IT & Security Engineer (Contract)

About The Position

Requirements

• Bachelors Degree in Cybersecurity, Information Technology, Computer Science, Information Assurance, IT Management, or a related field.
• Scripting experience is required. You can write working scripts in at least one of: Bash, Python, or PowerShell. You don't need to be a software developer, but you should be comfortable automating tasks with code.
• Working knowledge of the Linux command line, file system navigation, permissions, process management, log inspection (grep, awk, sed, tail, journalctl).
• Comfort with macOS as a daily-driver OS and basic troubleshooting on Mac.
• Solid IT troubleshooting fundamentals, networking basics (DNS, DHCP, VPN, TLS), authentication flows (SAML, OAuth, MFA), and hardware/software support.
• Comfort using Git, GitHub, and the terminal.
• Actively follows trends in IT, cybersecurity, and AI, with a strong desire to experiment with new tools.
• Strong written communication; you can document what you did so others can use it.
• Must reside in the U.S.

Nice To Haves

• Hands-on exposure to any of: Okta, ZScaler, Jamf/Kandji/Intune, CrowdStrike/SentinelOne, Splunk, Wazuh, AWS, GCP - academic labs, home labs, and personal projects all count.
• Familiarity with DLP concepts (data classification, exfiltration channels, false positives).
• Familiarity with WAF concepts (OWASP Top 10, rule tuning, rate limiting).
• Experience with SIEM querying (Splunk SPL, Wazuh rules, Sigma) or log analysis.
• Exposure to compliance frameworks (SOC 2, HIPAA, NIST CSF, ISO 27001).
• Experience with LLMs, agents, MCP servers, or prompt engineering through projects, hackathons, or coursework.
• SQL skills for querying data (Postgres, Redshift, BigQuery).
• Participation in CTFs, TryHackMe, HackTheBox, or similar.
• A public GitHub portfolio with scripts, automations, or write-ups.
• Interest in healthcare technology or working in a regulated environment.

Responsibilities

• Support day-to-day IT operations: user onboarding/off-boarding, hardware provisioning, troubleshooting tickets, and end-user support.
• Help manage our macOS laptop fleet, MDM enrollment, configuration, software deployment, and compliance baselines.
• Troubleshoot connectivity, hardware, software, and authentication issues across Mac, Linux, and Windows environments.
• Document fixes, runbooks, and FAQs to help the team scale.
• Assist with Okta administration, user lifecycle, group management, SSO/MFA configuration, application assignments, and access reviews.
• Help run periodic access reviews and collect audit evidence.
• Support ZScaler operations, policy review, bypass requests, log analysis, and user troubleshooting.
• Help maintain DLP policies and triage alerts for potential data exfiltration.
• Assist with WAF rule review, false-positive tuning, and traffic analysis (AWS WAFv2 / Akamai).
• Support SIEM operations in Splunk/Wazuh by querying logs, building dashboards, and tuning alerts.
• Write and maintain scripts to automate repetitive IT/Security tasks - log analysis, evidence collection, ticket enrichment, account hygiene, and reporting.
• Build small tools that make the team faster (no full-stack development required).
• Contribute to and use AI/agentic workflows the team has built (MCP servers, Claude-based runbooks) to accelerate investigations.

Benefits

• Hourly pay is based on experience and level