About Capsule

Capsule is a new kind of pharmacy. One that is smarter, friendlier, faster and hand-delivers your medication, same-day, for free. We have a national presence and have raised over $500MM from the best healthcare and technology investors in the world. People succeed in our culture when they are intensely focused on our customers, are energized by accomplishing ambitious goals, and push themselves and their teammates to be their best. If this excites you, we’d love to have you join us.

About the Role

Join Capsule's IT Engineering team to protect our patients' sensitive health information through robust security infrastructure and Protected Health Information (PHI) compliance. As our Systems Engineer, you will be customer obsessed helping Capsule team members do their best work, be security focused - helping prevent and mitigate security risks, and help us adopt new technologies to improve velocity and reduce repetitive tasks.

• Help Others do their Best work: Deploy and maintain robust IT systems that directly support Capsule’s do their best work by configuring secure endpoints, implementing network policies, and ensuring high infrastructure uptime of IT assets through monitoring and rapid response.

• Administer Network Infrastructure: Configure Cisco Meraki switches, wireless access points, and security appliances; deploy firewall rules and VPN configurations; execute network segmentation policies; and perform regular network health assessments to maintain applications while mitigating risk of security incidents.

• Deploy and Manage Endpoint Fleet: Provision iOS and workstation devices using MDM. Examples of this work include: creating configuration profiles, deploying software packages, and enforcing security baselines; implement and review CrowdStrike agents and activity across all endpoints; manage 500+ devices through automated deployment scripts; and maintain compliance with security policies including automatic patching and minimizing threats.

• Execute Cloud Infrastructure Operations: Deploy and configure AWS WorkSpaces for remote users; implement desktop images for use with pharmacy applications; manage user provisioning and deprovisioning workflows; and maintain cloud infrastructure with automated backup and disaster recovery procedures.

• Implement Security Controls: Deploy security monitoring agents; configure SIEM log ingestion from all IT systems; execute vulnerability scanning on weekly basis; remediate high-risk findings within hours; and maintain security dashboards showing real-time compliance status across all endpoints and network devices.

• Automate Operational Tasks: Develop PowerShell and Python scripts to automate device provisioning, user onboarding, and security compliance reporting; implement infrastructure-as-code for network configurations; create automated incident response playbooks; and reduce manual tasks through process automation.

• Execute Compliance Activities: Implement SOC2 and HIPAA controls through technical configurations; collect and organize audit evidence; perform quarterly access reviews; execute data classification and handling procedures; and maintain compliance scores during external audits.
  

Requirements

• Bachelor's degree in IT, Computer Science, Engineering, or related field

• 5+ years of hands-on systems administration experience in SaaS/Cloud environments

• Working knowledge of HIPAA compliance requirements and experience handling Protected Health Information (PHI)

• Expert-level hands-on experience with Cisco Meraki cloud-managed infrastructure including configuration of switches, wireless access points, and security appliances

• Proven experience configuring enterprise firewalls, implementing network segmentation, and managing centralized security policies

• Advanced proficiency with Jamf Pro for macOS/iOS fleet management including configuration profiles, software deployment, and compliance monitoring

• Hands-on experience deploying and managing CrowdStrike Falcon for endpoint detection and response

• Demonstrated experience managing 200+ mixed-OS device environments including automated software deployment and patch management

• Experience implementing physical access control systems and integrating with centralized monitoring platforms

• Proven experience with AWS WorkSpaces deployment, configuration, and ongoing management

• Working knowledge of identity and access management (IAM) systems and privileged access controls

• Experience with SIEM platforms including log configuration, dashboard creation, and alert tuning

• Strong scripting abilities in PowerShell, Python, and Bash for automation of IT operations and security tasks

• Proven track record of meeting SLA requirements and maintaining high system availability

• Experience with infrastructure monitoring tools and proactive system maintenance
  

Benefits

• Competitive salary and equity

• Health, Dental, and Vision Insurance

• Health and Commuter FSAs

• Flexible vacation policy