Security Operations Engineer

About Hopscotch Primary Care

At Hopscotch Primary Care, we believe great healthcare should be accessible to all people across all communities.  Today, almost 20% of Americans live in a rural community, yet only 11% of physicians practice in those same communities.  We are on a mission to transform healthcare in rural America.  We provide high-quality primary care tailored to meet the needs of our patients through our robust care model and comprehensive care team, delivering care in our clinics, and across settings, and wrapping resources around the patients who need them most.   

Our patients and the care teams who serve them sit at the center of everything we do at Hopscotch.  Hopscotch Primary Care takes a team approach to serve patient needs and provide the best care possible.  Our goal is to provide the care each of us would want for ourselves or for our family members, in the right setting, and at the right time. 

Today, we are serving thousands of patients in our value-based care model and the number is growing every day.  If you want to bring your experience, skill and passion to make a lasting impact in healthcare, we’d like to meet you. 

ABOUT HOPSCOTCH PRIMARY CARE 

At Hopscotch Primary Care, we believe great healthcare should be accessible to all people across all communities.  We provide advanced primary care services in our clinics, and across care settings, delivering robust care in our end-to-end model.    

We are on a mission to transform healthcare for rural communities across the country, one at a time, through advanced primary care.  Our goal is to transform the patient and provider experience, strengthen communities, and enable better healthcare, especially for those who need it most.   

As an innovative and rapidly growing company, we are looking for exceptional team members who share our passion and values.  If you are mission-driven, skilled yet humble and looking to make a lasting impact in healthcare, we’d like to meet you.  

ABOUT THE ROLE 

As the Security Operations Engineer at Hopscotch, you will lead and manage core security and compliance controls for the business using modern methods and tools, reporting to and working closely with the Security Officer. Your expertise and insights will contribute to maintaining and building our security and compliance initiatives while helping shape the security strategy for deployment across our clinics and offices. You will own end-to-end execution and management of projects that directly impact the organization’s ability to deliver care to patients. 

For today’s modern world of security - you'll need ingenuity to identify where agentic AI can accelerate evidence collection, interpret unstructured data, triage compliance gaps, and augment human judgment in risk assessments. Working closely with Product, Engineering, and Ops teams, you'll translate compliance, operational, and regulatory requirements into solutions that support audit programs including HIPAA, building systems that combine traditional automation with AI capabilities to achieve scale that wouldn't otherwise be possible 

RESPONSIBILITIES  

Near-term focus areas for this role will include, but are not limited to:

Manage the enterprise security program.

• Define systems security requirements, architecture, and policies according to regulatory and business requirements. 

• Own Confidentiality, Integrity, and Availability of all systems, services, and technologies. 

• Develop roadmaps for technology domains to improve operational and security posture. 

• Maintain awareness of emerging and trending threats. 

• Track and report on security infrastructure, configurations, design performance measures, and ongoing vulnerability and risk assessments. 
   

Architect security, policy, and risk controls. 

• Own tenant-wide security architecture for Microsoft 365, Azure, and other core SaaS collaboration platforms. 

• Design compartmentalization and data-governance models that scale with the company. 

• Conduct secure design reviews and threat modeling; identify and prioritize risks, attack surfaces, and vulnerabilities. 

• Translate written policies into policy-as-code—working with Engineering, Product, and Ops to express requirements as enforceable rules, automated checks, and continuous validation – not just static documents. 

• Establish feedback loops between policy and implementation: surface where controls diverge from written requirements and where policies need to evolve based on infrastructure realities. 

 
Build automation, AI, and integrations that scale compliance. 

• Design and build automated workflows for risk management and compliance, enabling continuous monitoring as Hopscotch grows. 

• Build data pipelines that aggregate risk, control, and asset information across the tech stack—mapping disparate schemas, handling inconsistent data quality, and creating unified views of compliance posture through dashboards and reporting. 

• Build integrations and automation against SaaS APIs to automate provisioning and catch drift. 

• Design and maintain integrations connecting security tooling with cloud infrastructure, identity management, HRIS, ticketing, version control, and pipelines for automated evidence collection and continuous compliance validation. 
• Design and deploy agentic AI workflows that extend team capacity - serving as a virtual analyst to automate evidence analysis, monitor control effectiveness, draft audit responses, and interpret policy documents. 

Run daily security operations. 

• SOC / SIEM / IPS monitoring, alerting, and response. 

• Network, email, and endpoint detection and response. 

• Configuration baselining and assessment. 

• Security education and awareness. 

Manage platforms, vendors, and escalations. 

• Inform platform strategy: evaluate, select, and deploy tooling that meets compliance requirements, in partnership with other programs. 

• Configure the application side of SSO connections and SCIM attribute mappings. 

• Facilitate and manage security vendor/partner relationships, including Managed Detection and Response (MXDR) and Identity & Access Management (IAM). 

• Serve as the final escalation tier for platform issues Support can't resolve, and provide additional technical support and oversight as needed. 

ABOUT YOU: 

You would be a great fit for this position if you have 4+ years of experience in IT systems administration and/or security and you - 

Background:

• A veteran of ITSM or Systems Administration with experience in security. 

• Have deep, hands-on experience with enterprise administration of Google Workspace and Slack. 

• Have built integrations against SaaS APIs, not just configured them through consoles. 

• Have been the final escalation tier for platform issues. 

• Have successfully delivered complex projects from conception to production. 
   

How you work:

• Results-driven — focus your time and resources against the most important priorities. 

• Excel at operating independently and taking ownership of your work. 

• Comfortable with ambiguity; bring a structured, proactive approach to get things done. 

• Strong critical thinking — able to troubleshoot problems and implement corrective actions quickly. 

• Write clear documentation as a natural part of your workflow. 

• Constantly seeking ways to simplify and improve how things are done. 
   

How you collaborate: 
 

• Communicate technical concepts clearly to any audience, verbally and in writing. 

• Enjoy solving ambiguous problems with multiple stakeholders. 

• Collaborative, assuming positive intentions; willing to roll up your sleeves and work effectively with people of all backgrounds. 

• Accountable — hold yourself and others to a high standard, and support and develop those around you. 

• Strong service mentality; customer-focused, with a passion for serving patients and providers. 
• Passionate about solving real problems in American healthcare. 

PREFERRED QUALIFICATIONS: 

• 4+ years of IT & system administration experience 

• A degree in computer science, engineering or technical discipline 

• A degree is not required, and we heavily encourage you to apply regardless of college experience. 

• Experience in maintaining troubleshooting a wide variety of systems and networks 

• Preferred:  

• Experience with Azure AD 

• Experience with SharePoint and Office 365 administration 

• Experience with cybersecurity principles. 

• Comp TIA A+ Certification 

• Network+ Certification 

In accordance with the Illinois Pay Transparency Act, we’re providing the full salary range for this position. Actual compensation will be determined based on location, relevant experience and qualifications. Most offers will fall within a portion of the listed range. This position has a salary range of $90,000 – $100,000 annually, based on location, relevant experience and qualifications. In addition to base salary, we offer a comprehensive benefits package that includes:

• Paid holidays + PTO
• Company sponsored medical, dental, and vision insurance for you + your family
• FREE short-term and long-term disability insurance
• FREE $100k life insurance policy
• 401k plan with 4% company match + no vesting period
• $720 - $1,000 added to employee Health Savings Account annually for eligible health plans
• And more!

At Hopscotch Primary Care, we embrace diversity, invest in a culture of inclusion and positivity and encourage all to apply to join our team.  You will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.