IT & Security Engineer (Contract)

Parachute Health is transforming post-acute care through the leading digital ordering platform for medical equipment and supplies. In this role, you will support the IT & Security team by ensuring the healthcare technology environment is secure, compliant, and operationally efficient, while gaining hands-on exposure to various security aspects.

Responsibilities:

• Support day-to-day IT operations: user onboarding/off-boarding, hardware provisioning, troubleshooting tickets, and end-user support
• Help manage our macOS laptop fleet, MDM enrollment, configuration, software deployment, and compliance baselines
• Troubleshoot connectivity, hardware, software, and authentication issues across Mac, Linux, and Windows environments
• Document fixes, runbooks, and FAQs to help the team scale
• Assist with Okta administration, user lifecycle, group management, SSO/MFA configuration, application assignments, and access reviews
• Help run periodic access reviews and collect audit evidence
• Support ZScaler operations, policy review, bypass requests, log analysis, and user troubleshooting
• Help maintain DLP policies and triage alerts for potential data exfiltration
• Assist with WAF rule review, false-positive tuning, and traffic analysis (AWS WAFv2 / Akamai)
• Support SIEM operations in Splunk/Wazuh by querying logs, building dashboards, and tuning alerts
• Write and maintain scripts to automate repetitive IT/Security tasks - log analysis, evidence collection, ticket enrichment, account hygiene, and reporting
• Build small tools that make the team faster (no full-stack development required)
• Contribute to and use AI/agentic workflows the team has built (MCP servers, Claude-based runbooks) to accelerate investigations

Requirements:

• Bachelors Degree in Cybersecurity, Information Technology, Computer Science, Information Assurance, IT Management, or a related field
• Scripting experience is required. You can write working scripts in at least one of: Bash, Python, or PowerShell. You don't need to be a software developer, but you should be comfortable automating tasks with code
• Working knowledge of the Linux command line, file system navigation, permissions, process management, log inspection (grep, awk, sed, tail, journalctl)
• Comfort with macOS as a daily-driver OS and basic troubleshooting on Mac
• Solid IT troubleshooting fundamentals, networking basics (DNS, DHCP, VPN, TLS), authentication flows (SAML, OAuth, MFA), and hardware/software support
• Comfort using Git, GitHub, and the terminal
• Actively follows trends in IT, cybersecurity, and AI, with a strong desire to experiment with new tools
• Strong written communication; you can document what you did so others can use it
• Must reside in the U.S
• Hands-on exposure to any of: Okta, ZScaler, Jamf/Kandji/Intune, CrowdStrike/SentinelOne, Splunk, Wazuh, AWS, GCP - academic labs, home labs, and personal projects all count
• Familiarity with DLP concepts (data classification, exfiltration channels, false positives)
• Familiarity with WAF concepts (OWASP Top 10, rule tuning, rate limiting)
• Experience with SIEM querying (Splunk SPL, Wazuh rules, Sigma) or log analysis
• Exposure to compliance frameworks (SOC 2, HIPAA, NIST CSF, ISO 27001)
• Experience with LLMs, agents, MCP servers, or prompt engineering through projects, hackathons, or coursework
• SQL skills for querying data (Postgres, Redshift, BigQuery)
• Participation in CTFs, TryHackMe, HackTheBox, or similar
• A public GitHub portfolio with scripts, automations, or write-ups
• Interest in healthcare technology or working in a regulated environment