SonicJobs Logo
Left arrow iconBack to search
  1. Home
  2. 19102, Philadelphia, PA
  3. Senior Platform & Security Engineer

Senior Platform & Security Engineer

HLH Holdings LLC dba Highlight Health
Posted 4 days ago, valid for 22 days
Location

Philadelphia, PA 19102, US

Salary

$0 - $130,000 per year

Contract type

Full Time

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Sonic Summary

info
  • Highlight Health is seeking a Senior Platform and Security Engineer with 7–10 years of experience in cloud platform engineering, DevOps, or infrastructure security.
  • The role involves owning the Azure infrastructure, managing IT operations, and implementing security controls for a proprietary Claims Intelligence Platform.
  • The position offers a salary of $120,000 to $150,000, depending on experience and qualifications.
  • Candidates should have hands-on Azure experience and practical knowledge of HIPAA and SOC 2 Type 2 compliance.
  • This is a hands-on role with potential for team leadership as the company grows, emphasizing security and operational simplicity.

Overview

Highlight Health is a mission-driven company that protects consumer rights and controls healthcare costs exclusively for self-funded employers and their stop loss carriers. We are a profitable, fast-growing company without private equity investors.

We are currently building a sophisticated, proprietary Claims Intelligence Platform — a system of record handling protected health information (PHI) and generating financial recommendations with real-world legal and economic weight. Security, compliance, and platform reliability are not afterthoughts here; they are first-class engineering concerns.

We are looking for a Senior Platform and Security Engineer to own the Azure infrastructure, IT operations, and technical implementation of security controls that underpin this platform. This is a hands-on individual contributor role with a potential path toward team leadership as the company grows. You will work closely with the engineering team on platform changes and directly with leadership on SOC 2 Type 2 and HIPAA audit preparation.

If you want technical ownership of a platform where the stakes are real and the work is consequential, we would love to hear from you.

Essential Duties and Responsibilities

Azure Platform Ownership

  • Own infrastructure for all Azure resources across development, UAT, and production environments
  • Manage and evolve Azure DevOps pipelines for build, test, and deployment
  • Operate Azure Container Apps, App Service, Service Bus, Azure Database for PostgreSQL Flexible Server, Blob Storage, and supporting services
  • MaintainAzure Key Vault including secrets rotation and enforcement of least-privilege access
  • Configure and tune Application Insights and Log Analytics, including PHI-safe logging pipelines that prevent sensitive data from appearing in telemetry

Security Controls and Compliance

  • Implement andmaintaintechnical controls in support of SOC 2 Type 2 and HIPAA compliance programs
  • Administer Entra ID including conditional access policies, MFA enforcement, group lifecycle management, and identity governance
  • Partner with leadership on audit preparation, evidence collection, and control documentation
  • Contribute to incident response readiness, including tabletop exercises and runbook development
  • Manage logging and alerting functions through Microsoft Purview and Microsoft Sentinel, including alert tuning, analytics rules, and data connector configuration
  • Maintain and improve the organization’s security posture through vulnerability management, access reviews, and security monitoring

IT Operations

  • Own Office 365 administration, SharePoint configuration, and SaaS tool management for the organization
  • Serve as the internal technical authority on endpoint security, device management, and employee access provisioning
  • Evaluate and onboard new tooling as the company scales, with a bias toward security and operational simplicity

The Technical Environment

  • Infrastructure: Azure Container Apps, Azure App Service, Azure Service Bus, Azure Database for PostgreSQL Flexible Server, Azure Blob Storage
  • Security and Identity: Azure Key Vault, Microsoft Entra ID, Microsoft Defender, Azure Policy
  • Observability and Security Operations: Application Insights, Log Analytics Workspaces, Microsoft Sentinel, Microsoft Purview
  • CI/CD: Azure DevOps pipelines
  • Productivity: Microsoft 365, SharePoint, Teams
  • Compliance targets: SOC 2 Type 2, HIPAA

Experience and Qualifications

  • 7–10 years in cloud platform engineering, DevOps, or infrastructure security
  • Hands-on production Azure experience across thefull servicelifecycle, not just resource provisioning
  • Practical experience implementing technical controls for HIPAA and SOC 2 Type 2
  • Fluent in Entra ID: conditional access, MFA, role assignments, and identity governance
  • Appliesappropriate safeguardsfor protected health information, including PHI-safe logging pipelines, data isolation, and least-privilege access controls
  • Comfortable owning IT operations end-to-end: M365, SaaS administration, and employee access management included
  • Brings a point of view. This role requires someone who assesses the environment,identifiesgaps, and recommends a path forward
  • Energized by doing the work. This is a hands-on role with full ownership of the platform and security posture
  • Healthcare or regulated industry background is a genuine advantage
  • Comfortable incorporating AI-assisted tools and workflows into day-to-day work to improve speed and quality


Learn more about this Employer on their Career Site

Apply now in a few quick clicks

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2026 SonicJobs Inc. All rights reserved

Terms & Conditions | Privacy Policy | Browse Jobs