Manager of Technology Security & Governance (Onsite)

The Opportunity 

Note: This role is onsite at least 4 days per week in Portsmouth, New Hampshire.

The Manager of Technology Security & Governance will play a critical leadership role in safeguarding the organization’s technology environment while establishing a disciplined, enterprise-wide approach to technology governance. This leader will be responsible for advancing information security and privacy programs that protect patient and organizational data, while also designing and operating a structured intake, prioritization, and oversight process for technology initiatives.

Operating within a highly regulated healthcare environment, this role ensures the confidentiality, integrity, and availability of systems and data, while enabling thoughtful, transparent decision-making around technology investments. The Director will partner closely with IT, Compliance, Clinical, Revenue Cycle, Finance, Operations, and Executive leadership to embed security, privacy, and governance into both strategic planning and day-to-day operations.

This is an opportunity to balance strategic leadership with hands-on execution, building scalable frameworks that support growth, mitigate risk, and drive operational excellence across the enterprise.

This role is not remote. This position is based onsite at ConvenientMD headquarters in Portsmouth, NH. 

Your Impact

• Information Security Leadership
  • Lead and manage the organization’s technology security function, ensuring robust protection of systems, infrastructure, and sensitive data
  • Develop, implement, and continuously evolve comprehensive cybersecurity strategies, policies, and procedures
  • Oversee security risk management, including risk assessments, vulnerability management, remediation planning, and risk acceptance processes
  • Monitor emerging threats and lead incident response efforts, ensuring rapid, coordinated mitigation and recovery
  • Ensure appropriate safeguards are in place across clinical, financial, and operational systems, including EHRs, cloud platforms, and third-party technologies
  • Provide clear, executive-level reporting on security posture, risks, and mitigation strategies
• Privacy & Regulatory Compliance
  • Partner with Compliance and Legal to support adherence to HIPAA, HITECH, and other applicable privacy regulations
  • Contribute to the development and delivery of privacy policies, training programs, and organizational awareness initiatives
  • Support audits, regulatory inquiries, and security and privacy assessments
  • Champion a culture of security awareness and best practices across the organization
• Technology Governance & Prioritization
  • Design, implement, and manage an enterprise-wide technology governance framework, including project intake, evaluation, and prioritization
  • Establish clear criteria for assessing technology initiatives, including security, privacy, risk, regulatory impact, resource capacity, and strategic alignment
  • P