The Giant Bullseye

Lead enterprise-wide vulnerability remediation initiatives across healthcare applications and infrastructure, ensuring compliance and effective stakeholder management. | Requires 10+ years in IT project management with 5+ years in security or vulnerability remediation, experience with healthcare systems, and knowledge of healthcare compliance frameworks. | Overview We are seeking a Senior Project Manager to lead enterprise-wide vulnerability remediation initiatives across healthcare applications and infrastructure platforms. This role is responsible for driving the identification, prioritization, and closure of Critical and High-risk security vulnerabilities while ensuring compliance with healthcare regulatory standards. The ideal candidate has strong experience managing remediation across both application development and infrastructure environments in complex healthcare ecosystems. Key Responsibilities • Lead end-to-end vulnerability remediation programs across applications, databases, servers, cloud platforms, and legacy healthcare systems • Own planning, execution, and tracking of remediation efforts for code, dependency, configuration, and patch-related vulnerabilities • Coordinate with security, DevOps, application, architecture, and infrastructure teams to remediate scan findings efficiently • Manage remediation backlogs, sprint planning, release coordination, and delivery tracking • Review and interpret vulnerability scan outputs from tools such as Qualys, Tenable, Rapid7, CrowdStrike, and Microsoft Defender • Develop remediation strategies based on vulnerability severity, exploitability, PHI/PII exposure, and business criticality • Prepare and deliver weekly status reports, risk dashboards, and executive-level scorecards • Oversee vendor deliverables, team onboarding, cross-shore coordination, and stakeholder alignment • Ensure remediation governance, audit readiness, compliance documentation, and closure of audit findings • Define and maintain remediation SLAs, prioritization models, RAID logs, and approval workflows Required Experience & Skills • 10+ years of IT project or program management experience, with 5+ years focused on security or vulnerability remediation • Proven experience managing both application and infrastructure vulnerabilities, including: – Application/code vulnerabilities (OWASP, open-source dependencies, APIs, encryption gaps) – Infrastructure vulnerabilities (OS patching, server hardening, cloud misconfigurations, IAM issues) • Strong understanding of healthcare systems and PHI security risks • Hands-on experience with healthcare compliance frameworks including HIPAA, HITECH, HITRUST, NIST CSF, and CMS • Experience working in hybrid delivery models with onshore and offshore teams • Strong knowledge of Agile, Scrum, and hybrid project management methodologies • Excellent communication, stakeholder management, and executive reporting skills • Familiarity with cloud platforms (AWS/Azure), CI/CD pipelines, SQL, and DevSecOps practices Preferred Certifications • PMP, CSM, SAFe • Security certifications such as CISSP, CISM, or CompTIA Security+ • HITRUST or healthcare-focused security certifications Preferred Healthcare Domain Experience • Payer platforms including Medicare, Medicaid, Marketplace, and Commercial plans • Systems supporting claims, enrollment, provider data, pharmacy, and member access • Legacy healthcare platforms including .NET, Java, SAP, Oracle, Salesforce Health Cloud, and enterprise data hubs