Senior Program Manager - IT at R1RCM

R1 is a leading provider of technology-driven solutions that help hospitals and health systems to manage their financial systems and improve patients’ experience. We are the one company that combines the deep expertise of a global workforce of revenue cycle professionals with the industry's most advanced technology platform, encompassing sophisticated analytics, Al, intelligent automation and workflow orchestration. R1 is a place where we think boldly to create opportunities for everyone to innovate and grow. A place where we partner with purpose through transparency and inclusion. We are a global community of engineers, front-line associates, healthcare operators, and RCM experts that work together to go beyond for all those we serve. Because we know that all this adds up to something more, a place where we're all together better

R1 India is proud to be recognized amongst Top 25 Best Companies to Work For 2024, by the Great Place sto Work Institute. This is our second consecutive recognition on this prestigious Best Workplaces list, building on the Top 50 recognition we achieved in 2023. Our focus on employee wellbeing and inclusion and diversity is demonstrated through prestigious recognitions with R1 India being ranked amongst Best in Healthcare, Top 100 Best Companies for Women by Avtar & Seramount, and amongst Top 10 Best Workplaces in Health & Wellness. We are committed to transform the healthcare industry with our innovative revenue cycle management services. Our goal is to ‘make healthcare work better for all’ by enabling efficiency for healthcare systems, hospitals, and physician practices. With over 30,000 employees globally, we are about 16,000+ strong in India with presence in Delhi NCR, Hyderabad, Bangalore, and Chennai. Our inclusive culture ensures that every employee feels valued, respected, and appreciated with a robust set of employee benefits and engagement activities.

To learn more, visit: www.r1rcm.com

Position Title: - Senior Manager – Cybersecurity Engineering & Projects

Position Summary:

We are looking for an experienced and execution-focused Senior Manager – Cybersecurity Engineering & Projects to lead the delivery of key security initiatives within our healthcare operations across India and the Philippines. The person leads the strategy, design, and execution of enterprise-wide cybersecurity and data protection initiatives. This role is responsible for architecting secure systems, managing the delivery of major cybersecurity projects, and implementing data-centric security controls that protect sensitive information throughout its lifecycle.

This leader will execute security engineering, data security, and secure project delivery functions, ensuring alignment between business objectives, compliance obligations, and the organization’s overall risk appetite.

Key Duties & Responsibilities: -

Cybersecurity Engineering:

Lead the design, deployment, and maintenance of secure implementation of technologies— including firewalls connections for clients, EDR, CASB, DLP, IAM, and cloud-native security solutions.
Architect and implement a defense-in-depth security architecture covering network, cloud, and endpoint layers.
Define and enforce secure configuration baselines aligned with CIS Benchmarks, NIST 800-53, and Zero Trust principles.
Document client architecture and secure connectivity along with applications aligned with organizational practices
Collaborate with operations and architecture teams to ensure security is embedded across infrastructure and cloud.

Data Security:

Lead regional data security program that safeguards sensitive, regulated, and proprietary data across its entire lifecycle — creation, storage, use, sharing, and deletion.
Implement and manage Data Loss Prevention (DLP) solutions across endpoints, networks, and cloud platforms to prevent unauthorized data exposure.
Oversee deployment of encryption solutions for data at rest, in motion, and in use, ensuring cryptographic controls meet enterprise and regulatory requirements.
Ensure hardening of devices, IT & security technologies as per CIS and industry best practices.
Develop and maintain a data classification and handling framework integrated into business processes and applications.
Partner with Privacy and Legal teams to ensure compliance with HIPAA, GDPR, and other privacy regulations through Security and privacy-by-design principles.
Ensure secure data transfer, storage, and deletion practices are followed during client and vendor engagements and system decommissioning.

Security Project management:

Lead and manage a portfolio of security and data protection projects, ensuring timely delivery and measurable outcomes.
Partner with PMO, IT, and business leaders to integrate security requirements into enterprise projects from the outset.

Collaboration & Governance

Collaborate with GRC, Privacy, Legal, and Compliance to ensure data and system security controls meet audit and certification standards (ISO 27001, HIPAA, HITRUST, SOC 2, PCI DSS).
Support security audits, risk assessments, and remediation closure across business units and vendors.
Contribute to the Security Governance Council by reporting key data and system risk indicators.
Partner with Security Operations and Incident Response teams to enhance detection and response related to data breaches or exfiltration attempts

Qualification:

Bachelor’s or Master’s degree in Technology, Cybersecurity, Health Information Technology, Risk Management, or a related discipline.

Experience, Skills and Knowledge:

10–12 years of progressive experience in security engineering, data protection, and infrastructure security, with at least 5 years in leadership roles.
Proven experience managing large-scale cybersecurity and data protection programs in regulated industries (healthcare, BFSI, SaaS, or manufacturing).
Hands-on expertise in DLP, encryption, key management, tokenization, data masking, and cloud security.
Experience integrating data protection controls into cloud platforms (AWS, Azure) and SaaS environments (O365, Salesforce, Workday, etc.).
Strong knowledge of compliance standards (HIPAA, HITRUST, NIST 800-171, PCI DSS, ISO 27001).

Key Competency profile

Project Management Professional (PMP)
Certified Information Security Manager (CISM)
Certified Information Systems Security Professional (CISSP)
Certified in Risk and Information Systems Control (CRISC)

Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions. Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests.

Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more, visit: r1rcm.com

Visit us on Facebook

Senior Program Manager - IT

To learn more, visit: www.r1rcm.com

Position Title: - Senior Manager – Cybersecurity Engineering & Projects

Position Summary:

This leader will execute security engineering, data security, and secure project delivery functions, ensuring alignment between business objectives, compliance obligations, and the organization’s overall risk appetite.

Key Duties & Responsibilities: -

Cybersecurity Engineering:

Lead the design, deployment, and maintenance of secure implementation of technologies— including firewalls connections for clients, EDR, CASB, DLP, IAM, and cloud-native security solutions.

Architect and implement a defense-in-depth security architecture covering network, cloud, and endpoint layers.

Define and enforce secure configuration baselines aligned with CIS Benchmarks, NIST 800-53, and Zero Trust principles.

Document client architecture and secure connectivity along with applications aligned with organizational practices

Collaborate with operations and architecture teams to ensure security is embedded across infrastructure and cloud.

Data Security:

Lead regional data security program that safeguards sensitive, regulated, and proprietary data across its entire lifecycle — creation, storage, use, sharing, and deletion.

Implement and manage Data Loss Prevention (DLP) solutions across endpoints, networks, and cloud platforms to prevent unauthorized data exposure.

Oversee deployment of encryption solutions for data at rest, in motion, and in use, ensuring cryptographic controls meet enterprise and regulatory requirements.

Ensure hardening of devices, IT & security technologies as per CIS and industry best practices.

Develop and maintain a data classification and handling framework integrated into business processes and applications.

Partner with Privacy and Legal teams to ensure compliance with HIPAA, GDPR, and other privacy regulations through Security and privacy-by-design principles.

Ensure secure data transfer, storage, and deletion practices are followed during client and vendor engagements and system decommissioning.

Security Project management:

Lead and manage a portfolio of security and data protection projects, ensuring timely delivery and measurable outcomes.

Partner with PMO, IT, and business leaders to integrate security requirements into enterprise projects from the outset.

Collaboration & Governance

Collaborate with GRC, Privacy, Legal, and Compliance to ensure data and system security controls meet audit and certification standards (ISO 27001, HIPAA, HITRUST, SOC 2, PCI DSS).

Support security audits, risk assessments, and remediation closure across business units and vendors.

Contribute to the Security Governance Council by reporting key data and system risk indicators.

Partner with Security Operations and Incident Response teams to enhance detection and response related to data breaches or exfiltration attempts

Qualification:

Bachelor’s or Master’s degree in Technology, Cybersecurity, Health Information Technology, Risk Management, or a related discipline.

Experience, Skills and Knowledge:

10–12 years of progressive experience in security engineering, data protection, and infrastructure security, with at least 5 years in leadership roles.

Proven experience managing large-scale cybersecurity and data protection programs in regulated industries (healthcare, BFSI, SaaS, or manufacturing).

Hands-on expertise in DLP, encryption, key management, tokenization, data masking, and cloud security.

Experience integrating data protection controls into cloud platforms (AWS, Azure) and SaaS environments (O365, Salesforce, Workday, etc.).

Strong knowledge of compliance standards (HIPAA, HITRUST, NIST 800-171, PCI DSS, ISO 27001).

Key Competency profile

Project Management Professional (PMP)

Certified Information Security Manager (CISM)

Certified Information Systems Security Professional (CISSP)

Certified in Risk and Information Systems Control (CRISC)