Director, Technical Operations

About The Position

Requirements

• 8+ years of progressive experience in IT operations, security, or healthcare technology operations, with time in a HIPAA-regulated provider or payer environment
• Proven success building a HIPAA compliance program from scratch, including risk assessments, policy development, workforce training, and incident response
• Deep understanding of identity and endpoint fundamentals: SSO, MDM, and least-privilege access
• Track record managing MSPs and vendors to outcomes, including writing SOWs, holding vendors accountable, and knowing when to insource
• Builder’s temperament: comfortable being the first and only person in your function, equally willing to set strategy and do the hands-on work
• Rochester-based or willing to relocate
• Excellent leadership, collaboration, and communication abilities
• Mission-driven, collaborative mindset and a passion for improving access to high-quality primary care

Nice To Haves

• Experience administering an ambulatory EHR, Athena especially, or a comparable clinical system
• Experience standing up technology for de novo clinic sites
• A security certification (CISSP, HCISPP, or similar)
• SOC 2 program experience (on our roadmap, not a launch requirement)

Responsibilities

• Build and run our HIPAA compliance program, including policies and procedures, workforce training, security risk assessments, and incident response planning
• Serve as our named HIPAA Security Officer
• Own the vendor risk program: BAA tracking, security review of vendors, and a maintained risk inventory covering our EHR marketplace tools and technology partners
• Establish security baselines across access control, audit logging, encryption standards, and workforce device security
• Stand up identity and access management; work with our MSP on MDM and device provisioning for a growing distributed team
• Administer Google Workspace and our SaaS stack; own onboarding and offboarding workflows
• Set policies and tooling for a clinical workforce, including shared workstations, clinical devices, and role-based access
• Serve as system administrator for our EHR (Athena): user provisioning, configuration, workflow setup, and vendor support coordination
• Manage EHR marketplace vendors (ambient documentation, AI tooling) and other clinical software vendors across contracts, performance, and risk posture
• Partner with our MSP on helpdesk, clinic networking, telephony, and on-site support
• Own clinic technology readiness: network, devices, phones, printing, and exam room technology, delivered through MSP partners under your direction
• Build the repeatable clinic IT playbook that will guide every future location we open
• Manage relationships with managed service providers, clinical software vendors, and compliance consultants to deliver high-quality work on time and within budget
• Develop clear performance goals and hold internal and external resources accountable to them
• Build and lead the technical operations team over time as the organization scales

Benefits

• medical
• dental
• vision
• 401K