Practicesuite - Manager - IT Security Governance

Overview:

PracticeSuite, Inc. is an innovative platform to enable medical practices and other healthcare facilities to create an amazing patient experience. As a single platform, PracticeSuite has diverse features to modernize practices and take them to the next level. We are currently recruiting for a Manager, IT Security Governance. This position will be responsible for developing, implementing, and managing the organizations IT security governance programs. This role ensures that security policies, processes, and controls align with business objectives, industry standards, and regulatory requirements. The Manager will work closely with stakeholders across IT, legal, audit, and business units to assess risks, and drive a culture of information security.

Role & Responsibilities:

- Establish governance frameworks to ensure security controls align with business and regulatory requirements.

- Serve as subject matter expert on IT security best practices, frameworks (ISO 27001, NIST, COBIT, etc.), and industry trends.

- Drive continuous improvement of the organizations security governance program.

- Lead the IT risk management program, including risk identification, assessment, treatment, and reporting.

- Partner with business units to evaluate risks associated with new technologies, vendors, and processes.

- Oversee periodic risk assessments, vulnerability management reviews, and mitigation tracking.

- Ensure risk registers are maintained and remediation activities are completed on time.

- Manage IT compliance initiatives, including regulatory requirements (HIPAA, GDPR, SOX, PCI-DSS, etc.).

- Oversee internal and external IT security audits, assessments, and certifications.

- Ensure timely response and remediation of audit findings.

- Collaborate with cross-functional teams (Legal, HR, Finance, Operations) to ensure alignment of security objectives.

- Provide regular reports and metrics to executive leadership on risk posture, compliance status, and governance maturity.

- Maintains strict confidentiality of all records and data.

Qualifications:

- 7+ years of experience in information security, IT risk management, or IT audit, with at least 3 years in a leadership/managerial role.

- Strong understanding of security frameworks, standards, and regulations preferred (ISO 27001, NIST CSF, SOC 2, HIPAA, GDPR, etc.).

- Proven experience in managing enterprise risk management or compliance programs.

- Strong leadership, communication, and stakeholder management skills.

- Excellent analytical, problem-solving, and decision-making abilities.

- Ability to translate complex technical concepts into business-relevant language.

- High integrity, attention to detail, and ability to handle sensitive information.

Location Kochi (Complete WFO).

Shift US Shift (6:30PM 3:30AM IST).

Who We Are: