Technical Program Manager-Vulnerability Management

For more than 20 years, PointClickCare has been the backbone of senior care. We’ve amassed the richest senior care dataset making our market density untouchable and our connections to the healthcare ecosystem exponentially more powerful than those of any other platform. 
With Collective Medical & Audacious Inquiry, we’ve become the most expansive, full-continuum care collaboration network, offering care teams immediate, point-of-care access to deep, real-time insights at every stage of a patient’s journey.
For more information on PointClickCare, please connect with us on Glassdoor and LinkedIn.
Our team is seeking a Technical Program Manager-Vulnerability Management to design, implement and oversee a new enterprise vulnerability program, focusing on implementing initiatives, projects, processes, and technology integrations, designed to build and continually improve a new vulnerability management program. The successful candidate will be an experienced technical program manager, able to oversee initiatives, identify weaknesses and cyber threats in networks and software, and develop risk-based strategies to strengthen security. To assure success, you will collaborate closely with product, engineering, operations, and technology teams to prioritize and orchestrate vulnerability remediation activities for our systems and applications.
Responsibilities:
• Design, implement and oversee a new enterprise vulnerability program, focusing on implementing initiatives, projects, processes, and technology integrations, designed to build and continually improve a new vulnerability management program.• Oversee and as necessary conduct risk-based technical assessments on technical vulnerabilities, including assessments, penetration tests, and application and network security scans.• Serve as an advisor and consultant role to technical teams on prioritizing vulnerabilities and developing plans to mitigate, remediate and resolve them in a timely manner while to attaining the desired risk profile and maintaining compliance.• Design and implement vulnerability reporting and monitoring solutions, including collaboration with various teams and tools in the preparation of reports for product, engineering, operations, and technology teams and C-level leadership on risk and performance concerns as they relate to mitigating and eliminating vulnerabilities.• Identify gaps and pitfalls in managing vulnerabilities, and develop plans to test, evaluate and implement new processes to address those gaps and pitfalls.• Support and collaborate with stakeholders and the security team in to review and analyze vulnerability data, trends, and patterns in preparation of relevant and actionable cyber threat briefings and reports for all levels of leadership to aid in decision making and proactive mitigation efforts.• Assess, document, and as needed, influence positive change in the vulnerability management practices, standards and security policies across business to ensure compliance against company policy and standards are met.
Essential Qualifications:
· Bachelor's Degree in Information Technology or the equivalent combination of education, training, or experience· Strong experience in the SDLC process, methodologies, and technologies· Complex problem-solving skills with the ability to work with minimal supervision.· Knowledge of current and emerging threats and techniques for exploiting security vulnerabilities, malware, attack paths and threat actor groups.· Proactive approach, a can-do attitude and work well across departments and within a team· Experience in using vulnerability scanning solutions is highly desirable.· Strong communication skills with executive-level leadership· Strong understanding of risk management frameworks· Strong understanding of various methods to mitigate application, cloud, and infrastructure vulnerabilities.· Strong experience in coordinating with various teams and directing the work of individual contributors (engineers, other) in other departments to manage and prioritize vulnerability remediation.· Experience and understanding of cloud security architectural principles and stack including, IaaS, PaaS, containers, EC2, etc.· 4+ years of experience in technical program management in any cybersecurity or IT-related field· Strong foundation in project management concepts in meeting deadlines, tracking milestones, and coordinating with external entities.
Nice to Have:
· Strong familiarity with Atlassian Jira and Confluence· Demonstrated experience in delivering reports and metrics at various levels of an organization, from tactical to operational to strategic· Good understanding of attack surface management principles· Strong knowledge of governing regulations such as HIPAA, GDPR, ISO 27001, and SOC 2 compliance standards· Experience in SaaS and/or health care environments
#LI-HYBRID/REMOTE#LI-TP1It is the policy of PointClickCare to ensure equal employment opportunity without discrimination or harassment on the basis of race, religion, national origin, status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law. PointClickCare welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. Please contact recruitment@pointclickcare.com should you require any accommodations.
When you apply for a position, your information is processed and stored with Lever, in accordance with Lever’s Privacy Policy. We use this information to evaluate your candidacy for the posted position. We also store this information, and may use it in relation to future positions to which you apply, or which we believe may be relevant to you given your background. When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it.  If you have any questions about how PointClickCare uses or processes your information, or if you would like to ask to access, correct, or delete your information, please contact PointClickCare’s human resources team: recruitment@pointclickcare.com 
PointClickCare is committed to Information Security. By applying to this position, if hired, you commit to following our information security policies and procedures and making every effort to secure confidential and/or sensitive information.