Security Operations Engineer

About The Position

Requirements

• 4+ years of experience in IT systems administration and/or security
• A veteran of ITSM or Systems Administration with experience in security.
• Have deep, hands-on experience with enterprise administration of Google Workspace and Slack.
• Have built integrations against SaaS APIs, not just configured them through consoles.
• Have been the final escalation tier for platform issues.
• Have successfully delivered complex projects from conception to production.
• Results-driven — focus your time and resources against the most important priorities.
• Excel at operating independently and taking ownership of your work.
• Comfortable with ambiguity; bring a structured, proactive approach to get things done.
• Strong critical thinking — able to troubleshoot problems and implement corrective actions quickly.
• Write clear documentation as a natural part of your workflow.
• Constantly seeking ways to simplify and improve how things are done.
• Communicate technical concepts clearly to any audience, verbally and in writing.
• Enjoy solving ambiguous problems with multiple stakeholders.
• Collaborative, assuming positive intentions; willing to roll up your sleeves and work effectively with people of all backgrounds.
• Accountable — hold yourself and others to a high standard, and support and develop those around you.
• Strong service mentality; customer-focused, with a passion for serving patients and providers.
• Passionate about solving real problems in American healthcare.

Nice To Haves

• 4+ years of IT & system administration experience
• A degree in computer science, engineering or technical discipline
• Experience in maintaining troubleshooting a wide variety of systems and networks
• Experience with Azure AD
• Experience with SharePoint and Office 365 administration
• Experience with cybersecurity principles.
• Comp TIA A+ Certification
• Network+ Certification

Responsibilities

• Manage the enterprise security program.
• Define systems security requirements, architecture, and policies according to regulatory and business requirements.
• Own Confidentiality, Integrity, and Availability of all systems, services, and technologies.
• Develop roadmaps for technology domains to improve operational and security posture.
• Maintain awareness of emerging and trending threats.
• Track and report on security infrastructure, configurations, design performance measures, and ongoing vulnerability and risk assessments.
• Architect security, policy, and risk controls.
• Own tenant-wide security architecture for Microsoft 365, Azure, and other core SaaS collaboration platforms.
• Design compartmentalization and data-governance models that scale with the company.
• Conduct secure design reviews and threat modeling; identify and prioritize risks, attack surfaces, and vulnerabilities.
• Translate written policies into policy-as-code—working with Engineering, Product, and Ops to express requirements as enforceable rules, automated checks, and continuous validation – not just static documents.
• Establish feedback loops between policy and implementation: surface where controls diverge from written requirements and where policies need to evolve based on infrastructure realities.
• Design and build automated workflows for risk management and compliance, enabling continuous monitoring as Hopscotch grows.
• Build data pipelines that aggregate risk, control, and asset information across the tech stack—mapping disparate schemas, handling inconsistent data quality, and creating unified views of compliance posture through dashboards and reporting.
• Build integrations and automation against SaaS APIs to automate provisioning and catch drift.
• Design and maintain integrations connecting security tooling with cloud infrastructure, identity management, HRIS, ticketing, version control, and pipelines for automated evidence collection and continuous compliance validation.
• Design and deploy agentic AI workflows that extend team capacity - serving as a virtual analyst to automate evidence analysis, monitor control effectiveness, draft audit responses, and interpret policy documents.
• SOC / SIEM / IPS monitoring, alerting, and response.
• Network, email, and endpoint detection and response.
• Configuration baselining and assessment.
• Security education and awareness.
• Inform platform strategy: evaluate, select, and deploy tooling that meets compliance requirements, in partnership with other programs.
• Configure the application side of SSO connections and SCIM attribute mappings.
• Facilitate and manage security vendor/partner relationships, including Managed Detection and Response (MXDR) and Identity & Access Management (IAM).
• Serve as the final escalation tier for platform issues Support can't resolve, and provide additional technical support and oversight as needed.

Benefits

• Paid holidays + PTO
• Company sponsored medical, dental, and vision insurance for you + your family
• FREE short-term and long-term disability insurance
• FREE $100k life insurance policy
• 401k plan with 4% company match + no vesting period
• $720 - $1,000 added to employee Health Savings Account annually for eligible health plans