Chamber is a company focused on transforming cardiology through innovative technology and empathetic care. They are seeking an IT Systems Engineer to manage IT administration and security operations, ensuring the infrastructure remains secure as the company scales. This role involves provisioning devices, managing security protocols, and contributing to compliance efforts.
Responsibilities:
- Provision, configure, and maintain Apple (macOS/iOS) and Windows 11 endpoints using MDM solutions (Intune, NinjaOne, Apple Business or equivalent)
- Manage the full device lifecycle: imaging, enrollment, patching, retirement, and asset tracking
- Administer Okta IdP & Microsoft 365 (Exchange Online, SharePoint, Teams, OneDrive, Azure AD) including user provisioning, licensing, and policy enforcement
- Maintain identity and access controls — enforce MFA, Conditional Access policies, and least-privilege principles across all platforms
- Own the Keeper Password Manager environment: administer vaults, shared folders, role-based permissions, and enforce enterprise password policies
- Serve as Tier 2/3 helpdesk escalation for macOS and Windows issues; build self-service documentation to reduce repeat tickets
- Contribute to SOC 2, HIPAA, and internal audit readiness by maintaining accurate records of access, configurations, and security controls
- Develop and maintain IT policies, acceptable use agreements, and onboarding/offboarding checklists
- Conduct periodic access reviews and user entitlement audits across M365, AWS, Keeper, and SaaS applications
- Support security awareness training initiatives and phishing simulation programs
- Monitor and triage security alerts in Datadog (logs, APM, infrastructure metrics) and Sophos Central (endpoint protection, firewall, XDR)
- Investigate and respond to endpoint threats, phishing attempts, and anomalous behavior; document incidents and escalate appropriately
- Tune Sophos policies (web filtering, application control, device encryption, threat intelligence rules) to balance security with productivity
- Build and maintain Datadog dashboards and monitors for infrastructure health, authentication events, and security KPIs
- Participate in on-call rotation for critical security incidents; conduct post-incident reviews and implement remediations
- Support vulnerability management: track CVEs, coordinate patching windows, and validate remediation closure
Requirements:
- 3–6 years of combined experience in IT administration and/or security operations in a corporate or startup environment
- Hands-on experience managing macOS and Windows endpoints at scale; familiarity with Apple Business Manager and Intune or similar MDM
- Strong understanding of SSO and oAuth and general IAAA access control
- Proficiency with Microsoft 365 administration: Exchange Online, Teams, SharePoint, Azure AD, Conditional Access, and Defender for Business
- Working knowledge of Sophos Central — endpoint protection, XDR, firewall management, and policy configuration
- Experience with Datadog for infrastructure monitoring, log management, and alerting; ability to write log queries (QLDB / Datadog query language)
- AWS fundamentals: IAM, EC2, S3, VPC, CloudTrail, and security group management; AWS Solutions Architect Associate (SAA-C03) or equivalent experience preferred
- Experience administering an enterprise password manager (Keeper, 1Password, or similar)
- Understanding security frameworks and best practices: Zero Trust, NIST CSF, CIS Controls, and/or HIPAA technical safeguards
- Experience in a healthcare or health-tech startup environment with exposure to HIPAA compliance
- Scripting skills in Python, PowerShell, or Bash for automation of routine IT/security tasks
- Experience with endpoint detection and response (EDR) platforms beyond Sophos
- Prior exposure to SOC 2 Type II audits and evidence collection workflows