Demo

IT Security & Compliance Lead (Healthcare)

Premium Health Center
Brooklyn, NY Full Time
POSTED ON 7/13/2026 CLOSED ON 7/17/2026

What are the responsibilities and job description for the IT Security & Compliance Lead (Healthcare) position at Premium Health Center?

Administration

Location:

620 Foster Avenue, Brooklyn, NY 11230

Hours

Full Time

Premium Health is looking for outstanding Security & Compliance candidates for our Information Technology department.



Premium Health’s Information Technology (IT) department is based in our Administration office and is responsible for managing and maintaining the entire infrastructure of multiple health practices across Brooklyn. The IT department is a team that is projected to grow as the organization does and is lead by our Chief Digitial Information Officer. We are seeking a hands-on IT Security & Compliance Lead to own and operate the organization’s security, risk, and compliance program across a multi-site ambulatory healthcare environment.



This role is responsible for day-to-day execution of security controls, HIPAA compliance, audit readiness, vendor risk management, and AI governance, ensuring systems and data are protected while enabling efficient clinical and operational workflows.



The role serves as the internal owner of security programexecution, working closely with IT, clinical applications, data, andoperational teams, as well as external partners. The role will also establish and managepractical AI governance, enabling safe and effective use of emerging AI toolsacross the organization.



This individual will help define and execute a practicalsecurity roadmap to continuously mature the organization’s security controls,operational practices, and risk management capabilities, aligned to healthcareregulatory requirements and industry-standard frameworks such as NIST.



Success in this role requires a balance of operationalexecution, hands-on security administration, cross-functional collaboration,and pragmatic risk management while supporting a rapidly evolving healthcareenvironment.





Time Commitment

  • 40 hours per week (Monday – Friday)
  • Opportunity for remote work for up to 20% of scheduled hours

Responsibilities

Security Program Ownership& Execution

  • Own and operate the organization’s security program, ensuring policies, procedures, and controls are consistently implemented
  • Maintain and update security policies, standards, and procedures
  • Ensure alignment with regulatory and organizational requirements
  • Support ongoing maturation of the organization’s security posture and controls framework, including alignment with industry-standard practices such as NIST
  • Stay current on emerging cybersecurity threats, vulnerabilities, technologies, AI-related risks, and evolving industry best practices, proactively identifying opportunities to strengthen the organization’s security posture and risk management capabilities

Security Tooling & ControlAdministration

  • Administer and support security technologies and operational controls across the environment, including email security, endpoint protection, identity and access management, MFA, conditional access, DLP, and firewall/security platforms
  • Configure, tune, monitor, and maintain security rules, alerts, policies, and protections across Microsoft 365, SaaS, endpoint, and network security platforms in collaboration with internal IT teams and external security partners
  • Support email security administration, including phishing protection, impersonation protection, quarantine management, and coordination of SPF/DKIM/DMARC-related controls
  • Coordinate and manage phishing simulations, user remediation, and security awareness follow-up activities
  • Support SaaS application governance and review of third-party application access, permissions, and security risks
  • Partner with outsourced SOC/EDR providers to investigate alerts, validate remediation actions, and continuously improve detection and response capabilities

Compliance & AuditReadiness (HIPAA)

  • Lead HIPAA compliance efforts, including risk assessments and remediation tracking
  • Coordinate internal and external audits, ensuring documentation and evidence are maintained continuously
  • Monitor compliance with security policies and regulatory requirements
  • Ensure controls are functioning and documented (not just defined)

Vendor & Third-Party RiskManagement

  • Own vendor security review process
  • Ensure BAAs and security requirements are inplace and tracked
  • Maintain vendor inventory and riskclassification

Identity & AccessManagement

  • Oversee user access controls, including onboarding, offboarding, and role-based access controls
  • Lead periodic access reviews across key systems
  • Ensure least-privilege access and proper audit trails

Security Operations &Incident Coordination

  • Serve as the internal point of contact for security incidents, coordinating response with outsourced SOC/EDR providers
  • Define and maintain incident response processes and escalation paths
  • Track and ensure follow-up on security alerts and incidents

AI Governance & EmergingTechnology Risk

  • Establish and maintain practical AI governance guidelines, including acceptable use of tools such as ChatGPT and Microsoft Copilot
  • Define guardrails for responsible use of AI, including PHI protection and data handling
  • Support evaluation of AI-enabled tools and vendors
  • Partner with IT and operational teams to enable safe adoption

Security Awareness &Training

  • Support security awareness initiatives, including phishing simulations and staff education
  • Provide guidance on secure use of systems, data, and AI tools

Collaboration & Reporting

  • Partner with IT, Clinical Applications, Data, and Operations teams to ensure security practices align with workflows and business needs
  • Provide regular reporting on security posture, risks, and compliance status to leadership
  • Identify opportunities to improve processes, reduce risk, and strengthen controls



Requirements

Qualified candidates must have 5 years of experience, be self-driven and know:

  • 5 years of experience in IT security, compliance, or risk management
  • Experience in healthcare or regulated environments (HIPAA strongly preferred)
  • Experience managing or supporting security programs, audits, and compliance initiatives
  • Strong understanding of identity and access management, vendor risk, and security controls
  • Ability to work cross-functionally and translate security requirements into practical processes
  • Hands-on experience administering or supporting security technologies and operational controls, including areas such as identity and access management, endpoint protection, email security, MFA/conditional access, DLP, or SaaS security administration





Preferred

  • Experience working with SaaS-heavy environments and third-party vendors
  • Experience working with Microsoft 365 security technologies, endpoint protection, email security, SIEM, DLP, conditional access, or related security platforms
  • Experience developing or supporting security policies and governance frameworks
  • Familiarity with NIST, CIS Controls, or similar frameworks
  • Exposure to AI tools and interest in emerging technology governance









Compensation

Commensurate with Experience



Benefits

  • Paid time Off, Medical, Dental and Vision plans, Retirement plans
  • Public Service Loan Forgiveness (PSLF)

Salary.com Estimation for IT Security & Compliance Lead (Healthcare) in Brooklyn, NY
$121,874 to $149,430
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a IT Security & Compliance Lead (Healthcare)?

Sign up to receive alerts about other jobs on the IT Security & Compliance Lead (Healthcare) career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$112,673 - $137,290
Income Estimation: 
$139,945 - $168,577
Income Estimation: 
$140,233 - $181,029
Income Estimation: 
$161,209 - $233,553
Income Estimation: 
$111,725 - $147,313
Income Estimation: 
$139,945 - $168,577
Income Estimation: 
$140,233 - $181,029
Income Estimation: 
$161,209 - $233,553
This job has expired.
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at Premium Health Center

  • Premium Health Center Brooklyn, NY
  • Process Automation & Integration Engineer Location: 620 Foster Ave, Brooklyn, NY 11230 We’re seeking a highly motivated, hands-on Process Automation & Inte... more
  • 8 Days Ago

  • Premium Health Center Brooklyn, NY
  • Healthcare Business Intelligence & Analytics Analyst -Information Technology Location: 620 Foster Avenue Brooklyn, NY 11230 Hours: Full Time Premium Health... more
  • 8 Days Ago

  • Premium Health Center Brooklyn, NY
  • The Medical Receptionist serves as the face of the practice and the first person a patient comes in contact with. As such, the Medial Receptionist serves a... more
  • 9 Days Ago

  • Premium Health Center Brooklyn, NY
  • IVF Coordinator-Fertility Location: 4510 16th Avenue Brooklyn, NY 11204 Hours: Full Time Training Period: Mon- Thurs 9:00 AM-6:00 PM ‍ Once Training Period... more
  • 2 Days Ago


Not the job you're looking for? Here are some other IT Security & Compliance Lead (Healthcare) jobs in the Brooklyn, NY area that may be a better fit.

  • NYU Langone York, NY
  • NYU Langone Health is a fully integrated health system that consistently achieves the best patient outcomes through a rigorous focus on quality that has re... more
  • 1 Month Ago

AI Assistant is available now!

Feel free to start your new journey!