** Preferred location for candidate is Louisville, KY, but also open to remote candidates in the Eastern Time Zone **

eBlu Solutions was founded in 2012 to help specialty medical practices manage the complex workflow associated with high-cost infusion and injection treatments. Simply put, our solution gets patients to treatment faster.

JOB SUMMARY

The Director of Information Technology and Cyber Security will manage a small, agile team working cross-functionally to ensure operational reliability, security, and scalability. This position will also play a key role in managing vendor and partner relationships, conducting internal audits, and responding to third-party audits in line with HIPAA and SOC 2 compliance standards. This role will report to the Chief Technology Officer.

Requirements:

KEY RESPONSIBILITIES

Strategic IT Leadership

• Develop and implement IT policies, procedures, and best practices to support organizational objectives.
• Lead IT initiatives and projects, including the design and deployment of new systems and services.
• Manage the IT budget and ensure alignment with business priorities and cost-efficiency.
• Collaborate with leadership to shape the long-term IT roadmap in support of company growth.

Cybersecurity and Risk Management

• Design and enforce a comprehensive cybersecurity program, including endpoint protection, firewalls, and threat detection.
• Implement and maintain comprehensive cybersecurity policies, procedures, and protocols to safeguard organizational assets and maintain healthcare standards compliance.
• Conduct regular risk assessments, vulnerability scans, penetration tests, and security audits.
• Respond to incidents and lead incident response efforts in collaboration with internal stakeholders to ensure compliance with relevant cybersecurity regulations and frameworks, including HIPAA.
• Champion phishing awareness, social engineering defense, and other proactive risk mitigation strategies.
• Stay current with emerging threats and best practices in cybersecurity to ensure that the company’s defenses are state-of-the-art

HIPAA Compliance and PHI Protection

• Ensure IT systems and processes are designed to meet HIPAA and healthcare compliance standards.
• Implement and maintain controls for safeguarding PHI including encryption, access restrictions, and secure storage.
• Conduct routine HIPAA risk assessments and use findings to drive continuous improvement.
• Provide ongoing training and resources to educate staff and enforce compliance with policies around data security and privacy.

Team Leadership

• Lead, coach, and mentor a small team of IT and cybersecurity professionals.
• Create an inclusive, collaborative team culture focused on ownership, quality, accountability, and continuous improvement.
• Conduct performance reviews and support ongoing professional development.

Public Cloud and SaaS

• Manage and collaborate on access control and security across Azure and Google Cloud Platform (GCP).
• Oversee evaluation, deployment, and management of SaaS tools with a focus on HIPAA compliance, cost-effectiveness, and system integration.
• Define and maintain SaaS governance including access control and lifecycle management.

Microsoft 365 Administration

• Oversee administration of the Microsoft 365 environment, including user accounts, licenses, policies, and services.
• Provide internal support and training to ensure optimal adoption and secure usage of Microsoft 365 tools.
• Stay up to date with Microsoft 365 feature updates, assess applicability to business needs, and provide training to staff as needed.

Network and Systems Management

• Maintain the corporate network and IT infrastructure for performance, security, and uptime.
• Manage routine monitoring, upgrades, and resolution of technical issues across systems and endpoints.
• Ensure alignment with best practices for secure and resilient architecture.

Support for Operational and Call Center Teams

• Partner with operations leadership to support tools and platforms critical to call center workflows.
• Ensure the reliability of telephony systems and related applications used by customer-facing staff.
• Drive improvements in technology-enabled efficiency and user experience for operations teams.

Vendor and Audit Management

• Collaborate with the CTO on managing vendor and third-party relationships.
• Represent the company in third-party audits and lead internal audits of vendors for compliance.
• Maintain documentation and evidence to support ongoing HIPAA, SOC 2, and partner audit requirements.

EXPERIENCE, SKILLS & QUALIFICATIONS

EDUCATION

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field.

EXPERIENCE

• 10+ years of progressive experience in IT, including leadership in cybersecurity, infrastructure, and operations.
• Proven experience in healthcare IT or a highly regulated industry (HIPAA, SOC 2).
• Deep knowledge of cloud technologies (Azure and GCP), network administration, and Microsoft 365.
• Strong experience leading security programs and responding to cyber threats including phishing and social engineering.
• Skilled in managing cross-functional projects and leading technical teams.
• Excellent communicator, problem solver, and collaborator with a proactive mindset and ability to present complex technical information to non-technical stakeholders.

PREFERRED EXPERIENCE

• Certifications such as CISSP, CISM, or CISA.
• Prior experience in the healthcare industry.

PHYSICAL & TECHNICAL ENVIRONMENT

• Ability to work at a desk in the office for long periods of time.
• The noise level in the work environment is moderate.
• Specific vision abilities required by this job include close vision and color vision.
• Ability to maintain focus under high levels of pressure/multiple priorities.

BENEFITS

• Competitive pay and performance-based incentives
• Comprehensive health, dental, and vision insurance
• Retirement savings plan with company matching.
• Flexible schedules with both remote and hybrid work options.
• Professional development and growth opportunities
• Generous paid time off and holiday schedule.

EBLU SOLUTIONS IS AN EQUAL OPPORTUNITY EMPLOYER – eBlu Solutions seeks talent from all backgrounds to bring diversity of thought, agility, and capability to our organization. We promote a working environment where all employees are treated and rewarded fairly. We do not tolerate any form of discrimination that adversely affects individuals or groups based on national origin, race, color, religion, sex, gender, sexual orientation, marital status, disability, age, or any other legally protected aspect of a person’s identity.