Infrastructure and Security Manager
Do you want to be part of the design and implementation of a fast growing SaaS solution for the US healthcare sector? Do you have the confidence to build systems that need mission critical accuracy? Do you believe in an empowered workforce working at the cutting edge of Agile and Scrum? We do; and we need a new Software Engineer to help us get to the next level.
We believe that patients should be the focus of great healthcare. Freeing up medical professionals to engage with patients rather than administration whilst also speeding up diagnosis is what we do. By connecting medical devices direct to electronic health records via our middleware, we reduce human error and ensure the patient is given accurate results first time. We are leading the way in automating the interface between complex diagnostic machines and the doctors that use their output to make the right clinical decisions.
As a startup based in Edinburgh, and part of the CodeBase technology community, we are a group of young and energetic engineers building a product that is in use by thousands of doctors every day. We believe strongly in the principles of Agile and seek to empower each other to choose the best path to building a great product that delights clinical staff.
Reporting to the CEO, we now require an Infrastructure and Security Manager to take these two mission critical responsibilities to the next level as we scale.
● Overall responsibility for the security of our infrastructure and in particular, protected health information (PHI)
● Lead HITRUST certification process on behalf of the company
● Coordinate 3rd party consultants / companies throughout HITRUST certification process
● Create, maintain, monitor and enforce all policies and procedures required for HITRUST
● Manage penetration testing, at a minimum annually, and remediate any action items
● Manage risk register and ensure remediation of any action items is completed
● Chair the company Security Committee, ensure it meets regularly and implement actions
● Promote a culture of information security awareness throughout the company
● Coordinate security risk assessment questionnaires required from customers
● Collaborate with the lead software engineer and architect, who is responsible for application security, on the overall security of the product (end-to-end)
● Responsible for the overall cloud infrastructure architecture (Azure)
● Proactively suggest improvements based on company growth
● Optimise the infrastructure architecture based on company goals (financials & SLA)
● Perform regular system maintenance (e.g. updates, backups, archiving data) and automate processes for hands-off operations
● Actively monitor performance of Azure infrastructure and application against targets
● Build and test disaster recovery plan
● Setup, manage and monitor VPNs to 3rd parties
● Collaborate with developers to create a streamlined CI/CD pipeline using the right tools for the job and enable the infrastructure to support those
● Support developers in setting up automated testing, quality gateways and code coverage metrics as part of the deployment pipeline
● Manage 3rd party sandbox VMs (used for testing) and make sure team members have smooth access to them
● Live troubleshoot issues in production
● Assist with customer support when needed
Technology and Tools
Having experience in our full technology stack is not a requirement, however, if you have experience in any of the following (or similar) it’s a huge plus - so please let us know!
● Microsoft Azure
● Octopus deployment
● Azure devops/ Azure pipelines
● ElasticSearch & Kibana
● Data Dog
● .NET (Frameworks and Core)
● Microsoft Active Directory administration
We are not necessarily just looking for someone with enough industry experience. We care more about a cultural fit and a desire to grow:
● Communication is the thing we care about most. You communicate directly, clearly, emphatically and often. Over communication is always better. You feel comfortable working in a team where everyone always knows what everyone else is up to (and whether they can help).
● You are organised. When it comes to security and infrastructure, everything should be committed to paper. You should feel comfortable with writing documentation, and manage your team’s tasks and deliverables.
● Devops culture. It’s not just a buzzword. For us it means no walls between development and operations - we are all one team. Your role is to enable and empower the developers to be responsible and accountable for the code all the way up in production.
● Practical. Everything you build and deploy is simple to adopt and fit for the job. You don’t build a spaceship when we need a scooter and people love anything (tools/technology) new that you deploy (as they are usually part of the decision).
● Desire to grow. We don’t look for any prior experience as a requirement. We want you to grow with us.
● Motivation. You need to care, love and be interested in what we do. We’re a startup so this means you need to be ok with jumping in and working hard.
● Getting things done mindset. Though we have many customers and thousands of transactions going through our product every day, our competitive edge as a startup is being able to move fast. You should be comfortable in making a decision and going with it (worst case - we fail fast).
What We Offer
● Competitive salary
● Great holiday allowance
● Table football
● Ping Pong
● Lunchtime Exploding Kittens
● Bike to work scheme
● Regular team activities
● Online learning and development
Interested? Please send your CV to email@example.com