Jobs · skipthedrive

P

Software Engineer, IT and Security

Brightpath Technologies · Remote · Posted 16d ago

remoteFull-timemidEstimated 131k-280k USD
Apply on skipthedrive

About the role

Build internal applications and automation services to enhance security and compliance in a healthcare environment.

Brightpath Technologies is transforming post-acute care as the leading digital ordering platform for medical equipment and supplies. We connect major health systems, health plans, and suppliers to help patients get the life-saving products they need at home. Since launching, we've connected 300,000+ clinicians and 3,000+ supplier locations across all 50 states and helped 15M+ patients. What started as a DME ePrescribing tool has become the order management platform of choice for home medical equipment. Join our team and make a difference in patient care. About the Role You'll be the dedicated software engineer embedded in Brightpath Technologies's IT & Security team, writing the code that runs our internal operations. You'll build internal applications, automation services, and AI agents that replace manual work across identity, endpoint, cloud security, compliance, and incident response - in an environment governed by HIPAA, SOC 1, SOC 2, and HITRUST. What you'll build Concrete projects on the roadmap for your first year: A self-service access portal (React + Node.js + Okta API) that lets employees request app and AWS access, routes for approval, and provisions automatically. An automated user lifecycle service (Python) that listens to HR webhooks and orchestrates Okta, AWS, GitHub, and SaaS provisioning/deprovisioning end-to-end. An audit evidence collection service (Python) that pulls evidence from 30+ systems (AWS, GitHub, Okta, Drata, Splunk) on a schedule and writes structured evidence into our compliance platform. An alert enrichment pipeline (Python) that takes raw security alerts, queries context from logs/CMDB/HR systems, and writes back enriched, triaged tickets. AI agents and MCP servers (Python, TypeScript) - agents built on the Anthropic API that safely read from and act on our internal systems: running access reviews, drafting compliance evidence, triaging tickets. Detection-as-code in Splunk SPL / Wazuh rules / SQL that turns log data into actionable alerts. n8n workflows for simpler integrations where a full service isn't justified - you'll pick the right tool for the job. Tech stack Languages: Python (primary), TypeScript/Node.js, SQL, Bash Cloud: AWS (Lambda, ECS, EKS, S3, RDS/Aurora, IAM, Secrets Manager), GCP (BigQuery) Data: Redshift, BigQuery, Postgres AI / agents: Anthropic API, Model Context Protocol (MCP), retrieval/embeddings, eval frameworks IT & Security integrations: Okta, ZScaler, Splunk, Wazuh, Lacework, Drata, Datadog, GitHub, n8n Deployment: GitHub Actions, ArgoCD, EKS (consumed via Parachute's existing platform) Observability: Datadog, Splunk Requirements Minimum 2 years of professional software engineering experience in a production web environment. Strong professional experience in Python or TypeScript/Node.js. Bonus if both. Comfort writing SQL against real production datasets. Hands-on experience with AWS (IAM, Lambda/ECS/EKS, S3, RDS) and Infrastructure-as-Code. Experience integrating with REST/GraphQL APIs and webhooks across SaaS platforms. Strong fundamentals: data structures, design patterns, testing, code reviews. Security-first mindset: you think about least privilege, secrets handling, PHI exposure, and audit trails by default. Working knowledge of at least one compliance framework - SOC 2, HITRUST, HIPAA, ISO 27001, or NIST. Must reside in the U.S. Nice to have Experience building AI agents or LLM-powered tools in production — agent architectures, tool integration, MCP, retrieval-augmented generation, eval frameworks. Experience driving AI adoption across a technical team (pairing, demos, reusable skills/plugins). Familiarity with our stack: Okta, ZScaler, Splunk/Wazuh, Lacework, Drata, Datadog, n8n. SIEM detection engineering (Splunk SPL, Wazuh rules, Sigma). Experience with Kubernetes (EKS), GitOps (ArgoCD), or service mesh (Istio with OIDC/JWT). Healthcare technology background - exposure to HIPAA, PHI handling, or DME workflows. Security or cloud certifications (CISSP, CCSP, AWS Security Specialty, GCIH, OSCP). Professional experience with Ruby on Rails (Parachute's primary product stack — useful for cross-team collaboration). Experience as a technical lead bridging IT, Security, Engineering, and Compliance stakeholders. What a typical week looks like Code review, write, and ship - Python services, TypeScript tools, SQL queries, agent definitions. Pair with security analysts and IT engineers to translate operational pain into shipped automation. Design and build APIs, schedulers, and event-driven services that integrate across our SaaS stack. Write tests, dashboards, and runbooks for everything you ship. Participate in an on-call rotation for the IT/Security tooling you own (not customer-facing platform). Sit in on architecture reviews and incident response. Benefits Medical, Dental, and Vision Coverage: Comprehensive plans with options for low-to-no-cost premiums. Employer HSA Contribution: Company-funded contributions to your Health Savings Account. 401(k) Retirement

Read the full posting on skipthedrive

FAQ

Is the Software Engineer, IT and Security role at Brightpath Technologies remote?+

This Software Engineer, IT and Security position is listed as remote (Remote).

What is the salary for the Software Engineer, IT and Security role at Brightpath Technologies?+

The listing states Estimated 131k-280k USD.

What seniority level is this Software Engineer, IT and Security role?+

This is a mid level position.

How do I apply for the Software Engineer, IT and Security role at Brightpath Technologies?+

Use the "Apply on skipthedrive" button to open the original posting on skipthedrive, where you can submit your application directly to Brightpath Technologies.