Security Awareness Analyst Senior

Virginia Jobs$91K — $168K *
Healthcare
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree required; 5-7 years of relevant experience preferred.
  • CISSP or HCISPP certification required or in progress.
  • Experience leading cybersecurity programs, particularly in healthcare.
  • Familiarity with phishing simulation tools and maturity metrics.
  • Knowledge of NIST CSF and HIPAA compliance.

Responsibilities

  • Lead UVA Health's cybersecurity awareness and training program, including planning and execution.
  • Develop and deliver targeted training for staff based on risk trends.
  • Design and conduct phishing simulations; analyze results for risk patterns.
  • Maintain metrics and dashboards to evaluate training effectiveness over time.
  • Collaborate on cybersecurity and compliance assessments, ensuring evidence collection and control validation.
  • Support internal audits and governance activities related to cybersecurity risk management.
  • Develop and maintain IT security policies aligned with regulatory standards.

Benefits

  • Comprehensive Benefits Package: Medical, Dental, and Vision Insurance
  • Paid Time Off, Long-term and Short-term Disability, Retirement Savings
  • Health Saving Plans, and Flexible Spending Accounts
  • Certification and education support
  • Generous Paid Time Off
Full Job Description
Assist Director Information Technology Security to implement information security plan and maintain application accesses for Information Systems supported by UVa Health System Computing Services.

Key Responsibilities

Enterprise Security Awareness & Training Program Leadership

  • With guidance from the GRC Director, lead the UVA Health cybersecurity awareness and training program, including annual planning, execution, and continuous improvement.
  • Develop and deliver role-appropriate training for workforce members, including onboarding, annual refresher training, and targeted campaigns based on risk trends.
  • Design, run, and continuously refine phishing simulation campaigns; analyze results, identify systemic risk patterns, and recommend corrective actions.
  • Maintain program metrics and dashboards to demonstrate effectiveness, maturity, and risk reduction over time.
  • Ensure documentation and evidence of training completion and program effectiveness are maintained to support audits and regulatory reviews.


Phishing & Social Engineering Risk Management

  • Monitor and assess emerging phishing and social engineering techniques affecting healthcare organizations.
  • Develop awareness content addressing real-world attack scenarios (e.g., phishing, spear-phishing, business email compromise, vishing, smishing).
  • Partner with IT Security Operations and Incident Response teams to incorporate lessons learned from security incidents into training and awareness activities.


Compliance Assessments & Governance Support

  • Serve as a senior contributor to cybersecurity and regulatory compliance assessments by coordinating evidence collection, validating control effectiveness, and supporting remediation tracking.
  • Participate in periodic security risk assessments and governance activities aligned with UVA Health's cybersecurity risk management practices.
  • Collaborate with Internal Audit, Compliance, and Privacy stakeholders to support internal and external audits and readiness activities.


Policy Development & Lifecycle Management

  • Lead or co-lead development, review, maintenance, and communication of IT security policies, standards, and procedures.
  • Ensure policies reflect UVA Health governance expectations and are aligned with healthcare regulatory requirements and recognized cybersecurity frameworks.
  • Coordinate policy lifecycle activities, including scheduled reviews, updates, approvals, and workforce communication.


Data Governance & Privacy Controls

  • Apply and support cybersecurity controls related to data governance, data classification, and privacy protection for sensitive health and business information.
  • Work closely with Privacy and Compliance teams to support appropriate handling of PHI and other regulated data across systems and workflows.
  • Assist in identifying risks related to data access, use, and disclosure, and support mitigation strategies consistent with UVA Health standards.


Leadership & Collaboration

  • Act as a subject matter expert and trusted advisor for security awareness, human-centric risk, and governance topics across the health system.
  • Influence without authority by partnering with clinical, operational, academic, and administrative stakeholders.
  • Mentor junior staff or contribute expert guidance within cross-functional initiatives as assigned.


MINIMUM REQUIREMENTS

Education: Bachelor's degree
Experience: 5-7 years relevant experience. Relevant experience may be considered in lieu of a degree.
Licensure: CISSP or HCISPP required or actively working on and can demonstrate a plan to achieve

Preferred Qualifications

  • Experience leading healthcare cybersecurity programs or academic health systems.
  • Experience with phishing simulation platforms and awareness maturity metrics.
  • Familiarity with NIST CSF, HIPAA security principles, and healthcare compliance expectations.
  • Certifications such as CISSP, HCISP, CISM, CISA, Security + is preferred.


PHYSICAL DEMANDS

This is primarily a sedentary job involving extensive use of desktop computers. The job does occasionally require traveling some distance to attend meetings, and programs.

The pay range for this role is $91,312.00 - $168,748.00 annually. Individual compensation will be determined by the selected candidate's qualifications, previous work experience, and/or education.

Benefits
  • Comprehensive Benefits Package: Medical, Dental, and Vision Insurance
  • Paid Time Off, Long-term and Short-term Disability, Retirement Savings
  • Health Saving Plans, and Flexible Spending Accounts
  • Certification and education support
  • Generous Paid Time Off


About Virginia Jobs

Virginia Jobs Careers

There has never been a better time to explore the diverse job opportunities at Virginia Jobs—the leading hub for employment in the region.

Opportunities Await

Virginia Jobs invites professionals to join a dynamic team dedicated to innovation and excellence in various industries. This platform helps some of the most talented individuals propel their careers forward by connecting them with top-tier employment opportunities. Transform your professional life with Virginia Jobs, where leadership, diversity training, and growth are at the core of the company culture. Virginia Jobs stands unique in the marketplace, offering a convergence of networking, skills enhancement, and digital innovation. Engage with a network of business and technology advisors who assist candidates in navigating their career paths effectively. Collaborate with a vast community of experts and leaders, making Virginia Jobs a beacon for those seeking substantial professional development.

Introducing the Virginia Jobs Career Development Initiative

The initiative aims to build a market-leading program to assist individuals in mastering their career journeys through comprehensive support and guidance.

Innovate and Grow

Join the expansive network at Virginia Jobs—home to dedicated professionals at the nexus of technology, industry expertise, and digital innovation.

Drive Your Career Forward

Deliver targeted solutions and gain invaluable experience through a depth and breadth of career opportunities that are second to none.

Be Part of a Pioneering Team

Work with a wide range of technologies and leverage the unparalleled capabilities, extensive scale, and collaborative environment that Virginia Jobs offers.

Future-proof Your Career

Advance your career as far as your ambition can take you with limitless opportunities supported by unmatched training, development, and certification resources.

Explore

Discover how Virginia Jobs leads the way in predictive analytics for employment trends, helping match skills and positions with precision.

The Virginia Jobs Advantage

The combined service capabilities, extensive networking, and innovative career solutions help individuals overcome challenges and lead transformation in their professional lives.

Stay Connected

Join the Team

Search open positions that match your skills and interests. Virginia Jobs seeks passionate, curious, creative, and solution-driven team players. SEARCH VIRGINIA JOBS

Keep Up to Date

Stay ahead with career tips, insider perspectives, and industry-leading insights you can put to use today—all from the professionals who connect through Virginia Jobs.

READ CAREERS BLOG

Job Alert Emails

Personalize your subscription to receive job alerts, latest news, and insider tips tailored to your preferences. Explore the exciting and rewarding opportunities that await at Virginia Jobs.
Learn more about Virginia Jobs

Similar Jobs

More Jobs at Virginia Jobs

More Healthcare Jobs

Find similar Security Awareness Analyst Senior jobs: