Application Engineer
<div class="content-intro"><div>Parachute Health is transforming post-acute care through the leading digital ordering platform for medical equipment and supplies. We replace the outdated, error-prone paper and fax process, which negatively impacts over 30 million patients annually, with a system that’s 10 times faster. Our platform connects a vast network of Home Medical Equipment (HME) providers, clinicians, and payors across all 50 states, ensuring millions of patients get the life-saving products they need quickly and efficiently. </div>
<div> </div>
<div>Join our team and make a difference in patient care.</div></div><h2><span style="font-size: 12pt;"><strong>About the Role</strong></span></h2>
<p><span style="font-size: 12pt;">You'll be the software engineer embedded in Parachute Health's IT & Security team, building the internal platforms, automations, and AI-powered workflows that keep our healthcare technology environment secure, compliant, and operationally efficient. </span></p>
<p><span style="font-size: 12pt;">You'll write code that touches on identity, endpoint, network, cloud security, compliance, evidence collection, and incident response in an environment governed by HITRUST, SOC 1, and SOC 2.</span></p>
<h2><span style="font-size: 12pt;"><strong>Responsibilities</strong></span></h2>
<p><span style="font-size: 12pt;">Internal tooling & automation</span></p>
<ul>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Design, develop, and maintain internal applications and automations that eliminate manual IT/Security work, including provisioning, access reviews, compliance evidence collection, audit preparation, and ticket triage.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Develop and maintain integrations across the security and IT stack, including Okta, Zscaler, Splunk/Wazuh, Lacework, Drata, Datadog, AWS, GCP, GitHub, and n8n.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Package, deploy, and operate IT/Security tooling using Parachute's standard deployment patterns and observability stack.</span></li>
</ul>
<p><span style="font-size: 12pt;">AI & agentic workflows</span></p>
<ul>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Architect agentic AI workflows for IT and Security operations, including automated alert triage, log correlation, root-cause analysis, guided remediation, access-review automation, and audit evidence collection.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Build the context layer (MCP servers, retrieval pipelines, and embeddings) that grounds AI agents in Parachute-specific systems, policies, and runbooks.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Drive AI adoption across the IT/Security team through pairing, architecture reviews, and reusable skills/plugins/workflows.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Build an MCP-based agent that automates audit evidence collection from multiple sources</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Replace manual access-review workflows with an agentic pipeline</span></li>
</ul>
<p><span style="font-size: 12pt;">Security</span></p>
<ul>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Develop, tune, and maintain SOAR/SIEM detections, dashboards, and correlation rules in Splunk/Wazuh.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Support threat hunting, incident investigation, pen test, and/or red teaming, and forensic analysis with custom tooling and queries (Redshift, BigQuery, log platforms)</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Apply MITRE ATT&CK, NIST CSF, and HITRUST CSF to guide detection engineering and control implementation.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Contribute to SOC runbooks, SOPs, and automation playbooks (SOAR).</span></li>
</ul>
<p><span style="font-size: 12pt;">Security audits & reliability</span></p>
<ul>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Automate compliance evidence collection and control validation across SOC 2, HITRUST CSF, HITRUST AI, and HIPAA.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Participate in an on-call rotation for IT/Security incidents; contribute to post-incident reviews and continuous improvement.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Maintain stable, performant, and auditable internal application stacks.</span></li>
</ul>
<h2><span style="font-size: 12pt;"><strong>Requirements</strong></span></h2>
<ul>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">2+ years of writing production code in a web-based environment.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Professional experience with<strong> </strong>Ruby on Rails, and/or Python, and/or JavaScript/TypeScript (React, Node.js).</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Hands-on experience with AWS (IAM, EC2, ECS/EKS, S3, RDS, Lambda) and infrastructure-as-code.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Demonstrated experience integrating with REST/GraphQL APIs and building automations across SaaS platforms.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Working knowledge of at least one compliance framework - SOC 2, HITRUST, HIPAA, ISO 27001, or NIST.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Security-first mindset: you think about least privilege, secrets handling, PHI exposure, and audit trails by default.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Strong fundamentals in data structures, design patterns, and TDD.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Must reside in the U.S.</span></li>
</ul>
<h2><span style="font-size: 12pt;"><strong>Nice to have</strong></span></h2>
<ul>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Experience building agentic AI systems in production - agent architectures, tool integration via MCP, retrieval-augmented generation, evaluation frameworks.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Experience setting up AI development environments and driving AI adoption across a technical team.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Familiarity with our stack: Okta, ZScaler, Splunk/Wazuh, Lacework, Drata, Datadog, n8n workflows and/or Argo workflows.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">SIEM detection engineering or SOC tooling experience (Splunk SPL, Wazuh rules, Sigma).</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Healthcare technology background - exposure to HIPAA, PHI handling, or DME workflows.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Security or cloud certifications (CCA-F, CISSP, CCSP, AWS Security Specialty, OSCP).</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Experience as a technical lead bridging IT, Security, Engineering, and Compliance stakeholders.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Proficient in SQL (Redshift, BigQuery) for forensic and operational analytics.</span></li>
</ul>
<p><span style="font-size: 12pt;"><strong>Benefits</strong></span></p>
<ul>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Medical, Dental, and Vision Coverage: Comprehensive plans with options for low-to-no-cost premiums.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Employer HSA Contribution: Company-funded contributions to your Health Savings Account.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">401(k) Retirement Plan</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Equity Incentive Plan</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Annual Company-Wide Bonus: Opportunity for up to 15% bonus based on company performance.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Remote-First Culture: We are remote-first with a dedicated NYC office and reimbursement options for co-working spaces.</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Flexible Vacation Policy</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Summer Fridays: 5 additional Fridays off during the summer (separate from PTO).</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Home Office and Wellness Stipend</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Monthly Internet Stipend</span></li>
<li style="font-size: 12pt;"><span style="font-size: 12pt;">Annual Learning and Development Stipend</span></li>
</ul>
<p><strong>Base Salary Band (based on experience and level)</strong></p>
<p>$80,000 - $120,000</p>
<p> </p><div class="content-conclusion"><p style="text-align: left;"><span style="font-size: 12pt;"><em>California job applicants may access the Notice of Collection of Personal Information and Privacy Policy with information and rights required by the California Privacy Rights Act (CPRA) the link <a class="c-link" href="https://www.parachutehealth.com/cpra" target="_blank" data-stringify-link="https://www.parachutehealth.com/cpra" data-sk="tooltip_parent">here</a>.</em></span></p>
<p class="p1" style="text-align: left;"><span style="font-size: 12pt;"><em>We are proud to be an equal opportunity employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth related medical conditions and lactation), gender identity or gender expression (including transgender status), sexual
This listing is from ats_greenhouse. View original listing ↗