Senior IT & Compliance Engineer

Senior IT & Compliance Engineer Sunflare LLC Orlando, FL 32819 $95,000

• $120,000 a year
• Full-time $95,000
• $120,000 a year
• Full-time Multi-Cloud (AWS + GCP)
• Healthcare Compliance
• IT Consolidation & Identity Oncologic AI , a division of Sunflare , is a clinical-AI company operating across AWS and GCP, with a Microsoft 365 and Google Workspace environment.

We handle Protected Health Information under HIPAA and are working toward SOC 2 Type II. We are hiring a senior, hands-on owner for IT, security, and compliance across the whole estate — someone who can run a rigorous compliance program, administer and harden our cloud and IT infrastructure, and lead the consolidation of duplicated systems into one well-governed environment. You will also own secure connectivity and the customer single sign-on experience for our platform. What you will own Security & compliance. Run the recurring security and compliance program across AWS and GCP — posture review, encryption and key management, vulnerability and patch management, and endpoint hardening — driving remediation to closure and producing audit-ready evidence. Cloud & IT infrastructure. Operate and harden core infrastructure (IAM, VPCs and network controls, secrets); codify guardrails as code (Terraform); and own backup and disaster-recovery testing with validated

RPO/RTO. IT

consolidation. Lead the merge of duplicated collaboration and productivity systems — Jira, Slack, and email across Microsoft 365 and Google Workspace — onto single platforms, with clean migration, identity and license unification, and decommissioning of retired tooling. Networking. Design and operate secure connectivity within and between clouds — VPN tunnels, peering, routing, DNS, and firewall policy — including links to partner, lab, and clinical-integration endpoints under our zero-trust model. Identity & single sign-on. Build and run the customer identity layer (GCIP) and enterprise SSO (SAML / OIDC) with SCIM provisioning, keeping workforce and customer identity planes cleanly separated. Audit, risk & governance. Drive SOC 2 Type II readiness and HIPAA audit support; maintain the risk register, BIA/BCP, third-party and BAA reviews, and the privacy program; and respond to customer security questionnaires. What we are looking for Multi-cloud depth: 7+ years across IT, cloud infrastructure, and security, with hands-on experience in both AWS and GCP.

Workplace administration:

Strong administration of Microsoft 365 / Entra ID and Google Workspace — identity, directory, group, and license management.

IT consolidation:

Proven experience merging or migrating duplicated systems (Jira / Slack / email tenants, domain and identity unification, or post-merger IT integration) with minimal disruption.

Compliance:

Hands-on experience running or supporting SOC 2, HIPAA, HITRUST, or NIST-based programs, including evidence collection and audit support. Networking & identity: Solid VPN, routing, firewall, and DNS fundamentals; plus SSO (SAML / OIDC), SCIM, and identity federation.

Automation:

Infrastructure as code (Terraform) and scripting (Python / Bash). Nice to have Healthcare / health-tech experience handling PHI or other regulated data. Post-merger or multi-entity IT integration experience at a startup or scale-up. Certifications such as Google Professional Cloud Security Engineer, AWS Security Specialty, CISSP, CISA, or HCISPP.

Pay:

$95,000.00

• $120,000.

00 per year

Work Location:

In person