Divurgent
Oracle Health/Cerner IT Security Project Manager (Contract to Hire)
Divurgent, Boston, Massachusetts, us, 02298
Oracle Health/Cerner IT Security Project Manager (Contract to Hire)
Join to apply for the
Oracle Health/Cerner IT Security Project Manager (Contract to Hire)
role at
Divurgent
Contract to Hire: 6 month duration.
W2 Only: No 3rd Party/C2C/Sponsorship.
Hybrid: 80% Remote, 20% Onsite Boston, MA.
Start Date: Mid–Late January, upon successful onboarding.
Must have Oracle Health/Cerner Implementation Experience.
The Oracle Health/Cerner IT Security Project Manager will oversee the design, implementation, validation, and sustainment of cybersecurity and data protection strategies for an expansive Oracle Health EHR implementation. This role is responsible for ensuring that all infrastructure, applications, integrations, and data flows meet or exceed state and federal security standards, including HIPAA, NIST 800‑53, and state‑specific cybersecurity policies. The IT Security Lead will work closely with technical partners, stakeholders, and third‑party vendors to ensure secure, compliant, and resilient operations across state and correctional health environments.
Key Responsibilities Security Architecture and Governance
Lead the development of a hybrid cloud security architecture leveraging Oracle Cloud Infrastructure (OCI) and state‑managed data centers.
Implement zero‑trust architecture with least‑privilege access, multi‑factor authentication (MFA), and role‑based access controls (RBAC).
Align all security controls with service agreements, NIST 800‑53, and CIS benchmarks.
Establish governance models for change control, incident response, and disaster recovery planning.
Serve as the primary liaison to the Executive Steering Committee and state cybersecurity teams.
Risk Management and Compliance
Conduct structured risk assessments across technical, contractual, staffing, and hosting domains.
Develop and maintain a risk register with mitigation strategies anchored in governance, monitoring, and contract safeguards.
Lead vulnerability scanning, penetration testing, and firewall reviews across all environments.
Ensure compliance with HIPAA, 42 CFR Part 2, FISMA, and other applicable regulations.
Oversee the implementation of continuous monitoring, patching, and SOC (Security Operations Center) coordination.
Identity and Access Management (IAM)
Design and implement IAM protocols across Oracle Health Millennium, RevElate, and integrated systems.
Manage user provisioning, de‑provisioning, and access audits across all care settings.
Validate integration with Oracle IAM and identity providers for seamless SSO and MFA.
Disaster Recovery and Business Continuity
Define and validate SLAs for uptime, performance, RTO/RPO, and incident response.
Coordinate DR testing with Oracle Health and infrastructure teams.
Develop and maintain playbooks for failover, downtime procedures, and recovery operations.
Ensure that DR protocols are embedded in training and operational handoffs.
Data Protection and Integration Security
Oversee secure ingestion and normalization of multi‑source data (clinical, claims, operational) using Oracle Health Data Intelligence (HDI).
Validate HL7/FHIR interface security, including encryption, authentication, and audit logging.
Implement secure APIs and data exchange frameworks for interoperability with federal and state systems.
Operational Support and Sustainment
Provide 24/7 monitoring, quarterly health checks, and proactive performance tuning.
Lead continuous modernization efforts leveraging OCI’s roadmap (AI, automation, new security services).
Ensure alignment with ITIL service management practices and state governance.
Required Qualifications
Bachelor's degree.
Minimum 5 years of experience in IT security leadership in healthcare or public sector environments.
Proven success in securing large‑scale EHR implementations, preferably Oracle Health Millennium and RevElate.
Deep understanding of HIPAA, NIST, FISMA, and state‑specific cybersecurity frameworks.
Experience with IAM, SOC operations, vulnerability management, and DR planning.
Familiarity with HL7/FHIR, OCI, and secure data integration practices.
Excellent communication, stakeholder engagement, and documentation skills.
Preferred Qualifications
Certifications in CISSP, CISM, CISA, or equivalent. Experience with federal/state EHR implementations.
Familiarity with Oracle Health’s security architecture and OCI observability tools.
Experience managing security in multi‑entity, multi‑specialty environments.
Divurgent is a solutions provider focused on what matters most to our client partners. We disrupt the typical value equation by using data‑infused, flexible, and scalable solutions that demonstrate and quantify value for our partners. We are committed to IT evolution, deploying tailored solutions that help our client partners achieve improved operational effectiveness, financial performance, and quality of customer experience.
Seniority Level
Mid‑Senior level
Employment Type
Contract
Job Function
Information Technology
Business Consulting and Services
#J-18808-Ljbffr
Oracle Health/Cerner IT Security Project Manager (Contract to Hire)
role at
Divurgent
Contract to Hire: 6 month duration.
W2 Only: No 3rd Party/C2C/Sponsorship.
Hybrid: 80% Remote, 20% Onsite Boston, MA.
Start Date: Mid–Late January, upon successful onboarding.
Must have Oracle Health/Cerner Implementation Experience.
The Oracle Health/Cerner IT Security Project Manager will oversee the design, implementation, validation, and sustainment of cybersecurity and data protection strategies for an expansive Oracle Health EHR implementation. This role is responsible for ensuring that all infrastructure, applications, integrations, and data flows meet or exceed state and federal security standards, including HIPAA, NIST 800‑53, and state‑specific cybersecurity policies. The IT Security Lead will work closely with technical partners, stakeholders, and third‑party vendors to ensure secure, compliant, and resilient operations across state and correctional health environments.
Key Responsibilities Security Architecture and Governance
Lead the development of a hybrid cloud security architecture leveraging Oracle Cloud Infrastructure (OCI) and state‑managed data centers.
Implement zero‑trust architecture with least‑privilege access, multi‑factor authentication (MFA), and role‑based access controls (RBAC).
Align all security controls with service agreements, NIST 800‑53, and CIS benchmarks.
Establish governance models for change control, incident response, and disaster recovery planning.
Serve as the primary liaison to the Executive Steering Committee and state cybersecurity teams.
Risk Management and Compliance
Conduct structured risk assessments across technical, contractual, staffing, and hosting domains.
Develop and maintain a risk register with mitigation strategies anchored in governance, monitoring, and contract safeguards.
Lead vulnerability scanning, penetration testing, and firewall reviews across all environments.
Ensure compliance with HIPAA, 42 CFR Part 2, FISMA, and other applicable regulations.
Oversee the implementation of continuous monitoring, patching, and SOC (Security Operations Center) coordination.
Identity and Access Management (IAM)
Design and implement IAM protocols across Oracle Health Millennium, RevElate, and integrated systems.
Manage user provisioning, de‑provisioning, and access audits across all care settings.
Validate integration with Oracle IAM and identity providers for seamless SSO and MFA.
Disaster Recovery and Business Continuity
Define and validate SLAs for uptime, performance, RTO/RPO, and incident response.
Coordinate DR testing with Oracle Health and infrastructure teams.
Develop and maintain playbooks for failover, downtime procedures, and recovery operations.
Ensure that DR protocols are embedded in training and operational handoffs.
Data Protection and Integration Security
Oversee secure ingestion and normalization of multi‑source data (clinical, claims, operational) using Oracle Health Data Intelligence (HDI).
Validate HL7/FHIR interface security, including encryption, authentication, and audit logging.
Implement secure APIs and data exchange frameworks for interoperability with federal and state systems.
Operational Support and Sustainment
Provide 24/7 monitoring, quarterly health checks, and proactive performance tuning.
Lead continuous modernization efforts leveraging OCI’s roadmap (AI, automation, new security services).
Ensure alignment with ITIL service management practices and state governance.
Required Qualifications
Bachelor's degree.
Minimum 5 years of experience in IT security leadership in healthcare or public sector environments.
Proven success in securing large‑scale EHR implementations, preferably Oracle Health Millennium and RevElate.
Deep understanding of HIPAA, NIST, FISMA, and state‑specific cybersecurity frameworks.
Experience with IAM, SOC operations, vulnerability management, and DR planning.
Familiarity with HL7/FHIR, OCI, and secure data integration practices.
Excellent communication, stakeholder engagement, and documentation skills.
Preferred Qualifications
Certifications in CISSP, CISM, CISA, or equivalent. Experience with federal/state EHR implementations.
Familiarity with Oracle Health’s security architecture and OCI observability tools.
Experience managing security in multi‑entity, multi‑specialty environments.
Divurgent is a solutions provider focused on what matters most to our client partners. We disrupt the typical value equation by using data‑infused, flexible, and scalable solutions that demonstrate and quantify value for our partners. We are committed to IT evolution, deploying tailored solutions that help our client partners achieve improved operational effectiveness, financial performance, and quality of customer experience.
Seniority Level
Mid‑Senior level
Employment Type
Contract
Job Function
Information Technology
Business Consulting and Services
#J-18808-Ljbffr