IT Security Analyst - Awareness and Training 8/26/2016
Saint Louis, MO
JOB DESCRIPTIONAPPLY Schedule: Full-time
Job ID: REQ20004032
This IT Security Analyst (Awareness and Trainng) is overall responsible for our security awareness and training program. Ultimately this person's job is to reduce risk to our organization by ensuring all employees, staff and contractors know, understand and follow our security requirements and behave in a secure manner.
The position is in the Strategy, Planning, and Execution (SPE) team, in the Information Risk Management (IRM) department. IRM is responsible for managing the Information Security risk for the organization. The SPE team leads the creation of the multi-year strategy, IRM roadmaps, and manages the execution of the plans. SPE also defines the corporate security standards, performs risk assessments, and measures organizational security performance.
* Ensure that our security awareness program meets all industry regulations, standards, and compliance requirements.
* Ensure that our security awareness program communicates our security policies and requirements so that people know, understand and can follow them.
* Identify the top human risks to our organization and the behaviors we need to change to mitigate those risks. Develop and maintain a security awareness program that effectively changes these behaviors so our employees act in a secure manner, reducing the most risk to our organization.
* Create a positive program that engages employees, to include focusing on changing behaviors both at home and at work. Ultimately we want our employees to demonstrate the same secure behaviors regardless of where they are or the devices they are using.
* Structure and maintain this program to be long term, so ultimately we are not changing just behaviors but culture.
* Create a metrics framework that can effectively measure these requirements.
* Provides consultative advice to information security customers that enables them to make informed risk management decisions.
* Ensures that user community understands and adheres to necessary procedures to maintain security.
* Active participation in strategic initiatives in accordance to the IRM roadmap.
* Ability to form complex 'communications / messages' in a simple, clear and concise manner to the various communities within our organization. This can include different cultures, nationalities, international locations and languages.
* Project management experience, the ability to plan, manage and maintain a complex, organization wide program over the longer term.
* Display practical knowledge of different message distribution techniques to ensure end user communities understand and continually apply the required behavioral change necessary to reduce the 'human factors' risk.
* Ability to communicate with and coordinate the activities of others.
* Understanding of the concepts of information risks and the different elements that make up risk. In addition have at a minimum a basic understanding of the different concepts of information security.
* At least 1-3 years of IT experience with a Bachelor's Degree in computer related field or equivalent
* 1 2 years of Security Awareness / Training or a similar background in the Security Education areas, preferably in a Fortune 100 or other large enterprise expertise
* PC skills including knowledge of Microsoft Office
* Excellent organizational skills and ability to communicate with internal/external entities and executives a must
* Effective leadership skills, demonstrated ability to coordinate people and teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities
* Customer service-oriented; Ability to work in a flexible environment where requirements and procedures continuously evolve
* Certification in information security (CISSP, CISM, GIAC, or equivalent) preferred
*LI-JI1 ABOUT THE DEPARTMENT
Information Security prioritizes the protection and security of all client, patient and company information and data. They do this by proactively identifying the sophisticated landscape of threat actors and environmental risks associated with unauthorized access and service disruptions. This vital group focuses on preserving system reliability and business continuity, protecting the strong brand Express Scripts has in the marketplace, and maximizing the company s defenses against external and internal threats.
ABOUT EXPRESS SCRIPTS
Advance your career with the company that makes it easier for people to choose better health.
Express Scripts is a leading healthcare company serving tens of millions of consumers. We are looking for individuals who are passionate, creative and committed to creating systems and service solutions that promote better health outcomes.
Join the company that Fortune magazine ranked as one of the 'Most Admired Companies' in the pharmacy category. Then, use your intelligence, creativity, integrity and hard work to help us enhance our products and services.
We offer a highly competitive base salary and a comprehensive benefits program, including medical, prescription drug, dental, vision, 401(k) with company match, life insurance, paid time off, tuition assistance and an employee stock purchase plan.
Express Scripts is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. Applicants must be able to pass a drug test and background investigation.
Express Scripts is a VEVRAA Federal Contractor.
Express Scripts is an EOE
Express Scripts is an Equal Employment Opportunity employer and does not discriminate in employment opportunities or practices on the basis of race, creed, color, religion, sex, national origin, nationality, ancestry, age, disability or status as a disabled veteran or veteran of the Vietnam era, pregnancy, affectional or sexual orientation, gender identity or expression, marital status, status with regard to public assistance, veteran status, citizenship or membership in any other legally protected class. None of the questions in this application are intended to elicit information regarding any protected characteristics, nor imply any limitation, illegal preferences or discrimination based upon non-job-related information or protected characteristics.Applicants must be able to pass a drug test and background investigation and, depending on position requirements, a Department of Defense background investigation. AA/EOE.