Logo
job logo

Sr. Director of Information Technology

Model Oncology, Nashville, TN, United States

Firm: Model Oncology
Team: Technology & Innovation
Location: Nashville, TN

Model Oncology ("MO" or "Company") is a next-generation management services organization dedicated to enabling world-class cancer care services within health systems. MO does so through a partnership model that expands and enhances the oncology service lines of its health system partners through dedicated investment, a technology and analytical backbone, and a unique ecosystem of health system operators and physicians. The Company was founded by a group of executives and investors with unique expertise in oncology care and health system partnerships, having previously founded American Oncology Resources, The US Oncology Network, OneOncology, and Select Medical, with additional executive experiences at Via Oncology, Flatiron Health, and Evidation Health.

Summary

MO is seeking to expand the Product and Innovation team by adding a Sr. Director of Information Security. This person will work closely with Ed Rodgers (SVP, Product Innovation and Analytics) and be an integral part of the Company’s expansion of its security capabilities, including leading the Company’s security decisions and deployment. This role will have a unique opportunity to evolve the technical stack to the highest standards of security, compliance, and reliability required in healthcare technology. In 2026 the key security initiatives are preparing for and achieving SOC 2 Type 1 and HITRUST i1 certifications. This person will work closely with our leadership and founding development team to build and maintain robust, scalable infrastructure on Azure, manage our CI/CD pipelines, and ensure seamless integration with healthcare systems.

Infrastructure & Cloud Security Operations

  • Design, implement, and maintain scalable Azure cloud infrastructure security controls including monitoring, logging, and alerting systems while using Infrastructure as Code principles
  • Manage and optimize Azure service security for Virtual Machines, App Services, Azure Database for PostgreSQL, Kubernetes, and Azure Key Vault
  • Ensure high availability, disaster recovery, and backup strategies across all systems
  • Optimize cloud costs while maintaining performance and security standards
  • Contribute perspective on in-house end user compute environments and collaborate with security and privacy officers on ongoing governance and compliance

Systems Security and Maintenance

  • Administer Kubernetes Server environment security across development, staging, and production
  • Manage PostgreSQL database cluster security
  • Implement and maintain security best practices including patch management, access controls, and compliance monitoring

Healthcare Integrations & Security

  • Design and implement secure connectivity methods for healthcare system integrations (VPN, HL7, FHIR)
  • Ensure HIPAA compliance across all systems and data flows
  • Implement security controls for protected health information (PHI) handling
  • Oversee SOC 2 and HITRUST Certification processes

Python & Automation Security

  • Contribute perspective on appropriate Bash and Python scripts and tools for CI/CD security checks, system automation, monitoring, and operational tasks
  • Contribute perspective on custom solutions for healthcare data processing and integration workflowsCollaborate with development team on software deployment lifecycle and ongoing optimization

Required Qualifications

  • 3+ years of experience configuring and administering Microsoft compliance and security controls
  • 3+ years of experience collaborating directly with systems engineering, DevOps, or related infrastructure roles
  • 3+ years of hands‑on experience with Microsoft Azure cloud services and architecture
  • Understanding of HIPAA compliance requirements and healthcare security standards and protected data management
  • Previous experience in healthcare technology or regulated industries
  • Experience with security frameworks and compliance auditing
  • Experience with GitLab administration and CI/CD pipeline development
  • Experience with PostgreSQL database security administration, optimization, and clustering
  • Infrastructure as Code Security Knowledge
  • Knowledge of containerization technologies (Kubernetes)
  • Experience with monitoring and logging tools
  • Solid understanding of networking, security, and cloud architecture best practices

Preferred Qualifications

  • Experience managing SOC 2 and HITRUST Certification and certificate maintenance activities
  • Bachelor's degree in Computer Science, Engineering, or related technical field
  • Proficiency in Bash and Python for automation and system integration
  • Experience with Azure services
  • Familiarity with healthcare integration engines (Mirth Connect, Rhapsody, or similar)
  • Understanding of healthcare workflows and clinical data standards

Technical Environment

  • Cloud Platform: Microsoft Azure, Azure FrontDoor, AKS
  • Databases: PostgreSQL clusters
  • Data Processing: Python
  • CI/CD: GitHub Enterprise
  • Pipeline Orchestration: Dagster / ArgoCD
  • Business Intelligence: PowerBI
  • Healthcare Standards: HL7 v2.x/v3, FHIR R4, DICOM
  • Security: Azure Key Vault, data encryption, tokenization services
  • Monitoring: Azure Monitor, custom data quality dashboards
  • Corporate IT Tools: M365 E5 Suite, Oracle NetSuite, Salesforce, Zoom, Claude Enterprise

#J-18808-Ljbffr