IT Security, Compliance and Governance Lead

Behavioral Health Network (BHN) is the largest provider of behavioral health services in Western Massachusetts and was recently recognized by The Boston Globe as a Top 10 Employer in Massachusetts
. We are also proud to be a Certified Great Place to Work
. If you're a security and governance leader who thrives on protecting systems, data, and people in mission-driven environments, consider joining our team as our IT Security, Compliance & Governance Lead
.

As BHN’s IT Security, Compliance & Governance Lead, you will design, implement, and continuously strengthen our enterprise security, privacy, and IT governance programs. You’ll safeguard sensitive health information, ensure regulatory compliance, and embed risk-aware decision-making across a multi-site healthcare organization serving thousands across Western Massachusetts.

• Mission-Driven Impact – Protect the systems and data that support behavioral health care access across the region
• Strategic Leadership – Shape enterprise security and governance strategy in a complex healthcare environment
• Collaborative Culture – Partner with IT, clinical, compliance, legal, and executive leaders
• Professional Growth – Lead audits, risk initiatives, and modernization of security practices
• Competitive Compensation & Benefits – Generous PTO, 403(b) with employer match, tuition reimbursement, and comprehensive benefits

• Develop and maintain BHN’s enterprise information security, privacy, and IT governance strategy
• Lead HIPAA, HITECH, 42 CFR Part 2, and other regulatory compliance initiatives
• Conduct and manage risk assessments; maintain and track enterprise risk register
• Oversee security operations delivered by the MSP, including monitoring, incident response, vulnerability management, and endpoint protection
• Coordinate internal and external audits; lead remediation planning and tracking
• Chair or facilitate IT governance and security committees
• Serve as primary point of contact for security incidents and potential breaches
• Collaborate with Infrastructure and Network leadership to ensure secure architecture, identity management, and disaster recovery planning
• Review vendor contracts, business associate agreements, and data-sharing terms for security and privacy compliance
• Prepare security posture and risk reports for executive leadership

• Bachelor’s Degree in Cybersecurity, Information Security, IT, or related field (Master’s preferred)
• 7+ years of progressive experience in cybersecurity, privacy, compliance, or risk management, preferably in healthcare
• Deep expertise in Microsoft security technologies (Azure, Entra , Defender, Intune, Purview, Microsoft 365)
• Strong knowledge of HIPAA Security & Privacy Rules, HITECH, 42 CFR Part 2, and related regulations
• Experience working with NIST, CIS Controls, HITRUST, ISO 27001, or comparable frameworks
• Experience managing MSP or MSSP relationships and security service delivery
• Ability to translate complex technical and regulatory risk into clear, actionable guidance
• Relevant certifications (CISSP, CISM, CISA, CCSP, HCISPP, or equivalent) strongly preferred

Since 1938, BHN has delivered high-quality, culturally responsive behavioral health care across Western Massachusetts. Our IT and security leaders play a vital role in protecting the trust placed in us by individuals, families, staff, and partners.

If you're ready to lead security and governance efforts that support safe, person-centered care, we’d love to hear from you.

Pay Range: $140,000- $165,000