Posted at: 14 July

IT and Security Project Manager

Company

CompanyWellHive

WellHive is a B2B SaaS platform headquartered in the U.S., specializing in healthcare care coordination and navigation for large health systems and government agencies.

Remote Hiring Policy:

WellHive supports remote work and hires within the continental USA, specifically from Eastern or Central time zones, while offering flexible working conditions.

Job Type

Full-time

Allowed Applicant Locations

United States

Salary

$150,000 to $195,000 per year

Job Description

IT & Security Program Manager

WellHive operates a healthcare technology platform under HIPAA, and we're pursuing

organization-level certifications including HITRUST and SOC 2 Type 2. We're maturing our

corporate IT and security posture across our SaaS and endpoint estate, and we're hiring a

program manager to own that effort end to end.

 

You'll drive a roadmap of security hardening initiatives across our SaaS tools, direct the external

IT partner(s) who carry out implementation, make and validate the day-to-day technical

decisions, and run the testing and rollout. You'll also be the IT/security point person for our

org-level audits — owning the corporate-IT control domains, maintaining evidence, and

engaging assessors directly. You'll work with leadership on the calls that matter (risk, budget,

compliance posture) and own everything below that line.

 

This is a senior, hands-on role. You should be as comfortable in an admin console validating a

configuration as you are running a program plan, holding a contractor to a statement of work, or

walking an assessor through a control.

Responsibilities

- Own a multi-effort IT/security hardening roadmap and drive it to delivered, validated

controls.

- Direct external IT partner(s) on implementation: scope, acceptance, quality.

- Make and defend implementation and sequencing decisions; escalate risk and budget.

- Run validation, phased rollout, and user-facing change.

- Keep the work aligned to HIPAA and to HITRUST / SOC 2 Type 2.

- Own corporate-IT control domains for our audits, maintain evidence, and engage

Assessors.

 

Requirements

- Senior IT/security experience with hands-on IAM and SaaS administration.

- A track record in a regulated environment (HIPAA, SOC 2, HITRUST, or similar).

- Experience engaging auditors/assessors and maintaining control evidence (HITRUST

CSF or SOC 2 a plus).

- Experience managing contractors/MSPs to a statement of work.

- The judgment to make technical security decisions independently.

- Program management across concurrent workstreams.

 

Nice to Have

- Google Workspace and/or Okta administration depth; DLP and device-management

(Jamf / Kandji / Intune) familiarity; IaC literacy.

Salary: $150,000-$195,000