Job Description

Catapult Health is seeking a Director of Information Technology to wear the hat of player / coach responsible for DevOps, IT Infrastructure, and IT Security to join our growing team. The role is heavily focused on the DevOps responsibilities as an individual contributor working alongside our Software Development team to build and deploy best in class solutions. In addition to the DevOps tasks, the Director of Information Technology will have leadership responsibilities for IT Security and IT Infrastructure within the organization.

Education, Experience and Specialized Knowledge

15+ years of Information Technology experience showing solid career progression in the areas of DevOps, IT Infrastructure, and IT Security.
Bachelor’s Degree in Computer Science, Computer Engineering, Electrical Engineering, or relevant experience.

DevOps Specific Experience:

Expertise in Linux environment, exceptional command-line and scripting capabilities with both non-shell (Perl, Python, Ruby, or Javascript) and shell (zsh, bash)
Extensive experience with a DevOps automation tool such as Ansible, Chef, Puppet, Salt. Ansible, highly preferred.
Expertise working in a hybrid on-prem and cloud environment such as AWS, Azure, etc. Extensive hands-on experience with AWS (VPCs, S3, EC2, EFS, RDS, elasticsearch service, Loadbalancers).
Experience configuring NGINX servers
Network and application monitoring using Zabbix or similar tool.
Experience configuring and managing filebeat, logstash, elasticsearch, and kibana for log aggregation, search and archiving.
Hands-on experience with security hardening including conducting and remediating pentests, vulnerabilities, etc.
Knowledge of existing vulnerabilities and best practices required (FTP vs. SFTP, Telnet vs SSH); hardening skills required (deprecating vulnerable ciphers, insecure TLS versions, etc.)
Experience answering security questionnaires from third parties and representing the organizations overall security posture to clients, vendors, and auditors.
Hands-on experience managing a heterogeneous computing environment that includes office and software development.

Information Security / Infrastructure Specific Experience:

Strong compliance and certification program management such as SOC2, NIST, PCI, HITRUST. HIPAA-experience preferred.
Experience managing a Network Operations and Technical Support, experience installing and improving monitoring and alerting posture, managing overall ticket queue, ensuring timeliness and quality of response by the team.
Experience upgrading servers across major releases with minimal impact (e.g., Ubuntu 16 to 18 or 18 to 20; Windows upgrades as well)
Experience managing a multisite Active Directory domain, Group Policy Objects, AD-based DNS, and Hyper-V environment.
Experience managing hosted Exchange and SPAM filtering systems.

Essential Knowledge Skills and Competencies:

DevOps Skills (Individual Contributor)

Build new virtual machines in AWS for deployment in operational, staging, and/or production environments from a base OS (Ubuntu preferred); write playbooks/recipes that enumerate the software, configuration, and access control requirements.
Maintain existing AWS infrastructure which primarily includes patching and upgrading virtual machines, as needed.
Maintain and write new Ansible roles that are used to streamline the build and configuration of VMs in AWS.
Create and update DNS zones through AWS Route 53 and bind configuration files.
Develop and maintain backup strategies in a heterogeneous environment; monitor and test existing backups.
Manage SSL private encryption keys, create CSRs, deploy and rotate keys and certificates.
Troubleshoot at an expert level to resolve issues related to EC2 instances, DNS configurations, load balancing and other AWS infrastructure components.

IT Infrastructure (Player / Coach)

Implement and maintain monitoring of Catapult Health information system, including monitoring of uptime and availability, SSL certificate expirations, and network health monitoring.
Represent Business continuity of the IT infrastructure.
Oversee management of the NOC and Outage Response protocol to coordinate the resources and response to outages; continuously improve the environment to minimize the frequency of and duration of outages.
Oversee the management of the IT environment which includes selecting and procuring network infrastructure equipment, Windows domain controllers, Hypervisors, Wifi Access points, UPS systems, standard desktop equipment, etc.
Oversee the management of the corporate office IT systems including but not limited to AV systems, VOIP system, printing infrastructure, and corporate e-mail.
Select, onboard, and assist in maintaining 3rd Party Software and Services such as Box, JIRA/Confluence, Salesforce, Zendesk.
Oversee the corporate asset management program ensuring that all physical computing assets are properly tagged and tracked.
Oversee Technical Support and NOC Leadership ensuring companywide IT maintenance and support tasks are handed expediently and accurately.

IT Security (Player / Coach)

Lead Catapult Health’s information security program, including maintaining our information security management program through execution of penetration testing, networking vulnerability scans, patch and vulnerability management, and security risk analysis.
Maintain deny-all by default network environment, segregated networks for guest, office, clinical, and information system use; maintain port management procedures (disabled by default, assigned ownership when configured).
Support implementation of IDS/IPS and continuous network activity monitoring; audit and evaluate logs for suspicious or anomalous behavior.
Support auditing of network configurations, AWS security groups, network firewalls, subnet segregation. Ensure networking team maintains quarterly network configuration diagrams and reviews.
Lead and participate in security tabletop exercises, corporate risk analysis and reviews, ownership of IT business continuity protocols.
Serve as main point of contact as IT Security Officer of the organization to outside entities (clients, vendors, auditors) and complete security questionnaires, review and redline security addendums, etc.

Valid through: 3/26/2021