IT & Security Engineer (Contract)

IT & Security Engineer (Contract)

New York, NY Parachute Health is transforming post-acute care through the leading digital ordering platform for medical equipment and supplies. We replace the outdated, error-prone paper and fax process, which negatively impacts over 30 million patients annually, with a system that's 10 times faster. Our platform connects a vast network of Home Medical Equipment (HME) providers, clinicians, and payors across all 50 states, ensuring millions of patients get the life-saving products they need quickly and efficiently. Join our team and make a difference in patient care.

About This Role

You'll join Parachute Health's IT & Security team as a contractor, working alongside engineers and analysts who keep our healthcare technology environment secure, compliant, and operationally efficient. You'll gain hands-on exposure to identity, endpoint, network, and cloud security, compliance, and incident response in an environment governed by SOC 1, SOC 2, and HITRUST CSF.

You won't just sit behind a desk. You'll be a part of a fast-paced environment, work closely with IT and Security professionals on real projects and sit in on incident response and architecture discussions.

Responsibilities

IT operations & endpoint

• Support day-to-day IT operations: user onboarding/off-boarding, hardware provisioning, troubleshooting tickets, and end-user support.
• Help manage our macOS laptop fleet, MDM enrollment, configuration, software deployment, and compliance baselines.
• Troubleshoot connectivity, hardware, software, and authentication issues across Mac, Linux, and Windows environments.
• Document fixes, runbooks, and FAQs to help the team scale.

Identity & access

• Assist with Okta administration, user lifecycle, group management, SSO/MFA configuration, application assignments, and access reviews.
• Help run periodic access reviews and collect audit evidence.

Network & security tooling

• Support ZScaler operations, policy review, bypass requests, log analysis, and user troubleshooting.
• Help maintain DLP policies and triage alerts for potential data exfiltration.
• Assist with WAF rule review, false-positive tuning, and traffic analysis (AWS WAFv2 / Akamai).
• Support SIEM operations in Splunk/Wazuh by querying logs, building dashboards, and tuning alerts.

Scripting & automation

• Write and maintain scripts to automate repetitive IT/Security tasks - log analysis, evidence collection, ticket enrichment, account hygiene, and reporting.
• Build small tools that make the team faster (no full-stack development required).
• Contribute to and use AI/agentic workflows the team has built (MCP servers, Claude-based runbooks) to accelerate investigations.

Requirements

• Bachelors Degree in Cybersecurity, Information Technology, Computer Science, Information Assurance, IT Management, or a related field.
• Scripting experience is required. You can write working scripts in at least one of: Bash, Python, or PowerShell. You don't need to be a software developer, but you should be comfortable automating tasks with code.
• Working knowledge of the Linux command line, file system navigation, permissions, process management, log inspection (grep, awk, sed, tail, journalctl).
• Comfort with macOS as a daily-driver OS and basic troubleshooting on Mac.
• Solid IT troubleshooting fundamentals, networking basics (DNS, DHCP, VPN, TLS), authentication flows (SAML, OAuth, MFA), and hardware/software support.
• Comfort using Git, GitHub, and the terminal.
• Actively follows trends in IT, cybersecurity, and AI, with a strong desire to experiment with new tools.
• Strong written communication; you can document what you did so others can use it.
• Must reside in the U.S.

Nice to Have

• Hands-on exposure to any of: Okta, ZScaler, Jamf/Kandji/Intune, CrowdStrike/SentinelOne, Splunk, Wazuh, AWS, GCP - academic labs, home labs, and personal projects all count.
• Familiarity with DLP concepts (data classification, exfiltration channels, false positives).
• Familiarity with WAF concepts (OWASP Top 10, rule tuning, rate limiting).
• Experience with SIEM querying (Splunk SPL, Wazuh rules, Sigma) or log analysis.
• Exposure to compliance frameworks (SOC 2, HIPAA, NIST CSF, ISO 27001).
• Experience with LLMs, agents, MCP servers, or prompt engineering through projects, hackathons, or coursework.
• SQL skills for querying data (Postgres, Redshift, BigQuery).
• Participation in CTFs, TryHackMe, HackTheBox, or similar.
• A public GitHub portfolio with scripts, automations, or write-ups.
• Interest in healthcare technology or working in a regulated environment.

Contract Details

• 3-6 month contract
• Hourly pay is based on experience and level

California job applicants may access the Notice of Collection of Personal Information and Privacy Policy with information and rights required by the California Privacy Rights Act (CPRA) the link here.

We are proud to be an equal opportunity employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth related medical conditions and lactation), gender identity or gender expression (including transgender status), sexual orientation, marital status, military service and veteran status, disability, genetic information, or any other characteristic protected by applicable federal, state, or local laws and ordinances.

This role is not eligible for employer visa sponsorship. Applicants must be legally authorized to work in the United States at the time of application and for the duration of employment. The Company does not sponsor employment authorization for this position, nor will it provide assistance in obtaining temporary work authorization.