Job Description

Job Title: Sr. Manager, IT Security
Job ID: 732531
Status: Full-Time
Regular/Temporary: Regular
Shift: Day Job
Department: HPLAN-IT Support Svcs
Location: 600 Grant St, Pittsburgh PA 15219




The Sr. Manager, IT Payer Security Officer is responsible for aligning security initiatives with enterprise and health plan centric programs and business objectives, ensuring that information assets and technologies are adequately protected. They will provide both strategic and operational leadership and direction.

This Manager will also provide leadership to the day to day operation, support, development, installation, and delivery of security products and services within the Payer Applications Group. The Sr. Manager, IT Security is further responsible for the identification and development of talent and for managing performance to ensure business goals and objectives are met, if not exceeded.


We welcome you to apply if this aligns with your career goals.


  • Reviewing, developing, and maintaining policies in line with UPMC corporate guidelines, and focusing on the specific payer based regulatory requirements, company accreditations, and best practices and standards (e.g. NIST, HITECH, etc.) applicable.
  • Work with Health Plan Risk Management team to address high priority risks and oversee policy and processes enhancements and renewals.
  • Oversee resources who safeguard the insurance services assets, intellectual property and technology solutions, including data privacy and security.
  • Responsible for governing the initial submission and annual renewal/review of payer organizations full inventory of application System Security Plans (SSP’s) and vendor Third Party Security Plans (TPSP).
  • Validate employer and government Requests For Information (RFI), Request For Proposal (RFP), customer Security related questionnaires, coordinate Security Related Audits, and Security language in Health Plan contractual framework.
  • Articulate business values to the team, leadership, and partners.
  • Communicates effectively with team, peers, department leaders, and executive leadership. Responsible for keeping team informed on all relevant organizational information.
  • Contribute to department fiscal year road map and complete required deliverables.
  • Escalate issues to the next level of management as appropriate.
  • Establish and build relationships with vendors, partners, third parties, and internal teams or groups.
  • Leads and facilitates meetings.
  • Manages multiple technologies or teams of security professionals.
  • Manages performance of direct reports through performance evaluations, coaching, and mentoring.
  • Provide recommendations on enhancements and new initiatives.
  • Provides input on budget planning. Responsible for managing to budget.
  • Represent ISG internally and externally by championing initiatives and change.



  • Bachelors degree required with a masters degree preferred, and at least seven years of additional successive experience in a technology field in a multi-faceted user environment, with at least two years experience in a senior or lead capacity, OR 11 years of total related experience, including five years of successive experience in a technology field in a multi-faceted user environment, with at least two years experience in a senior or lead capacity.
  • Demonstrated experience with security best practices, architecture, and framework.


  • Experience managing an information security function using the HITRUST Common Security Framework or the NIST 800-83 cyber security framework.
  • Security industry organization participation/leadership (HITRUST, ISACA, InfraGard, ISC2, ISSA, etc.).
  • Certified Information Systems Security Professional (CISSP) preferred.
  • Certified Information Security Manager (CISM).
  • Knowledge of regulatory requirements such as Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standards (PCI DSS).

Salary Range: $49.98 to $81.42 / hour

Union Position: No

Apply Current Employee?


At UPMC, our shared goal is to create a cohesive, positive, experience for our employees, patients, health plan members, and community. If you too are driven by these values, you may be a great fit at UPMC!


UPMC provides a total rewards package that can help you achieve the goals you have for your career and your personal life. Whether you want to learn a new skill through a training course, reach personal health and wellness targets, become more involved in your community, or follow a career path that provides you with the right experience to be successful, UPMC can help you get to where you want to be.


Now more than ever, YOU can help us shape our communities and UPMC into a better place for everyone to work, study, play, and thrive.

Learn more about working here and check out our policies and recent updates.

UPMC Health Plan Named Best Places to Work for LGBTQ Equality in 2019

UPMC Ranked #1 Best Places for Women and Diverse Managers in 2019

Talent Network