Director of IT

Job Summary:

Director of Information Technology (IT) is responsible for technology strategy and day-to-day operations across our PE-backed, multi-site behavioral health platform delivering IOP and PHP programs. This is a senior technology role serving as the internal authority on systems, security, and technology investment.

The Director of IT directly administers and governs Lightfully's core platform – Salesforce, Kipu (EMR), call center technology, and the Microsoft 365 environment. This role also oversees the data warehouse, Power BI reporting infrastructure, and the internal and contract resources that support analytics, helpdesk, and network operations. The ideal candidate is a hands-on operator with healthcare IT experience who can manage vendors, secure a clinical environment, and drive platform improvements.

Major Responsibilities:

• Upholds and maintains the Company, mission, and values (called the Lightfully “Shining Commitments”).

IT Operations & Infrastructure

• Manage company-wide IT operations across all program locations
• Manage the full lifecycle of all network and end-user devices — servers, routers, WAPs, laptops, desktops, tablets, and phones — including procurement, patching, and decommissioning
• Manage Microsoft 365 administration and identity and access management
• Ensure uptime and performance of all critical systems including Salesforce, Kipu, telephony, and collaboration platforms
• Develop and maintain IT documentation, SOPs, asset inventories, and disaster recovery plans
• Directly manage or oversee contract and consulting resources across helpdesk, network support, data engineering, and analytics; ensure accountability, quality of output, and alignment to Lightfully's IT roadmap

Cybersecurity & Compliance

• Own and maintain the organization’s cybersecurity program aligned to the NIST Cybersecurity Framework (CSF); conduct or commission an annual HIPAA Security Risk Assessment and maintain a tracked risk register
• Administer security solutions including MDR/XDR, email security, and DNS filtering
• Design and enforce identity and access controls including RBAC, Privileged Identity Management (PIM), MFA, and Conditional Access policies
• Own data protection controls including endpoint encryption, data in transit (TLS/IPsec), and DLP policies covering ePHI and sensitive patient data
• Maintain and exercise a documented incident response plan; serve as internal IR coordinator and primary communicator to leadership
• Ensure HIPAA and 42 CFR Part 2 compliance across all technical safeguard domains; produce annual compliance summary for leadership and legal counsel

Vendor Management

• Own the IT Vendor relationships: serve as primary point of contact, and lead quarterly business reviews (QBRs) with Vendor leadership
• Monitor IT Vendor SLA performance; escalate and enforce contractual remedies when thresholds are missed
• Evaluate and recommend technology vendors, systems, and platforms
• Manage IT contracts, renewals, and technology budgets

Salesforce Platform Administration

• Serve as Lightfully's internal Salesforce administrator and primary platform owner, supporting admissions, census management, utilization review, and business development use cases
• Manage user provisioning, profiles, permission sets, roles, and security settings; enforce data access controls and field-level security aligned to HIPAA requirements
• Build and maintain flows, process automations, validation rules, reports, and dashboards supporting admissions, utilization review, and business development workflows
• Serve as primary liaison to Salesforce support, implementation partners, and third-party vendors integrated with the platform
• Govern Salesforce data integrity including deduplication, record ownership, and integration with other clinical systems
• Support new acquisition onboarding onto the Salesforce platform; manage sandbox environments, change management, and release processes
• Partner with clinical operations and admissions leadership to translate business requirements into platform configuration and enhancements

Clinical Systems & EHR Management

• Serve as the internal IT owner for the Kipu EMR platform; manage system configuration, user access, integration points, and vendor relationship
• Coordinate IT support for clinical workflows including clinical documentation, medication management, billing integrations, and reporting
• Support and troubleshoot clinical technology across IOP/PHP program locations including telehealth platforms and patient-facing systems
• Own the clinical platform roadmap; evaluate EHR enhancements, integrations, and potential migration decisions in partnership with clinical and operations leadership
• Maintain connectivity and data flow between Kipu, Salesforce, and downstream reporting or billing systems

Call Center Technology

• Administer and support the organization’s call center technology stack including ACD/IVR platforms, call routing, voicemail, and auto-attendant configuration
• Manage integrations between the call center platform and other systems to support admissions and patient access workflows
• Monitor call center system performance and uptime; coordinate with telecom vendors on issue resolution

User Support

• Oversee IT helpdesk support across all locations; ensure timely ticket resolution and escalation
• Support employee onboarding and offboarding including device setup, account provisioning, and access deprovisioning across all platforms

Strategic Technology Leadership

• Develop scalable IT strategies to support company growth and acquisition activity
• Prepare and present IT reporting for executive leadership including technology KPIs and security posture summaries
• Own the annual IT budget: develop technology investment plan, track spend against plan, and identify cost optimization opportunities
• Own data and reporting infrastructure; oversee analytics and business intelligence initiatives
• Participate in leadership discussions regarding systems, reporting, cybersecurity, and operational technology
• Identify opportunities for automation, workflow efficiency, and AI-assisted tooling across admissions, clinical operations, and back-office functions

Specific Skills/Competencies:

• Salesforce administration required: Salesforce Administrator experience strongly preferred; hands-on experience with flows, permission sets, integrations, and data governance in a production org
• Microsoft 365 / Entra ID administration required: hands-on experience with M365, Teams, SharePoint, Intune MDM, and Conditional Access and identity governance in Entra ID
• Healthcare IT experience required: Applied HIPAA Security Rule experience including conducting or participating in a formal Security Risk Assessment, managing BAA execution, and maintaining documented security policies
• Clinical EMR administration required; Kipu experience strongly preferred; experience with another behavioral health EMR acceptable
• Experience administering call center technology; familiarity with Salesforce CTI integration preferred
• Cybersecurity program experience: working knowledge of NIST CSF and HIPAA Security Rule technical safeguards; familiarity with MDR/XDR platforms, RBAC/PIM, email security, EDR solutions, MFA, data encryption, Firewalls / IPS, and security patch management
• Strong troubleshooting, vendor management, and executive communication skills
• Able to communicate effectively in English, both verbally and in writing.
• Ability to communicate and write clearly and professionally is required.
• Ability to maintain confidentiality.
• Strong communication skills. Must have the ability to effectively present information and respond to questions from patients, referents, and the public.

Physical Requirements

• Must have the ability to communicate with individuals over phone, electronic correspondence, and in-person.
• May need to ascend and descend stairs during site visits, most locations are multiple-story facilities, may require going up and down stairs.
• Ability to operate in occasionally noisy environments.
• May be required to stand, sit, stoop, bend, and lift/move up to 20 lbs.
• Able to work for prolonged periods sitting at a desk and working on a computer.

Mental/Social Requirements

• Must be able to demonstrate working effectively with and show respect to all clients/patients and staff, including those from diverse ethnic, cultural, religious, socioeconomic, sexual preferences and/or identities, gender identities/expression, and political backgrounds.
• Must demonstrate ability to navigate crisis and solving problems independently, using best judgment and critical thinking skills.
• Must maintain a positive, friendly, and welcoming attitude with staff and clients at all LBH facilities and within the organization.
• Must utilize professional communication when addressing issues with clients or staff.

 Other Information

• Must pass extensive background check.
• Must meet criteria of our auto use policy, including driving a vehicle and possessing valid Driver’s License.
• Travel 15–25% of the time for site visits and leadership meetings
• This is a remote position and requires the ability to perform all duties and responsibilities at home.

Qualifications

• Bachelor's degree or equivalent experience, required; Master's degree preferred.
• 7+ years of IT management experience, with at least 3 years in a clinical healthcare environment.

The pay range for this position is $130,000-$170,000 annually.