and levels of leadership. • Self-starter with the ability to work independently and drive initiatives in a matrixed organization. • Proven ability to manage multiple projects with competing priorities. Preferred Qualifications • Experience in large healthcare systems or regulated industries. • Familiarity with change management and integration strategies during mergers or acquisitions. • Experience with gamified training methods or VR/AR-based security awareness tools Compensation, Benefits & Perks at Froedtert Health Pay is expected to be between: (expressed as hourly) $37.95 - $64.92. Final compensation is based on experience and will be discussed with you by the recruiter during the interview process. Froedtert Health Offers a variety of perks & benefits to staff, depending on your role you may be eligible for the following: - Paid time off - Growth opportunity- Career Pathways & Career Tuition Assistance, CEU opportunities - Academic Partnership with the Medical College of Wisconsin - Referral bonuses - Retirement plan - 403b - Medical, Dental, Vision, Life Insurance, Short & Long Term Disability, Free Workplace Clinics - Employee Assistance Programs, Adoption Assistance, Healthy Contributions, Care@Work, Moving Assistance, Discounts on gym memberships, travel and other work life benefits available The Froedtert & the Medical College of Wisconsin regional health network is a partnership between Froedtert Health and the Medical College of Wisconsin supporting a shared mission of patient care, innovation, medical research and education. Our health network operates eastern Wisconsin's only academic medical center and adult Level I Trauma center engaged in thousands of clinical trials and studies. The Froedtert & MCW health network, which includes ten hospitals, nearly 2,000 physicians and more than 45 health centers and clinics draw patients from throughout the Midwest and the nation. We are proud to be an Equal Opportunity Employer who values and maintains an environment that attracts, recruits, engages and retains a diverse workforce. We welcome protected veterans to share their priority consideration status with us at 262-439-1961. We maintain a drug-free workplace and perform pre-employment substance abuse testing. During your application and interview process, if you have a need that requires an accommodation, please contact us at 262-439-1961. We will attempt to fulfill all reasonable accommodation requests.

• Monitor and analyze traffic and events/alerts escalated by L2 and advise on remediation actions. • Review and assess impact and remediation actions for incidents. • Creation and continuous improvement of monitoring alerts. • Deep analysis of security incidents to identify the root cause. • Create new rules in SIEM to identify threats. • Monitor and analyze traffic and events/alerts and advise on remediation actions. • Review and assess impact and remediation actions for incidents. • Investigate intrusion attempts and perform analysis of exploits by correlating various sources and determining which system or data set is affected. • Follow standard operating procedures for detecting, classifying, and reporting incidents. • Analyze a variety of network and host-based security appliance logs (EDR, Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident. • Independently follow procedures to identify, contain, analyze, document and eradicate malicious activity. • Escalate information regarding intrusion events, security incidents, and other threat indicators and warning information to the client.

Cybersecurity Analyst Application Deadline: 31 May 2026 Department: Technology Employment Type: Fixed Term Contract Location: Head Office Compensation: $115,000 - $138,000 / year Description Role Summary We are seeking a Contract Security Analyst with hands-on experience across Netskope SSE, Microsoft Purview (full DLP), Microsoft Defender, and Arctic Wolf MDR. This role blends security operations, incident response, and data loss prevention engineering, supporting both daytoday alert handling and continuous improvement of detection and data protection controls. The analyst will act as a key technical partner to internal IT teams and the Arctic Wolf SOC, helping reduce risk, improve signal quality, and ensure strong visibility and control over cloud usage and sensitive data. Key Responsibilities 1. Security Monitoring, Investigation & Incident Response - Monitor, triage, and investigate security alerts originating from: - Arctic Wolf MDR - Microsoft Defender (Endpoint, Identity, Office 365, Cloud Apps) - Netskope SSE (SWG, CASB, ZTNA, Threat Protection, DLP) - Perform incident response activities including: - Alert validation, scoping, and root-cause analysis - Endpoint, identity, cloud, and SaaS activity investigation - Containment actions (account suspension, device isolation, session revocation, policy enforcement) - Work closely with Arctic Wolf on: - Case escalations and response coordination - Validation of detections and recommended actions - Produce clear incident documentation, including: - Timelines, affected assets, impact assessment, and remediation steps 2. Detection Engineering & Alert Tuning (NonSIEM) - Tune and optimize detections and policies directly within: - Microsoft Defender portals (no Sentinel) - Netskope security and DLP policies - Arctic Wolf escalation criteria and response workflows - Reduce alert fatigue by: - Eliminating false positives - Aligning severity with business impact - Improving investigation context and signal fidelity - Contribute to detection coverage for: - Identity compromise and OAuth abuse - Malware, ransomware, and lateral movement - Risky SaaS usage and anomalous cloud behavior - Data exfiltration and policy violations 3. Data Loss Prevention & Information Protection - Administer and enhance Microsoft Purview Information Protection and DLP, including: - Sensitivity labels and label policies - DLP policies across Exchange, SharePoint, OneDrive, and Teams - Alert triage and incident follow-up for DLP eventsup for DLP events - Design, implement, and tune Netskope DLP: - Inline and at rest controls across web and cloud appsrest controls across web and cloud apps - Classification, fingerprinting, and structured/unstructured data detection - Partner with business and privacy stakeholders to: - Translate data protection requirements into enforceable controls - Implement exception handling and user education workflows - Balance risk reduction with business usability - Track and report on DLP effectiveness and trends 4. Netskope SSE Platform Operations - Support the full Netskope SSE stack, including: - Secure Web Gateway (SWG) - CASB (managed and unmanaged apps) - ZTNA - Threat Protection - DLP - Monitor policy health, coverage, and enforcement effectiveness - Identify and remediate gaps in visibility, control, or logging - Support investigations involving risky apps, shadow IT, and cloud misuse 5. Platform Hygiene, Documentation & Reporting - Validate security tool coverage and operational health: - Endpoint onboarding and Defender health - Identity and SaaS integrations - Logging completeness and alert flow - Develop and maintain: - Incident response playbooks - DLP and investigation runbooks - Operational procedures and escalation paths - Produce actionable reporting for leadership: - Incident trends, alert quality, DLP metrics, and risk themes - Support knowledge transfer and operational maturity improvements Required Skills and Experience - 3–5+ years in a Security Analyst, SOC, or Incident Response role - Hands-on experience with: - Microsoft Defender (Endpoint, Identity, Office 365, Cloud Apps) - Microsoft Purview (Information Protection and full DLP) - Netskope (SWG, CASB, ZTNA, DLP, Threat Protection) - Arctic Wolf MDR (case handling, escalations, collaboration) - Strong understanding of: - Cloud and SaaS security threats - Identity-based attacks and phishing - Data protection and regulatory considerations - Incident response lifecycle and MITRE ATT&CK concepts - Ability to clearly document findings and communicate with both technical and nontechnical stakeholders Nice-to-Have Qualifications - Experience with: - Defender XDR Advanced Hunting - Security policy design for large M365 environments - SaaS governance and cloud risk management - Certifications (preferred but not required): - SC200, SC400, AZ500, Security+, or equivalent What Success Looks Like Within the first 60 days, the contractor is expected to: - Reduce alert noise through documented tuning improvements - Improve clarity and consistency of incident response processes - Deliver measurable improvements in DLP signal quality - Ensure full coverage and operational health across Defender, Netskope, and Purview - Leave behind clear documentation and operational artifacts Don’t meet every single requirement? That’s okay. We encourage you to apply anyway. We believe in investing in potential and supporting our team members as they grow into their roles. If this opportunity excites you, but your experience doesn’t align perfectly, we still want to hear from you. Benefits As an employee at Embark you will benefit from so many great employee perks… 🌍 Flexible Ways of Working: Design your workday around what matters most. With flexible hours, you can balance work with all the other important things in life. And, with our Remote Work Arrangement, you can work from anywhere in the world for part of the year—whether that’s a beach in Bali or your cozy cabin in Muskoka. 💪 Health & Wellbeing Support: Your wellbeing is our priority. Enjoy fitness reimbursements, paramedical coverage, and a generous health spending account. Recharge with Embark Wellness Days and wellness-focused afternoons, and access extended mental health support whenever you need it. 🚀 Career Development That Moves You Forward: Fuel your growth with funding for courses, certifications, and conferences. Explore new horizons through job rotations and secondments, and benefit from ongoing coaching and personalized development planning that keeps your career moving. At Embark, people stick around for the long-haul. 🎓 RESP Matching — Because Futures Matter: We don’t just talk about education—we invest in it. On top of RRSP matching, you’ll receive RESP matching to help your loved ones pursue their post-secondary dreams. 🎉 Fun Is Part of the Job: We take fun seriously. From themed parties and surprise treat days to team socials that actually make you want to show up, we create moments that spark joy, build connection, and make work feel like more than just work. Recent Awards