Technical Lead I

Statement of Purpose

This role provides senior-level technical leadership for healthcare IT operations, including infrastructure, cybersecurity, systems integration, software planning, and project coordination. It supports systems that handle regulated data such as electronic protected health information and records subject to HIPAA, HITECH, CMIA, and 42 CFR Part 2 Final Rule requirements, with cybersecurity practices aligned to the NIST Cybersecurity Framework. The role is responsible for protecting confidentiality, integrity, and availability of regulated data through governance, least-privilege access, separation of duties, audit logging, incident response, recovery planning, and formal change management.

Major Tasks, Duties and Responsibilities

• Designs enterprise healthcare infrastructure architecture that supports secure and reliable operations.
• Develops technical standards for cloud services, identity systems, networking, cybersecurity controls, and infrastructure governance.
• Leads initiatives for modernizing infrastructure, managing migrations, and executing enterprise technology projects.
• Coordinates the architectural planning for Microsoft 365, Active Directory, virtualization, backup systems, and enterprise services.
• Facilitates integration planning for healthcare applications, EHR systems, SQL databases, cloud services, and third-party systems.
• Ensure proper infrastructure governance to support the confidentiality, integrity, and availability of regulated data.
• Implements access controls based on the principle of least privilege, ensures separation of duties, and establishes governance for privileged access.
• Supports infrastructure logging, monitoring, audit evidence retention, and access review activities.
• Coordinates cybersecurity incident response activities and operational investigations.
• Leads the planning for disaster recovery, conducts recovery testing, and validates enterprise backups.
• Coordinates and documents change management procedures, including infrastructure modifications.
• Ensures compliance with HIPAA Security Rule safeguards, HITECH breach response obligations, and 42 CFR Part 2 confidentiality protections.
• Maintain professional boundaries and standards.
• Treat clients with respect, care and concern.
• Comply with confidentiality requirements at all times.
• Maintain health and safety standards of facility.
• Recognize personal biases working within diverse populations.
• Maintain cultural sensitivity at all times.
• Maintain familiarity with BHS policies and procedures and other applicable regulations; performs job duties accordingly. Represent BHS well in all contacts.
• Attend meetings and training courses and participate in committees as assigned.

Technical Lead I Competencies and Performance Expectations

• Advanced knowledge of Windows Server, Microsoft 365, Active Directory, networking, virtualization, and cloud services.
• Solid understanding of healthcare cybersecurity, privacy, and compliance requirements.
• In-depth knowledge of least privilege access controls, separation of duties, audit logging, and recovery planning.
• Strong documentation, project planning, organizational, and analytical skills.
• Must be able to lift up to 25 pounds.
• Must be able to move and install computer equipment.
• Prolonged periods of sitting at a desk and working on a computer.
• Ability to complete the above major tasks, duties and responsibilities
• Ability to demonstrate professional judgment and decision-making
• Ability to adhere to professional standards

Prerequisite Qualifications

Following are the qualifications required to perform the essential functions of this position. Qualifications may be subject to modification based on the Americans with Disabilities Act.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field is preferred.
• Minimum of 5 to 7 years of progressive experience in enterprise infrastructure or healthcare IT is necessary.
• Minimum of 1 to 2 years of L3 Infrastructure / Cloud experience in an MSP setup or a Cloud / Data center environment 
• Advanced proficiency in networking, routing, switching, and enterprise connectivity is essential.
• Strong hands-on experience with Windows Server administration and Microsoft 365 is required.
• A solid understanding of Active Directory architecture and group policy management is important.
• Practical experience with endpoint security, firewalls, vulnerability remediation, and intrusion prevention technologies is needed.
• A strong understanding of HIPAA, HITECH, 42 CFR Part 2, incident response, audit support, and NIST-aligned cybersecurity practices is essential.