IT Security Engineer

is a healthcare technology company at the forefront of AI in precision medicine. Our HIPAA-compliant SaaS platform empowers healthcare providers with advanced precision omics analysis tools, enabling personalized patient care backed by cutting-edge science. We're building the future of healthcare data AI, and we need a skilled IT and Security Engineer to help us scale securely.

We're looking for a versatile

IT Security Engineer

to join our growing team. In this role, you'll wear multiple hats—providing day-to-day IT support to our team while also taking ownership of our security posture across our platform and CI/CD pipeline. This is a unique opportunity to build security practices from the ground up at a healthcare startup where your work directly impacts patient outcomes.

What You'll Do

IT Support & Infrastructure

• Manage and support corporate IT infrastructure including endpoint devices, networking, and productivity tools (Google Workspace, Slack, etc.)
• Provide technical support to team members, troubleshooting hardware and software issues
• Administer identity and access management (IAM) systems, including user provisioning and access reviews
• Manage and maintain MDM solutions and our Rippling platform for device security, compliance, and IT automation
• Document IT processes, procedures, and maintain an internal knowledge base

Security Engineering

• Design, implement, and maintain security controls across our cloud infrastructure and SaaS platform
• Integrate security tooling into our CI/CD pipeline, including SAST, DAST, dependency scanning, and container security
• Conduct security assessments, vulnerability scans, and coordinate remediation efforts with engineering teams
• Manage and monitor endpoint detection and response (EDR) using SentinelOne, investigating and responding to security alerts and threats
• Develop and enforce security policies, standards, and best practices
• Support HIPAA compliance efforts, including security risk assessments, audit preparation, and maintaining security documentation

DevSecOps & Automation

• Build and maintain infrastructure-as-code (IaC) with security best practices baked in
• Automate security testing and compliance checks within the development workflow
• Implement secrets management and secure configuration practices
• Champion security awareness across the engineering team through training and code reviews

What We're Looking For

Required

• 3+ years of experience in IT support, systems administration, or security engineering
• Hands-on experience with cloud platforms (AWS, GCP, or Azure) and their security services
• Familiarity with CI/CD tools (GitHub Actions, GitLab CI, Jenkins, or similar) and integrating security into pipelines
• Understanding of common security frameworks and standards (SOC 2, NIST, CIS Benchmarks)
• Experience with vulnerability management, SIEM tools, and security monitoring
• Vibe coding expertise for automation
• Excellent communication skills and ability to work across teams

Nice to Have

• Experience in a healthcare environment with HIPAA compliance requirements
• Experience with Rippling for IT management and automation
• Experience with SentinelOne or similar EDR platforms
• Background in penetration testing or application security
• Familiarity with healthcare data standards (HL7, FHIR)