PROGRAM MANAGER, CPMO (Cybersecurity, Risk, & Compliance – Azure)

WE ARE HEALTHCARE SYSTEMS OF AMERICA.Our mission is to elevate healthcare standards, improve patient outcomes, and create value for communities across the United States. Healthcare Systems of America (HSA) is more than a healthcare provider-we're a community built on excellence, innovation, and compassion. If you're looking for a career that makes a difference, empowers you to grow, and gives you the opportunity to impact lives, HSA is where you belong.

Healthcare Systems of America operates 8 community hospitals across 3 states. We service a multitude of patients and their families across our vast network, while remaining committed to the professional development of our staff, the functional improvement of our patients, and the cultivation of strong partnerships within our communities.

WHAT WE OFFER

• Career Growth & Development - We are an essential, stable and growing company with many opportunities for training and advancement within the medical field that all employees and team members can benefit from.
• Supportive & Inclusive Culture - We foster an environment where every team member is valued, heard, and empowered to succeed.
• Meaningful Work - Every day, you'll contribute to patient care, cutting-edge medical solutions, and life-changing treatment and technologies.

POSITION SUMMARY

We are a rapidly growing healthcare IT team revolutionizing hospital operations through cloud-native infrastructure and modern digital workflows. With a greenfield environment, we are building a secure, scalable foundation from the ground up-powered by Microsoft Azure. As we expand across large-market hospital systems, cybersecurity, risk management, and regulatory compliance are mission-critical.

We're seeking a seasoned Program Manager tolead the delivery of our enterprise-wide Azure-based cybersecurity, risk, and compliance program. This high-impact role will drive strategic initiatives across infrastructure, identity, and data protection, ensuring alignment with HIPAA, HITRUST, and other healthcare regulations. You'll collaborate with cross-functional teams, manage external vendors, and report directly to executive leadership-playing a pivotal role in shaping the security backbone of our next-generation hospital ecosystem.

PRIMARY RESPONSIBILITIES

• Lead end-to-end delivery of Azure-based cybersecurity and compliance initiatives across hospital operations.

• Define and manage program scope, timelines, budgets, and resource plans for security architecture, identity management, and data protection.
• Collaborate with InfoSec, DevOps, and clinical IT teams to implement secure-by-design principles across infrastructure and applications.
• Drive implementation of HIPAA, HITRUST, NIST, and other regulatory frameworks within Azure environments.
• Guide implementation and ensure operation readiness of technical Cyber security framework including but not limited to, NDR/XDR, vulnerability scanning, IDS/IPS, DLP, GRC, PAM, VPAM, and others.
• Oversee risk assessments, threat modeling, and vulnerability management programs.
• Manage vendor relationships for security tooling, audits, and penetration testing.
• Develop and maintain detailed project plans, milestones, and risk mitigation strategies.
• Facilitate executive-level reporting and stakeholder communications across technical and non-technical audiences.
• Work within a matrixed environment and large-scale implementation Program structure to iteratively deliver projects to meet the overarching goals of the organization and Corporate IT department.
• Support incident response planning, business continuity, and disaster recovery initiatives.
• Ensure alignment with enterprise governance, compliance, and audit requirements.
• Document and standardize acquisition-related IT processes to streamline future integration efforts.
• Provide program and/or project management support for additional IT or clinical projects as needed, based on organizational priorities and PMO resource planning.

EXPERIENCE/EDUCATION REQUIREMENTS

• 7+ years of project management experience in healthcare IT or enterprise cloud environments
• Bachelor's degree in Information Systems, Cybersecurity, or related field (Master's a plus)
• PMP, CISSP, CISM, or equivalent certifications preferred
• Proven success in greenfield or M&A environments.

SKILLS/REQUIREMENTS

• Proven success leading cybersecurity and compliance programs in Azure-based infrastructure.
• Deep understanding of HIPAA, HITRUST, NIST, and healthcare regulatory requirements.
• Experience with Azure Security Center, Defender, Sentinel, and identity/access management tools.
• Strong knowledge of risk management, threat modeling, and vulnerability remediation.
• Exceptional communication, stakeholder engagement, and leadership skills.
• Excellent project planning, coordination, and risk management skills.
• Ability to work independently, proactively resolve issues, and drive initiatives to completion.
• Ability to balance multiple priorities, navigate complex healthcare environments, and aligning cross-functional teams toward shared goals.
• Familiarity with project management tools (e.g. Microsoft Project, ServiceNow SPM, Smartsheet, Jira).