Senior Platform & Security Engineer in Philadelphia

Energy Jobline
Philadelphia, United States of America
25 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Philadelphia, United States of America

Tech stack

Microsoft Windows
Artificial Intelligence
Microsoft Antivirus
Application Performance Management
Azure
Software as a Service
Cloud Storage
Computer Security
Continuous Integration
DevOps
Identity and Access Management
Information Technology Operations
Key Management
PostgreSQL
Log Analysis
Microsoft Office
SQL Azure
Azure
Azure DevOps Pipelines
SharePoint
Software Vulnerability Management
Azure
Data Logging
Cloud Platform System
Microsoft Sentinel
Azure
Key Vault

Job description

We are looking for a Senior Platform and Security Engineer to own the Azure infrastructure, IT operations, and technical implementation of security controls that underpin this platform. This is a hands-on individual contributor role with a potential path toward team leadership as the company grows. You will work closely with the engineering team on platform changes and directly with leadership on SOC 2 Type 2 and HIPAA audit preparation., Azure Platform Ownership

  • Own infrastructure for all Azure resources across development, UAT, and production environments

  • Manage and evolve Azure DevOps pipelines for build, test, and deployment

  • Operate Azure Container Apps, App Service, Service Bus, Azure Database for PostgreSQL Flexible Server, Blob Storage, and supporting services

  • MaintainAzure Key Vault including secrets rotation and enforcement of least-privilege access

  • Configure and tune Application Insights and Log Analytics, including PHI-safe logging pipelines that prevent sensitive data from appearing in telemetry

Security Controls and Compliance

  • Implement andmaintaintechnical controls in support of SOC 2 Type 2 and HIPAA compliance programs
  • Administer Entra ID including conditional access policies, MFA enforcement, group lifecycle management, and governance
  • Partner with leadership on audit preparation, evidence collection, and control documentation
  • Contribute to incident response readiness, including tabletop exercises and runbook development
  • Manage logging and alerting functions through Microsoft Purview and Microsoft Sentinel, including alert tuning, analytics rules, and data connector configuration
  • Maintain and improve the organization's security posture through vulnerability management, access reviews, and security monitoring

IT Operations

  • Own Office 365 administration, SharePoint configuration, and SaaS tool management for the organization
  • Serve as the internal technical authority on endpoint security, device management, and employee access provisioning
  • Evaluate and onboard new tooling as the company scales, with a bias toward security and operational simplicity

The Technical Environment

  • Infrastructure: Azure Container Apps, Azure App Service, Azure Service Bus, Azure Database for PostgreSQL Flexible Server, Azure Blob Storage

  • Security and : Azure Key Vault, Microsoft Entra ID, Microsoft Defender, Azure Policy

  • Observability and Security Operations: Application Insights, Log Analytics Workspaces, Microsoft Sentinel, Microsoft Purview

  • CI/CD: Azure DevOps pipelines

  • Productivity: Microsoft 365, SharePoint, Teams

  • Compliance targets: SOC 2 Type 2, HIPAA

Requirements

  • 7-10 years in cloud platform engineering, DevOps, or infrastructure security
  • Hands-on production Azure experience across thefull servicelifecycle, not just resource provisioning
  • Practical experience implementing technical controls for HIPAA and SOC 2 Type 2
  • Fluent in Entra ID: conditional access, MFA, role assignments, and governance
  • Appliesappropriate safeguardsfor protected health information, including PHI-safe logging pipelines, data isolation, and least-privilege access controls
  • Comfortable owning IT operations end-to-end: M365, SaaS administration, and employee access management included
  • Brings a point of view. This role requires someone who assesses the environment,identifiesgaps, and recommends a path forward
  • Energized by doing the work. This is a hands-on role with full ownership of the platform and security posture
  • Healthcare or regulated industry background is a genuine advantage
  • Comfortable incorporating AI-assisted tools and workflows into day-to-day work to improve speed and quality

Apply for this position