Jobs · Information Technology

IT Systems Engineer

Chamber · Washington, DC · 5 days ago
RemoteRemoteInformation TechnologyFull-time

About the Role

Chamber is hiring its first IT & Security Engineer — a foundational hire who will report directly to the Head of Security and IT. You're not walking into an established playbook; you're helping write it. From endpoint management to security operations, you'll build and own the infrastructure that keeps Chamber's team secure and running as we scale across the cardiology value-based care space. This role sits at the intersection of IT administration and security operations. You'll need to be equally comfortable provisioning a MacBook and triaging a security alert — and know when each one needs your full attention.

Key Responsibilities

  • IT Administration & Endpoint Management
    • Provision, configure, and maintain Apple (macOS/iOS) and Windows 11 endpoints using MDM solutions (Intune, NinjaOne, Apple Business or equivalent).
    • Manage the full device lifecycle: imaging, enrollment, patching, retirement, and asset tracking.
    • Administer Okta IdP & Microsoft 365 (Exchange Online, SharePoint, Teams, OneDrive, Azure AD) including user provisioning, licensing, and policy enforcement.
    • Maintain identity and access controls — enforce MFA, Conditional Access policies, and least-privilege principles across all platforms.
    • Own the Keeper Password Manager environment: administer vaults, shared folders, role-based permissions, and enforce enterprise password policies.
    • Serve as Tier 2/3 helpdesk escalation for macOS and Windows issues; build self-service documentation to reduce repeat tickets.
  • Compliance & Policy
    • Contribute to SOC 2, HIPAA, and internal audit readiness by maintaining accurate records of access, configurations, and security controls.
    • Develop and maintain IT policies, acceptable use agreements, and onboarding/offboarding checklists.
    • Conduct periodic access reviews and user entitlement audits across M365, AWS, Keeper, and SaaS applications.
    • Support security awareness training initiatives and phishing simulation programs.
  • Security Operations & Monitoring
    • Monitor and triage security alerts in Datadog (logs, APM, infrastructure metrics) and Sophos Central (endpoint protection, firewall, XDR).
    • Investigate and respond to endpoint threats, phishing attempts, and anomalous behavior; document incidents and escalate appropriately.
    • Tune Sophos policies (web filtering, application control, device encryption, threat intelligence rules) to balance security with productivity.
    • Build and maintain Datadog dashboards and monitors for infrastructure health, authentication events, and security KPIs.
    • Support vulnerability management: track CVEs, coordinate patching windows, and validate remediation closure.

What You’ll Achieve in Your First 90 Days

  • Deploy and configure Mobile Device Management across all endpoints
  • Evaluate, select, and implement a Data Loss Prevention solution
  • Stand up a scalable IT support desk — ticketing system, documentation, and initial playbooks

Requirements

  • 3–6 years of combined experience in IT administration and/or security operations in a corporate or startup environment.
  • Hands-on experience managing macOS and Windows endpoints at scale; familiarity with Apple Business Manager and Intune or similar MDM.
  • Strong understanding of SSO and oAuth and general IAAA access control.
  • Proficiency with Microsoft 365 administration: Exchange Online, Teams, SharePoint, Azure AD, Conditional Access, and Defender for Business.
  • Working knowledge of Sophos Central — endpoint protection, XDR, firewall management, and policy configuration.
  • Experience with Datadog for infrastructure monitoring, log management, and alerting; ability to write log queries (QLDB / Datadog query language).
  • AWS fundamentals: IAM, EC2, S3, VPC, CloudTrail, and security group management; AWS Solutions Architect Associate (SAA-C03) or equivalent experience preferred.
  • Experience administering an enterprise password manager (Keeper, 1Password, or similar).
  • Understanding security frameworks and best practices: Zero Trust, NIST CSF, CIS Controls, and/or HIPAA technical safeguards.

Preferred Qualifications

  • Experience in a healthcare or health-tech startup environment with exposure to HIPAA compliance.
  • Scripting skills in Python, PowerShell, or Bash for automation of routine IT/security tasks.
  • Experience with endpoint detection and response (EDR) platforms beyond Sophos.
  • Prior exposure to SOC 2 Type II audits and evidence collection workflows.

Similar jobs

IT Systems Engineer

David Weekley HomesHouston, TX· 3 mo ago
Information Technologyapply on careers.davidweekleyhomes.com

IT Systems Engineer

Elite DNA Behavioral HealthFort Myers, FL· 1 mo ago
Information Technologyapply on recruiting.paylocity.com

IT Systems Engineer

IntegraDallas, TX· 2 days ago
Information Technologyapply on integra.clearcompany.com

IT Systems Engineer

GrayMatter RoboticsLos Angeles Metropolitan Area· 1 wk ago
Information Technologyapply on jobs.ashbyhq.com

IT Systems Engineer

SpaceXAIPalo Alto, CA· 3 wk ago
Information Technology$162k–$226k/yrapply on grnh.se

IT Systems Engineer

Covera HealthNew York, NY· 4 days ago
Information Technology$105k/yrapply on grnh.se