×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

IT Security & Compliance Lead; Healthcare Foster Ave Administration

Remote / Online - Candidates ideally in
New York, New York County, New York, 10261, USA
Listing for: Premiumhealthcenter
Full Time, Remote/Work from Home position
Listed on 2026-06-05
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below
Position: IT Security & Compliance Lead (Healthcare) 620 Foster Ave Administration
Location: New York

IT Security & Compliance Lead (Healthcare)

Administration

Location:

620 Foster Avenue, Brooklyn, NY 11230

Hours:

Full Time

Premium Health is looking for outstanding Security & Compliance candidates for our Information Technology department.

Premium Health’s Information Technology (IT) department is based in our Administration office and is responsible for managing and maintaining the entire infrastructure of multiple health practices across Brooklyn. The IT department is a team that is projected to grow as the organization does and is led by our Chief Digital Information Officer. We are seeking a hands‑on IT Security & Compliance Lead to own and operate the organization’s security, risk, and compliance program across a multi‑site ambulatory healthcare environment.

This role is responsible for day‑to‑day execution of security controls, HIPAA compliance, audit readiness, vendor risk management, and AI governance, ensuring systems and data are protected while enabling efficient clinical and operational workflows.

The role serves as the internal owner of security program execution, working closely with IT, clinical applications, data, and operational teams, as well as external partners. The role will also establish and manage practical AI governance, enabling safe and effective use of emerging AI tools across the organization.

This individual will help define and execute a practical security roadmap to continuously mature the organization’s security controls, operational practices, and risk management capabilities, aligned to healthcare regulatory requirements and industry‑standard frameworks such as NIST.

Success in this role requires a balance of operational execution, hands‑on security administration, cross‑functional collaboration, and pragmatic risk management while supporting a rapidly evolving healthcare environment.

Time Commitment
  • 40 hours per week (Monday – Friday)
  • Opportunity for remote work for up to 20% of scheduled hours
Responsibilities Security Program Ownership & Execution
  • Own and operate the organization’s security program, ensuring policies, procedures, and controls are consistently implemented
  • Maintain and update security policies, standards, and procedures
  • Ensure alignment with regulatory and organizational requirements
  • Support ongoing maturation of the organization’s security posture and controls framework, including alignment with industry-standard practices such as NIST
  • Stay current on emerging cybersecurity threats, vulnerabilities, technologies, AI‑related risks, and evolving industry best practices, proactively identifying opportunities to strengthen the organization’s security posture and risk management capabilities
Security Tooling & Control Administration
  • Administer and support security technologies and operational controls across the environment, including email security, endpoint protection, identity and access management, MFA, conditional access, DLP, and firewall/security platforms
  • Configure, tune, monitor, and maintain security rules, alerts, policies, and protections across Microsoft 365, SaaS, endpoint, and network security platforms in collaboration with internal IT teams and external security partners
  • Support email security administration, including phishing protection, impersonation protection, quarantine management, and coordination of SPF/DKIM/DMARC-related controls
  • Coordinate and manage phishing simulations, user remediation, and security awareness follow‑up activities
  • Support SaaS application governance and review of third‑party application access, permissions, and security risks
  • Partner with outsourced SOC/EDR providers to investigate alerts, validate remediation actions, and continuously improve detection and response capabilities
Compliance & Audit Readiness (HIPAA)
  • Lead HIPAA compliance efforts, including risk assessments and remediation tracking
  • Coordinate internal and external audits, ensuring documentation and evidence are maintained continuously
  • Monitor compliance with security policies and regulatory requirements
  • Ensure controls are functioning and documented (not just defined)
Vendor & Third‑Party Risk Management
  • Own vendor security review process
  • Ensure BAAs and security…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search