Manager of Technology Security & Governance (Onsite)

At ConvenientMD , we’re on a mission to make good health more convenient for all – working to improve how patients and providers experience healthcare in New England. To support this belief, we’re building a team of dedicated professionals who genuinely care about improving lives, are passionate about work that can make a difference, and are driven to learn from one another. The Opportunity Note: This role is onsite at least 4 days per week in Portsmouth, New Hampshire. The Manager of Technology Security Governance will play a critical leadership role in safeguarding the organization’s technology environment while establishing a disciplined, enterprise-wide approach to technology governance. This leader will be responsible for advancing information security and privacy programs that protect patient and organizational data, while also designing and operating a structured intake, prioritization, and oversight process for technology initiatives. Operating within a highly regulated healthcare environment, this role ensures the confidentiality, integrity, and availability of systems and data, while enabling thoughtful, transparent decision-making around technology investments. The Director will partner closely with IT, Compliance, Clinical, Revenue Cycle, Finance, Operations, and Executive leadership to embed security, privacy, and governance into both strategic planning and day-to-day operations. This is an opportunity to balance strategic leadership with hands-on execution, building scalable frameworks that support growth, mitigate risk, and drive operational excellence across the enterprise. This role is not remote. This position is based onsite at ConvenientMD headquarters in Portsmouth, NH. Your Impact Information Security Leadership Lead and manage the organization’s technology security function, ensuring robust protection of systems, infrastructure, and sensitive data Develop, implement, and continuously evolve comprehensive cybersecurity strategies, policies, and procedures Oversee security risk management, including risk assessments, vulnerability management, remediation planning, and risk acceptance processes Monitor emerging threats and lead incident response efforts, ensuring rapid, coordinated mitigation and recovery Ensure appropriate safeguards are in place across clinical, financial, and operational systems, including EHRs, cloud platforms, and third-party technologies Provide clear, executive-level reporting on security posture, risks, and mitigation strategies Privacy Regulatory Compliance Partner with Compliance and Legal to support adherence to HIPAA, HITECH, and other applicable privacy regulations Contribute to the development and delivery of privacy policies, training programs, and organizational awareness initiatives Support audits, regulatory inquiries, and security and privacy assessments Champion a culture of security awareness and best practices across the organization Technology Governance Prioritization Design, implement, and manage an enterprise-wide technology governance framework, including project intake, evaluation, and prioritization Establish clear criteria for assessing technology initiatives, including security, privacy, risk, regulatory impact, resource capacity, and strategic alignment Partner with executive leadership to drive transparent portfolio management and prioritization decisions Ensure security and privacy considerations are embedded early in project planning and solution design Operational Excellence Continuous Improvement Collaborate cross-functionally to deliver secure, scalable, and effective technology solutions Analyze support volume and trends to identify opportunities for efficiency and reduction through technology Establish and track KPIs, driving accountability, continuous improvement, and program maturity Strategic Partnership Communication Act as a trusted advisor to executives, clinicians, and business leaders on security, privacy, ... (truncated, view full listing at source)