Security and Compliance Manager

Behavioral Health Network (BHN)is the largest provider of behavioral health services in Western Massachusetts and was recently recognized byThe Boston Globe as a Top 10 Employer in Massachusetts . We are also proud to be aCertified Great Place to Work . If you're a security and governance leader who thrives on protecting systems, data, and people in mission-driven environments, consider joining our team as ourIT Security, Compliance & Governance Lead . This is a remote position with MONTHLY onsite expectations in Springfield, MA.What You'll Do:As BHN's IT Security, Compliance & Governance Lead, you will design, implement, and continuously strengthen our enterprise security, privacy, and IT governance programs. You'll safeguard sensitive health information, ensure regulatory compliance, and embed risk-aware decision-making across a multi-site healthcare organization serving thousands across Western Massachusetts.What We Offer:Mission-Driven Impact - Protect the systems and data that support behavioral health care access across the region Strategic Leadership - Shape enterprise security and governance strategy in a complex healthcare environment Collaborative Culture - Partner with IT, clinical, compliance, legal, and executive leaders Professional Growth - Lead audits, risk initiatives, and modernization of security practices Competitive Compensation & Benefits - Generous PTO, 403(b), tuition reimbursement, and comprehensive benefits Key Responsibilities:Develop and maintain BHN's enterprise information security, privacy, and IT governance strategy Lead HIPAA, HITECH, 42 CFR Part 2, and other regulatory compliance initiatives Conduct and manage risk assessments; maintain and track enterprise risk register Oversee security operations delivered by the MSP, including monitoring, incident response, vulnerability management, and endpoint protection Coordinate internal and external audits; lead remediation planning and tracking Chair or facilitate IT governance and security committees Serve as primary point of contact for security incidents and potential breaches Collaborate with Infrastructure and Network leadership to ensure secure architecture, identity management, and disaster recovery planning Review vendor contracts, business associate agreements, and data-sharing terms for security and privacy compliance Prepare security posture and risk reports for executive leadership Who You Are:Bachelor's Degree in Cybersecurity, Information Security, IT, or related field (Master's preferred) 7+ years of progressive experience in cybersecurity, privacy, compliance, or risk management, preferably in healthcare Deep expertise in Microsoft security technologies (Azure, Entra ID, Defender, Intune, Purview, Microsoft 365) Strong knowledge of HIPAA Security & Privacy Rules, HITECH, 42 CFR Part 2, and related regulations Experience working with NIST, CIS Controls, HITRUST, ISO 27001, or comparable frameworks Experience managing MSP or MSSP relationships and security service delivery Ability to translate complex technical and regulatory risk into clear, actionable guidance Relevant certifications (CISSP, CISM, CISA, CCSP, HCISPP, or equivalent) strongly preferred We Hire for Purpose!Since 1938, BHN has delivered high-quality, culturally responsive behavioral health care across Western Massachusetts. Our IT and security leaders play a vital role in protecting the trust placed in us by individuals, families, staff, and partners.If you're ready to lead security and governance efforts that support safe, person-centered care, we'd love to hear from you.Pay Range: $140,000- $165,000 recblid 6724m3xgyluzdxqh7u4izmhozv76rn