For the protection of patients, team members and all who enter our facilities, BJC has made the decision to require COVID-19 vaccination for all team members, unless granted medical or religious exemption, as a condition of employment.

Check the Status of your Application

Threat & Vulnerability Operations Specialist

Job Description

Job ID: 1215184
Employment Status: Full-Time
More Information:

BJC HealthCare is one of the largest nonprofit health care organizations in the United States, delivering services to residents primarily in the greater St. Louis, southern Illinois and mid-Missouri regions. BJC serves patients and their families in urban, suburban and rural communities through its 15 hospitals and multiple community health locations. Services include inpatient and outpatient care, primary care, community health and wellness, workplace health, home health, community mental health, rehabilitation, long-term care and hospice.

IS Security Services serves as an independent, objective catalyst for implementing effective and efficient controls to protect BJC HealthCare (BJC) information resources through collaboration with customers. We provide value to our customers and the organization by: Ensuring compliance with internal policies and external regulations; evaluating information system and application controls; educating BJC employees and other strategic partners on information systems security practices and concepts; acting as a resource on security controls for new and existing information systems and applications; recovering mission critical applications and data vital to the organization and strategic partners; investigating practices not in compliance with established BJC Information Services security policies and standards.


Role Purpose

Performs threat and vulnerability assessment services for BJC.  Serves as a subject matter expert in cybersecurity, threat intelligence, and specifically vulnerability remediation guidance for BJC systems and applications related to configuration and patch management. “Thinks like a hacker”, to help defend the BJC infrastructure.


  • Utilizes cybersecurity, threat intelligence and vulnerability management to proactively identify and mitigate threats and risks to BJC. Responsible for cybersecurity measures to include: Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security Protocol Analysis, Firewall Management, Incident Response, Encryption, Web filtering, Advanced Threat Protection, Vulnerability Assessment, Penetration Testing, Web Application Assessment, Wireless Assessment, Social Engineering, Physical Assessment, Open Source Intelligence, Threat Modeling, Patch Management
  • Works independently to perform vulnerability, web application, social engineering, and penetration testing assessments.
  • Conducts monthly meetings, and engages IT and vendors with remediation guidance including prioritization for remediation efforts based on threat/risks to the organization. Assists IT and vendors with patch management efforts.
  • Assist with threat hunting, threat intelligence, and other indicators of threats (IOCs). Research emerging threats, system vulnerabilities, hacker methodologies, and key indicators of attacks and exploits.
  • Proactively research and maintain proficiency in tools, techniques, countermeasures and trends in threat and vulnerabilities, data hiding, network security, and encryption.

  • Minimum Requirements



  • Associate's Degree


  • 5-10 years


    Preferred Requirements and Additional Job Information



  • Bachelor's Degree


  • 10+ years

    Supervisor Experience

  • < 2 years
  • No Experience

    Licenses & Certifications

  • Certified Coding Associate
  • Cisco Certified Network Assoc
  • CEH
  • Computer Hack Forensic Invest
  • Certified Netware Admin
  • Certified Novell Admin
  • Comptia CSA+ - Cybersecurity
  • CompTia A+
  • Global Infor Assurance Cert
  • Healthcare Information Sec
  • Microsoft Certified Prof
  • Microsoft Cert Systems Eng
  • Offensive Security Cert Prof
  • Offensive Security Web Expert
  • CompTIA Security +
  • Systems Security Cert Pract

  • Benefits Statement

    Note: not all benefits apply to all openings

    -  Comprehensive medical, dental, life insurance, and disability plan options
    -  Pension Plan*/403(b) Plan
    -  401(k) plan
    -  Tuition Assistance
    -  Health Care and Dependent Care Reimbursement Accounts
    -  On-Site Fitness Center (depending on location)
    -  Paid Time Off Program for vacation, holiday and sick time

    *Pension does not apply to Memorial Hospital, Memorial Hospital East, Alton Memorial or Parkland Health Center

    Legal Statement

    The above information on this description has been designed to indicate the general nature and level of work performed by employees in this position. It is not designed to contain or be interpreted as an exhaustive list of all responsibilities, duties and qualifications required of employees assigned to this job.


    Equal Opportunity Employer