We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
HonorHealth jobs

Vulnerability Program Manager

HonorHealth
United States, Arizona, Phoenix
2502 West Utopia Road (Show on map)
Nov 26, 2025

Overview

Looking to be part of something more meaningful? At HonorHealth, you'll be part of a team, creating a multi-dimensional care experience for our patients. You'll have opportunities to make a difference. From our Ambassador Movement to our robust training and development programs, you can select where and how you want to make an impact. HonorHealth offers a diverse benefits portfolio for our full-time and part-time team members designed to help you and your family live your best lives. Visit honorhealth.com/benefits to learn more. Join us. Let's go beyond expectations and transform healthcare together. HonorHealth is one of Arizona's largest nonprofit healthcare systems, serving a population of five million people in the greater Phoenix metropolitan area. The comprehensive network encompasses six acute-care hospitals, an extensive medical group with primary, specialty and urgent care services, a cancer care network, outpatient surgery centers, clinical research, medical education, a foundation, an accountable care organization, community services and more. With nearly 17,000 team members, 3,700 affiliated providers and close to 2,000 volunteers dedicated to providing high quality care, HonorHealth strives to go beyond the expectations of a traditional healthcare system to improve the health and well-being of communities across Arizona. Learn more at HonorHealth.com.
Responsibilities

Job SummaryThe Vulnerability Program Manager will lead and mature our healthcare risk and vulnerability management program. This role is responsible for identifying, assessing, prioritizing, and driving remediation of security vulnerabilities across our technology environment. This role is critical in protecting sensitive patient data, ensuring compliance with healthcare regulations, and maintaining the security of clinical and administrative systems. Essential Functions
  • Design, implement, and manage a comprehensive vulnerability management program tailored to healthcare environments.
  • Drive the teams to produce actionable results for the regular vulnerability assessments across electronic health record (EHR) systems, medical devices, cloud platforms, and on-premises infrastructure.
  • Coordinate activities across infrastructure, applications, and cloud environments.
  • Assist the team with analyzing and prioritizing vulnerabilities based on risk to patient safety, data confidentiality, and operational continuity.
  • Collaborate with IT, clinical engineering, security and compliance teams to define remediation efforts.
  • Maintain a vulnerability risk register and provide executive-level reporting with a focus on healthcare-specific risks.
  • Integrate threat intelligence to contextualize vulnerabilities and assess potential impacts on patient care.
  • Ensure compliance with HIPAA, HITECH, NIST Cybersecurity Framework, and other relevant healthcare regulations.
  • Define and track key performance indicators (KPIs) and metrics for vulnerability management.
  • Support audits, risk assessments, and incident response activities related to vulnerabilities.
  • Drive continuous improvement through automation, process refinement, tools and cross-functional training.
  • Performs other duties as assigned.
The above job responsibilities describe the general nature and level of work to be performed. It does not restrict management's right to assign or re-assign duties at any time. EducationBachelors- Information security, healthcare IT, or a related field - Required Experience5+ years Experience in cybersecurity - Required2 years Experience in vulnerability management within a healthcare setting - RequiredFamiliarity with healthcare technologies such as EHR systems (preferred Epic), PACS, and medical IoT devices - RequiredExperience with vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7) and healthcare-specific risk assessment tools - RequiredStrong understanding of HIPAA Security Rule, HITECH Act, and NIST 800-53/800-66 - RequiredExcellent communication skills, with the ability to translate technical risks into business impact - RequiredExperience with HITRUST CSF and healthcare compliance audits - PreferredKnowledge of secure software development practices and DevSecOps in healthcare applications - Preferred Certifications and LicensureSecurity certifications such as HCISPP, CISSP, CISM, or GIAC - Preferred
Applied = 0
MORE JOBS LIKE THIS

(web-df9ddb7dc-zsbmm)