DevOps Engineer

Job Description:

Skilled Wound Care is seeking a hands-on DevOps Engineer to take ownership of the deployment, operation, and security of our healthcare software platforms — including our Electronic Health Record (EHR) system and our end-to-end Revenue Cycle Management (RCM) and billing platform. In this role, you will be the primary owner of how our applications are built, shipped, run, monitored, and secured in production. This is the first dedicated DevOps role at our company, and it is being created to formalize and grow this function as we scale. You will own the full scope of our application infrastructure on a day-to-day basis, with our Lead Software Developers serving as backup support for production emergencies and after-hours coverage.  This position is focused exclusively on our software product infrastructure — the servers, cloud resources, containers, pipelines, and tooling that support our applications. You will not be responsible for general corporate IT systems such as file shares, remote desktop servers, internal VPNs, or end-user device management.
Because our platforms handle Protected Health Information (PHI), security and compliance are not afterthoughts — they are core to the role. You will work closely with our development team to ensure that everything we ship is reliable, performant, and compliant with HIPAA and our broader security program.

On-Call: This role includes participation in a primary on-call rotation for production incidents affecting our healthcare platforms, with the Lead Software Developers serving as secondary/backup coverage. We aim to keep on-call burden reasonable through strong monitoring, automation, and clearly documented runbooks.

Responsibilities:

• Own the deployment, configuration, and lifecycle management of our application servers and cloud infrastructure across development, staging, and production environments.
• Provision and manage AWS resources (EC2, VPC, RDS, S3, IAM, Route 53, ELB/ALB, CloudFront, ACM, etc.) to support our application stack; secondary GCP exposure is a plus.
• Build, maintain, and harden Docker images and container deployments for our applications.
• Use Infrastructure as Code (Terraform preferred) to define and version-control cloud resources where practical, and progressively reduce manual configuration over time.
• Maintain Linux servers — install, patch, harden, and tune them for performance, reliability, and security.
• Coordinate with the development team to manage updates to application runtimes, frameworks, and system-level dependencies (e.g., PHP, Node.js, Python, Nginx/Apache, MySQL, OS packages).
• Build and maintain CI/CD pipelines (e.g., GitHub Actions, GitLab CI, Jenkins, or CircleCI) for automated build, test, and deployment of our applications.
• Implement safe, repeatable release processes including environment promotion, automated test gates, and reliable rollback procedures.
• Provide tooling and documentation that helps developers ship faster while staying within secure, compliant guardrails.
• Implement and maintain monitoring, alerting, and observability tooling (e.g., CloudWatch, Datadog, New Relic, Prometheus/Grafana) across our application stack.
• Set up centralized logging and audit trails appropriate for a HIPAA-regulated environment.
• Participate in a primary on-call rotation for production incidents, with the Lead Software Developers providing secondary/backup coverage.
• Investigate and resolve production issues, communicate clearly with stakeholders during incidents, and run post-mortems with concrete follow-up actions.
• Track uptime and reliability targets; proactively identify reliability and capacity risks before they become outages.
• Maintain and improve the security posture of our application infrastructure: AWS security groups and network ACLs, IAM/role-based access, encryption in transit and at rest, secrets management (e.g., AWS Secrets Manager, Parameter Store, or HashiCorp Vault), and audit logging.
• Implement and maintain controls aligned with HIPAA Security Rule requirements, including access controls, audit trails, integrity controls, transmission security, and backup/disaster recovery.
• Run vulnerability scanning and dependency/container image scanning; coordinate timely remediation of security findings with the development team.
• Maintain configurations and documentation needed to support audits and compliance frameworks (e.g., HIPAA, and SOC 2 / HITRUST as we mature).
• Manage backups, retention policies, encryption keys, and disaster recovery procedures — including periodic restore testing.

Requirements:

• 3–5 years of professional experience in a DevOps, SRE, Cloud Engineering, or Systems Engineering role, including hands-on responsibility for production environments.
• Demonstrated experience supporting the full deployment lifecycle of web-based applications — from build through release, monitoring, and incident response.
• Comfortable being the primary day-to-day owner of application infrastructure in a small team, with senior engineers available as backup.
• Strong Linux administration skills — comfortable on the command line, with services like systemd, networking, file systems, package management, and shell scripting.
• Solid hands-on experience with AWS, including core services such as EC2, VPC, IAM, RDS, S3, Route 53, and ELB/ALB; familiarity with GCP is a plus, as we use it as a secondary cloud.
• Practical experience with Docker — building images, optimizing layers, managing registries, and running containers in production.
• Experience designing and maintaining CI/CD pipelines using tools such as GitHub Actions, GitLab CI, Jenkins, or CircleCI.
• Familiarity with Infrastructure as Code, ideally Terraform; willingness and ability to expand IaC coverage over time even where current state is partially manual is welcome.
• Proficiency with at least one scripting/automation language (Bash, Python, or similar).
• Solid understanding of networking fundamentals: DNS, TLS/SSL, HTTP(S), load balancing, reverse proxies (Nginx/Apache), VPCs, subnets, and firewall/security group rules.
• Working experience administering relational databases in production (MySQL preferred; PostgreSQL, MariaDB, or MS SQL Server also acceptable), including backups, basic replication, and routine performance considerations.
• Experience with monitoring/alerting and centralized logging tools.
• Working understanding of HIPAA Privacy and Security Rule requirements as they apply to application infrastructure: access controls, audit logging, encryption requirements, transmission security, and breach notification considerations.
• Familiarity with secure-by-default infrastructure practices: least-privilege IAM, secrets management, network segmentation, encryption in transit and at rest, and patch management.
• Awareness of common web application and infrastructure security risks (e.g., OWASP Top 10 at a conceptual level, common cloud misconfigurations) and how to mitigate them at the infrastructure layer.
• Experience working in an Agile environment using JIRA (or equivalent) for ticket tracking and project visibility.
• Comfort with Git-based workflows (branching, pull requests, code review).
• Ability to write clear technical documentation, runbooks, and post-mortems.

Preferred Qualifications:

• Prior experience supporting healthcare software platforms (EHR/EMR, RCM, medical billing, practice management, or similar) is a significant plus.
• Familiarity with healthcare interoperability standards and integrations (HL7, FHIR, X12 EDI, clearinghouse connectivity) from an infrastructure perspective.
• Hands-on experience supporting compliance audits for HIPAA, HITRUST, SOC 2, or similar frameworks.
• Experience with HashiCorp tooling (Vault, Consul) or equivalent secrets-management solutions beyond AWS-native options.
• Experience with configuration management tools (Ansible, Chef, Puppet, or SaltStack) for non-containerized workloads.
• Experience tuning and operating PHP application stacks (PHP-FPM, OPcache, Composer, etc.) and/or Node.js and Python application servers.
• AWS certifications such as AWS Certified Solutions Architect (Associate or Professional), SysOps Administrator, or DevOps Engineer Professional. GCP certifications such as Associate Cloud Engineer or Professional Cloud DevOps Engineer are also a plus.
• Security-focused certifications such as CompTIA Security+, AWS Certified Security – Specialty, or HealthCare Information Security and Privacy Practitioner (HCISPP).
• Experience using AI tools (e.g., Claude Code, Cursor) responsibly to accelerate scripting, IaC authoring, troubleshooting, and documentation — we view AI as a force multiplier, not a replacement for sound engineering judgment.
• Bachelor's degree in Computer Science, Engineering, Information Systems, or a related field, or equivalent practical experience.

Details: 

• This position will be a full time remote position
• Health, Dental, Vision Insurance
• Generous 401k plan
• Paid time off and holidays
• Life Insurance
• Education stipend 

(Skilled Wound Care is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, age (40 or older), disability or genetic information).