Senior IT & Compliance Engineer

• Security & compliance. Run the recurring security and compliance program across AWS and GCP - posture review, encryption and key management, vulnerability and patch management, and endpoint hardening - driving remediation to closure and producing audit-ready evidence.
• Cloud & IT infrastructure. Operate and harden core infrastructure (IAM, VPCs and network controls, secrets); codify guardrails as code (Terraform); and own backup and disaster-recovery testing with validated RPO/RTO.
• IT consolidation. Lead the merge of duplicated collaboration and productivity systems - Jira, Slack, and email across Microsoft 365 and Google Workspace - onto single platforms, with clean migration, identity and license unification, and decommissioning of retired tooling.
• Networking. Design and operate secure connectivity within and between clouds - VPN tunnels, peering, routing, DNS, and firewall policy - including links to partner, lab, and clinical-integration endpoints under our zero-trust model.
• Identity & single sign-on. Build and run the customer identity layer (GCIP) and enterprise SSO (SAML / OIDC) with SCIM provisioning, keeping workforce and customer identity planes cleanly separated.
• Audit, risk & governance. Drive SOC 2 Type II readiness and HIPAA audit support; maintain the risk register, BIA/BCP, third-party and BAA reviews, and the privacy program; and respond to customer security questionnaires.

Do you have experience in Terraform?, * Multi-cloud depth: 7+ years across IT, cloud infrastructure, and security, with hands-on experience in both AWS and GCP.

• Workplace administration: Strong administration of Microsoft 365 / Entra ID and Google Workspace - identity, directory, group, and license management.
• IT consolidation: Proven experience merging or migrating duplicated systems (Jira / Slack / email tenants, domain and identity unification, or post-merger IT integration) with minimal disruption.
• Compliance: Hands-on experience running or supporting SOC 2, HIPAA, HITRUST, or NIST-based programs, including evidence collection and audit support.
• Networking & identity: Solid VPN, routing, firewall, and DNS fundamentals; plus SSO (SAML / OIDC), SCIM, and identity federation.
• Automation: Infrastructure as code (Terraform) and scripting (Python / Bash).

Nice to have

• Healthcare / health-tech experience handling PHI or other regulated data.
• Post-merger or multi-entity IT integration experience at a startup or scale-up.
• Certifications such as Google Professional Cloud Security Engineer, AWS Security Specialty, CISSP, CISA, or HCISPP.