University of Colorado Medicine · 16 hours ago
ITS Security Program Manager
Aurora, CO
Full-time
Onsite
Senior Level
5+ years expUniversity of Colorado Medicine (CU Medicine) is the region’s largest and most comprehensive multi-specialty physician group practice. They are seeking a highly motivated ITS Security Program Manager to oversee the development, implementation, and administration of the Information Security program, ensuring compliance with organizational and healthcare regulatory requirements.
EducationHealth CareHospitalMedicalWellness
Responsibilities
Oversee the development, implementation, administration, and continuous maturity of the enterprise Information Security Program in support of organizational and healthcare regulatory requirements
Lead and coordinate management-directed information security initiatives, including but not limited to HIPAA, SOC 2, PCI-DSS, phishing awareness, and security training programs
Serve as a primary liaison for security audits, risk assessments, and certifications, coordinating with internal stakeholders, external auditors, and regulatory bodies
Develop, maintain, and enforce Information Security policies, procedures, standards, and controls to ensure compliance with applicable laws, regulations, and industry frameworks
Identify, assess, and document Information Security risks and vulnerabilities, recommending mitigation strategies aligned with business objectives
Collaborate with IT, compliance, legal, and business teams to implement risk mitigation strategies and improve the organization’s security posture
Participate in and support the enterprise Security Risk Assessment process, including evaluating the effectiveness of existing controls and recommending enhancements
Evaluate the adequacy of controls and corrective actions; identify alternative safeguards when necessary to reduce residual risk
Prepare and present security program updates, metrics, and risk information to internal audiences at all organizational levels, including leadership
Assist with the development and maintenance of disaster recovery and business continuity policies and standards, ensuring alignment with organizational resilience goals
Research, evaluate, and recommend technologies and processes for the prevention, detection, containment, and remediation of data security incidents and breaches
Stay current on emerging threats, healthcare security trends, regulatory changes, and industry best practices, adjusting program strategies as needed
Provide guidance and consultation to users and teams regarding security requirements, procedures, and best practices
Assist in prioritizing security initiatives, managing workload, and providing PMO support when required
Qualification
Required
Bachelor's degree required
5+ years of experience in an IT Security or Information Technology Services (ITS) environment, preferably within a healthcare or regulated industry
Strong working knowledge of information security principles, frameworks, regulations, and best practices, including HIPAA, SOC 2, PCI-DSS, and NIST
Broad understanding of IT systems, applications, infrastructure, and cloud technologies
Strong project and program management skills, with the ability to manage multiple initiatives simultaneously
Preferred
MBA or Graduate Degree highly preferred
Benefits
Generous leave
Health plans
Retirement contributions
Company
University of Colorado Medicine
University of Colorado Medicine is a health care center.
501-1000 employees
Funding
Current Stage
Late StageRecent News
Sports Business Journal
2025-12-30
Sports Business Journal
2025-07-30
2025-07-28
Company data provided by crunchbase