Senior Project Manager – Vulnerability Remediation (Healthcare Domain) - R01557968

Brillio•St. Louis, MO

41d•$60 - $70•Hybrid

About The Position

The Senior Project Manager will lead and manage large-scale vulnerability remediation programs across healthcare application portfolios and infrastructure systems. This role will ensure timely identification, prioritization, and remediation of Critical and High vulnerabilities aligned to regulatory and compliance requirements (HIPAA, HITECH, CMS, HITRUST). The candidate must have hands-on experience driving remediation activities for both application development (code, libraries, APIs, and platform vulnerabilities) and infrastructure (patching, server configuration, network, and cloud security issues).

Requirements

10+ years of IT project or program management experience, including 5+ years dedicated to security or vulnerability remediation.
Must have experience managing both application development and infrastructure-related vulnerabilities, including:
Code vulnerabilities (OWASP, dependency issues, API weaknesses, encryption gaps)
Infrastructure vulnerabilities (OS patching, server hardening, cloud misconfigurations, IAM issues)
Deep understanding of healthcare systems and PHI security risks.
Strong knowledge of healthcare compliance frameworks such as HIPAA, HITECH, HITRUST, NIST CSF, CMS.
Experience working in distributed delivery models with offshore/onshore teams.
Proficient in Agile, Scrum, and hybrid methodologies.
Excellent communication, stakeholder influencing, and senior leadership reporting capabilities.
Familiarity with SQL, cloud platforms (Azure/AWS), CI/CD pipelines, and DevSecOps practices.

Nice To Haves

PMP, CSM, SAFe
CompTIA Security+, CISSP, CISM
HITRUST or healthcare security certifications (preferred)
Payer systems (Medicaid, Medicare, Marketplace, Commercial)
Claims processing, provider data, enrollment, pharmacy, member access systems
Legacy remediation involving .NET, Java, SAP, Oracle, Salesforce Health Cloud, and Data Hub environments

Responsibilities

Lead end-to-end program execution for vulnerability remediation related to applications, databases, servers, cloud environments, and legacy healthcare platforms.
Prioritize and track remediation of CVITs, VITs, vulnerabilities in code, patch deployments, and configuration fixes across technical teams.
Work with security, DevOps, application development, enterprise architecture, and infrastructure teams to systematically remediate scan findings.
Conduct backlog grooming, sprint planning, release coordination, and delivery tracking for remediation activities.
Analyze vulnerability scan reports and dashboards from tools such as Qualys, Tenable, Rapid7, CrowdStrike, Microsoft Defender, etc.
Develop remediation plans aligned to exposure of PHI/PII, severity, exploitability, and system criticality.
Prepare and present weekly status decks, risk registers, and executive scorecards for senior leadership and audit teams.
Oversee SOW deliverables, team onboarding, cross-shore coordination, and stakeholder alignment.
Ensure remediation governance, compliance documentation, and closure of cyber audit findings.
Develop and refine remediation SLAs, prioritization models, RAID logs, and approval workflows involving business, security, and IT stakeholders.