The Opportunity

This is not a traditional IT leadership role.

Town Square Health is seeking a Director of Technical Operations to build and own everything that makes our technology trustworthy and operational: our HIPAA compliance program, corporate IT foundation, EHR administration, and the managed service partnerships that keep our clinics running. You'll stand these functions up from scratch before our first patient walks through the door - then scale them across every location we open.

This is a player-coach role by design. Because we're pre-launch and deliberately lean, you'll set strategy and also do the hands-on work: configuring tools, directing vendors, and solving day-to-day problems yourself until there's a team beneath you. You'll be the CTO's counterpart on the operational side of technology, partnering closely with our VP of Operations on clinic readiness and with counsel on compliance.

You'll have the opportunity to:

• Build our HIPAA compliance program from the ground up and serve as our named HIPAA Security Officer
• Own the full technical operations footprint: identity, devices, EHR, vendor relationships, and clinic technology readiness
• Create the repeatable clinic IT playbook we'll use for every future location we open
• Grow into a team leadership role as the organization scales across markets
• Work at the intersection of healthcare, technology, and operational execution in a high-visibility, high-trust role

What You'll Do

You'll own a wide surface area - and that's intentional. We're building from scratch, and this role is the foundation of our technical operations function. Below is a view into the core areas you'll lead. The expectation on day one is that you're ready to do the work yourself; the expectation over time is that you build systems and relationships that scale beyond you.

HIPAA & Security Program

• Build and run our HIPAA compliance program, including policies and procedures, workforce training, security risk assessments, and incident response planning
• Serve as our named HIPAA Security Officer
• Own the vendor risk program: BAA tracking, security review of vendors, and a maintained risk inventory covering our EHR marketplace tools and technology partners
• Establish security baselines across access control, audit logging, encryption standards, and workforce device security

Corporate IT & Identity

• Stand up identity and access management; work with our MSP on MDM and device provisioning for a growing distributed team
• Administer Google Workspace and our SaaS stack; own onboarding and offboarding workflows
• Set policies and tooling for a clinical workforce, including shared workstations, clinical devices, and role-based access

EHR & Vendor Operations

• Serve as system administrator for our EHR (Athena): user provisioning, configuration, workflow setup, and vendor support coordination
• Manage EHR marketplace vendors (ambient documentation, AI tooling) and other clinical software vendors across contracts, performance, and risk posture

MSP & Clinic Technology Operations

• Partner with our MSP on helpdesk, clinic networking, telephony, and on-site support
• Own clinic technology readiness: network, devices, phones, printing, and exam room technology, delivered through MSP partners under your direction
• Build the repeatable clinic IT playbook that will guide every future location we open

Team & Vendor Management

• Manage relationships with managed service providers, clinical software vendors, and compliance consultants to deliver high-quality work on time and within budget
• Develop clear performance goals and hold internal and external resources accountable to them
• Build and lead the technical operations team over time as the organization scales

Who You Are

You're a builder. You're energized by being the first person in your function - by the challenge of creating structure where none exists and owning outcomes end to end. You're equally comfortable writing a HIPAA policy, configuring an MDM tool, and holding a vendor accountable to an SOW. You don't wait for perfect information; you make pragmatic decisions, document them, and move.

You understand that in a pre-launch environment, the best solution is often the right-sized one - and you have the judgment to know the difference between a shortcut and a smart tradeoff.

Most importantly, you believe healthcare can be better - and you want to be part of the team proving it.

Qualifications

• 8+ years of progressive experience in IT operations, security, or healthcare technology operations, with time in a HIPAA-regulated provider or payer environment
• Proven success building a HIPAA compliance program from scratch, including risk assessments, policy development, workforce training, and incident response
• Deep understanding of identity and endpoint fundamentals: SSO, MDM, and least-privilege access
• Track record managing MSPs and vendors to outcomes, including writing SOWs, holding vendors accountable, and knowing when to insource
• Builder's temperament: comfortable being the first and only person in your function, equally willing to set strategy and do the hands-on work
• Rochester-based or willing to relocate
• Excellent leadership, collaboration, and communication abilities
• Mission-driven, collaborative mindset and a passion for improving access to high-quality primary care

Strong Pluses

• Experience administering an ambulatory EHR, Athena especially, or a comparable clinical system
• Experience standing up technology for de novo clinic sites
• A security certification (CISSP, HCISPP, or similar)
• SOC 2 program experience (on our roadmap, not a launch requirement)

What We Offer

• Starting salary range of $150-170k, commensurate with experience
• Comprehensive benefits package (medical, dental, vision, 401K)
• Flexibility to work from our Rochester, NY location with in-person presence at our clinics
• Opportunity to build something from the ground up
• Direct impact on how care is delivered to older adults
• High visibility and influence in a growing organization
• Collaborative, mission-driven team