Apply on Employer Site

HonorHealth · 1 day ago

Vulnerability Program Manager

Arizona, United States

Full-time

Onsite

Senior Level

5+ years exp

HonorHealth is one of Arizona’s largest nonprofit healthcare systems, serving a population of five million people in the greater Phoenix metropolitan area. The Vulnerability Program Manager will lead and mature the healthcare risk and vulnerability management program, focusing on identifying and remediating security vulnerabilities to protect sensitive patient data and ensure compliance with healthcare regulations.

Health Care

H1B Sponsor Likely

Responsibilities

Design, implement, and manage a comprehensive vulnerability management program tailored to healthcare environments

Drive the teams to produce actionable results for the regular vulnerability assessments across electronic health record (EHR) systems, medical devices, cloud platforms, and on-premises infrastructure

Coordinate activities across infrastructure, applications, and cloud environments

Assist the team with analyzing and prioritizing vulnerabilities based on risk to patient safety, data confidentiality, and operational continuity

Collaborate with IT, clinical engineering, security and compliance teams to define remediation efforts

Maintain a vulnerability risk register and provide executive-level reporting with a focus on healthcare-specific risks

Integrate threat intelligence to contextualize vulnerabilities and assess potential impacts on patient care

Ensure compliance with HIPAA, HITECH, NIST Cybersecurity Framework, and other relevant healthcare regulations

Define and track key performance indicators (KPIs) and metrics for vulnerability management

Support audits, risk assessments, and incident response activities related to vulnerabilities

Drive continuous improvement through automation, process refinement, tools and cross-functional training

Performs other duties as assigned

Qualification

Vulnerability managementCybersecurity experienceHIPAA complianceVulnerability scanning toolsHealthcare technologiesRisk assessment toolsSecure software developmentDevSecOpsHealthcare compliance auditsCertifications HCISPPCertifications CISSPCertifications etc.Communication skills

Required

Bachelors- Information security, healthcare IT, or a related field

5+ years Experience in cybersecurity

2 years Experience in vulnerability management within a healthcare setting

Experience with vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7) and healthcare-specific risk assessment tools

Strong understanding of HIPAA Security Rule, HITECH Act, and NIST 800-53/800-66

Excellent communication skills, with the ability to translate technical risks into business impact

Preferred

Familiarity with healthcare technologies such as EHR systems (preferred Epic), PACS, and medical IoT devices

Experience with HITRUST CSF and healthcare compliance audits

Knowledge of secure software development practices and DevSecOps in healthcare applications

Security certifications such as HCISPP, CISSP, CISM, or GIAC

Benefits

Diverse benefits portfolio for our full-time and part-time team members designed to help you and your family live your best lives

Company

HonorHealth

Glassdoor3.9

HonorHealth represent integrity & honesty and honor your right to personalized, easy-to-navigate healthcare.

Founded in 1962

Scottsdale, Arizona, USA

10001+ employees

https://www.honorhealth.com

H1B Sponsorship

HonorHealth has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (8)

2023 (1)

2022 (1)