Who You Are

You are an experienced IT leader with a passion for healthcare. You help organizations innovate and have a background supporting hardware and software infrastructure. You bring strong experience managing healthcare security, privacy and compliance obligations, including the protection of PHI across modern cloud, SaaS and endpoint environments.

Who We Are

Oasis Health Partners (Oasis) is building healthier communities by advancing primary care. We partner with patients, providers and plans to provide personalized, local care for seniors in towns across America. We believe that patient needs come first, and that primary care is the foundation of patient-centric healthcare. With Oasis, patients receive better access and care. Providers receive the data, resources and expertise to be successful in value-based care arrangements. Payers get the benefit of a solution that improves performance, drives growth and reduces the total cost of care in hard-to-engage markets.

Together, we will boldly advance primary care for those that need it most. We are excited for you to join us on this journey. We invite you to be a part of Oasis, where you’ll discover we listen first, do the right thing, build together and go all in --- while having fun!

Your Role

The Director, Information Technology and Security is responsible for ensuring Oasis's business functions are supported with appropriate software and hardware. You will interface with our managed services provider (MSP) to determine and manage the types of devices our employees receive. The Director must also assess, select and implement new software/technology solutions in support of the organization. This includes performing vendor security risk assessments for new service providers and helping ensure that third-party technologies meet Oasis's security, privacy and compliance expectations.

You play a critical role in ensuring that Oasis follows best practices for security and compliance. You will develop and implement controls to protect sensitive and confidential information. You will also help manage requirements related to the HIPAA Security, Privacy and Breach Notification Rules, including the implementation of safeguards, risk management practices and incident response processes that support the protection of PHI.

Over the next several years, the Director, IT and Security will have an opportunity to:

• Create a secure and scalable technology platform
• Recruit and lead an incredible team of technology/engineering professionals
• Develop and implement appropriate controls for HIPAA, SOC-2 and HITRUST
• Develop and mature vendor security risk management processes for new and existing service providers
• Strengthen Oasis's Microsoft security and compliance capabilities across Azure and Microsoft 365
• Establish and maintain controls to reduce the risk of PHI exfiltration through approved and unapproved egress points, including GenAI tools
• Enable the success of the Oasis Health technology platform by supporting our internal and external team
• Develop Oasis’s IT delivery standards and create best practices

Investment In Our Team

We invest in the personal and professional success of our team. We take care of our people and offer robust benefits including medical, dental, vision and generous time off plans. We are committed to supporting your growth with a development program that starts with onboarding and continues throughout your career. As an inclusive, passionate and diverse team, you will partner with professionals who understand the importance of high-value, high-impact patient care.

We invite you to be a part of Oasis Health, where you’ll discover we listen first, build together, do the right thing, have fun and most importantly, are all in!

About You

• You have a college diploma and ten years' experience leading IT in healthcare organizations
• Knowledge of virtual network infrastructure in Azure or other cloud platforms (security groups, vnets, subnets, firewalls, etc.)
• Working knowledge of HIPAA, SOC-2 and HITRUST requirements across the enterprise
• At least 8 years of experience supporting healthcare information security, privacy, compliance, or IT risk management programs, including hands-on experience with HIPAA Security, Privacy and Breach Notification Rule requirements
• At least 5 years of experience performing or managing vendor security risk assessments, including review of service provider security controls, data protection practices, and risk remediation activities