Cloud Infrastructure Security Engineer

careMESH is an agile, early-stage company at a critical inflection point. We are seeking a Cloud Infrastructure expert to take full ownership of our Google Cloud Platform (GCP) environment. As our first dedicated DevOps/Security hire, you will bridge the gap between development and operations, ensuring our infrastructure is scalable, cost-efficient, and—most importantly—hardened against threats.

Your mission is to build a "secure by default" culture while automating everything from deployment pipelines to compliance auditing.

Core Responsibilities:

1. Infrastructure as Code (IaC) & Automation

• Architect and maintain our GCP production and staging environments (using Terraform).
• Eliminate manual configuration to ensure all infrastructure is version-controlled and reproducible.
• Optimize CI/CD pipelines (GitHub Actions) to ensure safe, zero-downtime deployments.
• Set up and maintain secure connections with customers (i.e., VPN, SMTP, and EHR connections)

2. Security & Compliance Enforcement

• Implement and manage Identity and Access Management (IAM) using the principle of least privilege.
• Lead the technical requirements for security certifications (mainly HITRUST, but also SOC2 Type II, ISO 27001, or HIPAA).
• Manage secrets using Google Secret Manager.

Interested in remote work opportunities in Devops? Discover Devops Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• Conduct regular vulnerability scanning, log analysis (Cloud Logging/Monitoring), and incident response drills.

3. Reliability & Performance

• Manage containerized workloads via Google Kubernetes Engine (GKE).
• Establish "Golden Signals" for monitoring: Latency, Traffic, Errors, and Saturation.
• Implement automated backup and disaster recovery (DR) protocols.

4. Cost Governance

• Monitor cloud spend and implement cost-saving measures (e.g., Committed Use Discounts, Preemptible VMs, and rightsizing).

Experience & Startup DNA

We are a lean team where everyone "gets their hands dirty." We understand that no one has every skill, but a combination of the following, developed over at least a 10-year career, is essential:

• Startup Agility: You enjoy wearing multiple hats and can prioritize tasks in a fast-paced environment.
• Communication: You can explain complex security risks to non-technical stakeholders.
• EHR Fluency: Direct experience with Epic, Oracle Health (Cerner), or Meditech (e.g., App Market integrations, HL7/FHIR workflows).

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• Interoperability Mastery: A working-level knowledge of healthcare standards (HL7 v2, FHIR, CCDS/CCDA) is desired.
• Certification: Professional Cloud Architect or Professional Cloud Security Engineer.
• Technical Qualifications
• GCP Mastery: Deep experience with VPCs, GKE, Cloud SQL, Firebase, Cloud Storage.
• IaC Expert: Professional experience with Terraform is a MUST.
• Security Mindset: Strong understanding of network security (WAF, Cloud Armor), encryption at rest/transit, and compliance frameworks.
• Linux/Containers: Advanced knowledge of Linux administration and Docker/Kubernetes orchestration.
• Scripting: Proficiency in Bash for automating operational tasks.

Location & Logistics

• Remote/Hybrid: careMESH is a 100% remote organization. However, we meet regularly in our Reston, VA office for strategy and collaboration.
• Requirement: Candidates MUST live in the Washington DC/Maryland/Virginia area or the Eastern Time Zone and be able to travel to Reston every quarter. **Please do not apply if you do not meet these requirements.

Benefits

• The expected salary range for this position is $120,000 - $150,000. Salary ranges are determined by role, experience, and location. 
• Remote-first culture
• Comprehensive benefits (Health, 401k)