Director of Technology Security & Governance

About The Position

Requirements

• Minimum of 4 years of experience in healthcare technology and 4 years in IT security and governance
• Proven track record of building and managing high-performing security and governance programs within a healthcare environment
• Deep understanding of cybersecurity frameworks, threat management, incident response, and regulatory requirements in healthcare
• Ability to balance long-term strategy with day-to-day execution in a complex, regulated environment
• Skilled at translating complex technical concepts into business-focused insights for diverse stakeholders
• Experienced in developing policies, documentation, and structured frameworks that drive consistency, accountability, and scalability
• Trusted relationship-builder who works effectively across IT, Compliance, Clinical, and executive teams

Responsibilities

• Lead and manage the organization’s technology security function, ensuring robust protection of systems, infrastructure, and sensitive data
• Develop, implement, and continuously evolve comprehensive cybersecurity strategies, policies, and procedures
• Oversee security risk management, including risk assessments, vulnerability management, remediation planning, and risk acceptance processes
• Monitor emerging threats and lead incident response efforts, ensuring rapid, coordinated mitigation and recovery
• Ensure appropriate safeguards are in place across clinical, financial, and operational systems, including EHRs, cloud platforms, and third-party technologies
• Provide clear, executive-level reporting on security posture, risks, and mitigation strategies
• Partner with Compliance and Legal to support adherence to HIPAA, HITECH, and other applicable privacy regulations
• Contribute to the development and delivery of privacy policies, training programs, and organizational awareness initiatives
• Support audits, regulatory inquiries, and security and privacy assessments
• Champion a culture of security awareness and best practices across the organization
• Design, implement, and manage an enterprise-wide technology governance framework, including project intake, evaluation, and prioritization
• Establish clear criteria for assessing technology initiatives, including security, privacy, risk, regulatory impact, resource capacity, and strategic alignment
• Partner with executive leadership to drive transparent portfolio management and prioritization decisions
• Ensure security and privacy considerations are embedded early in project planning and solution design
• Collaborate cross-functionally to deliver secure, scalable, and effective technology solutions
• Analyze support volume and trends to identify opportunities for efficiency and reduction through technology
• Establish and track KPIs, driving accountability, continuous improvement, and program maturity
• Act as a trusted advisor to executives, clinicians, and business leaders on security, privacy, and governance matters
• Translate complex technical and regulatory concepts into clear, actionable, business-focused insights

Benefits

• Collaborative team environment that encourages professional growth
• Urgent care services at no cost to our team members and their families
• Extensive benefit offerings including health, dental, and vision coverage, company paid short-term disability, and optional pet insurance
• 401k match after one year of service
• Access to our primary care (depending on location)
• Educational Alliance with Purdue University Global and reduced tuition rates for team members and their families
• Employer rewards and access to discounts offered on services and products such as hotels, travel, entertainment, restaurants, and more