DevOps Engineer

Skilled Wound Care is seeking a hands-on DevOps Engineer to lead the deployment, operation, and security of our healthcare software platforms. This includes our Electronic Health Record (EHR) system and our comprehensive Revenue Cycle Management (RCM) and billing platform. As the first dedicated DevOps role, you will be the primary owner of how our applications are built, shipped, run, monitored, and secured in production, formalizing and scaling this critical function.

You will manage the full scope of our application infrastructure daily, with Lead Software Developers providing backup for production emergencies and after-hours coverage. This position focuses exclusively on software product infrastructure, encompassing servers, cloud resources, containers, pipelines, and tooling. It does not involve general corporate IT systems.

Given that our platforms handle Protected Health Information (PHI), security and compliance are paramount. You will collaborate closely with the development team to ensure all deployments are reliable, performant, and compliant with HIPAA and our security program.

On-Call: This role includes participation in a primary on-call rotation for production incidents affecting our healthcare platforms. Lead Software Developers will provide secondary/backup coverage. We prioritize reasonable on-call burden through robust monitoring, automation, and clear runbooks.

Responsibilities

• Own the deployment, configuration, and lifecycle management of application servers and cloud infrastructure across development, staging, and production environments.
• Provision and manage AWS resources (EC2, VPC, RDS, S3, IAM, Route 53, ELB/ALB, CloudFront, ACM, etc.) to support the application stack; GCP exposure is a plus.
• Build, maintain, and harden Docker images and container deployments.
• Utilize Infrastructure as Code (Terraform preferred) to define and version-control cloud resources, progressively reducing manual configuration.
• Maintain Linux servers, including installation, patching, hardening, and tuning for performance, reliability, and security.
• Coordinate with the development team for updates to application runtimes, frameworks, and system-level dependencies (e.g., PHP, Node.js, Python, Nginx/Apache, MySQL, OS packages).
• Build and maintain CI/CD pipelines (e.g., GitHub Actions, GitLab CI, Jenkins, or CircleCI) for automated build, test, and deployment.
• Implement safe, repeatable release processes, including environment promotion, automated test gates, and reliable rollback procedures.
• Provide tooling and documentation to facilitate faster, secure, and compliant developer shipments.
• Implement and maintain monitoring, alerting, and observability tooling (e.g., CloudWatch, Datadog, New Relic, Prometheus/Grafana) across the application stack.
• Set up centralized logging and audit trails appropriate for a HIPAA-regulated environment.
• Participate in a primary on-call rotation for production incidents.
• Investigate and resolve production issues, communicate with stakeholders, and conduct post-mortems with follow-up actions.
• Track uptime and reliability targets; proactively identify reliability and capacity risks.
• Maintain and enhance the security posture of application infrastructure: AWS security groups, network ACLs, IAM/role-based access, encryption in transit and at rest, secrets management (e.g., AWS Secrets Manager, Parameter Store, or HashiCorp Vault), and audit logging.
• Implement and maintain controls aligned with HIPAA Security Rule requirements, including access controls, audit trails, integrity controls, transmission security, and backup/disaster recovery.
• Run vulnerability scanning and dependency/container image scanning; coordinate timely remediation of security findings.
• Maintain configurations and documentation for audits and compliance frameworks (e.g., HIPAA, SOC 2 / HITRUST).
• Manage backups, retention policies, encryption keys, and disaster recovery procedures, including periodic restore testing.

Requirements

• 3–5 years of professional experience in a DevOps, SRE, Cloud Engineering, or Systems Engineering role, with hands-on responsibility for production environments.
• Demonstrated experience supporting the full deployment lifecycle of web-based applications.
• Comfortable as the primary day-to-day owner of application infrastructure in a small team.
• Strong Linux administration skills (command line, systemd, networking, file systems, package management, shell scripting).
• Solid hands-on experience with AWS, including EC2, VPC, IAM, RDS, S3, Route 53, and ELB/ALB; familiarity with GCP is a plus.
• Practical experience with Docker (building images, optimizing layers, managing registries, running containers in production).
• Experience designing and maintaining CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, or CircleCI).
• Familiarity with Infrastructure as Code, ideally Terraform; willingness to expand IaC coverage.
• Proficiency with at least one scripting/automation language (Bash, Python, or similar).
• Solid understanding of networking fundamentals: DNS, TLS/SSL, HTTP(S), load balancing, reverse proxies (Nginx/Apache), VPCs, subnets, and firewall/security group rules.
• Working experience administering relational databases in production (MySQL preferred; PostgreSQL, MariaDB, or MS SQL Server also acceptable), including backups, basic replication, and performance considerations.
• Experience with monitoring/alerting and centralized logging tools.
• Working understanding of HIPAA Privacy and Security Rule requirements as they apply to application infrastructure.
• Familiarity with secure-by-default infrastructure practices: least-privilege IAM, secrets management, network segmentation, encryption, and patch management.
• Awareness of common web application and infrastructure security risks (e.g., OWASP Top 10) and mitigation strategies.
• Experience working in an Agile environment using JIRA (or equivalent).
• Comfort with Git-based workflows (branching, pull requests, code review).
• Ability to write clear technical documentation, runbooks, and post-mortems.

Preferred Qualifications

• Prior experience supporting healthcare software platforms (EHR/EMR, RCM, medical billing, practice management).
• Familiarity with healthcare interoperability standards and integrations (HL7, FHIR, X12 EDI, clearinghouse connectivity).
• Hands-on experience supporting compliance audits for HIPAA, HITRUST, SOC 2, or similar frameworks.
• Experience with HashiCorp tooling (Vault, Consul) or equivalent secrets-management solutions.
• Experience with configuration management tools (Ansible, Chef, Puppet, or SaltStack).
• Experience tuning and operating PHP application stacks (PHP-FPM, OPcache, Composer, etc.) and/or Node.js and Python application servers.
• AWS certifications (Solutions Architect, SysOps Administrator, DevOps Engineer Professional) or GCP certifications (Associate Cloud Engineer, Professional Cloud DevOps Engineer).
• Security-focused certifications (CompTIA Security+, AWS Certified Security – Specialty, HCISPP).
• Experience using AI tools (e.g., Claude Code, Cursor) responsibly to accelerate scripting, IaC authoring, troubleshooting, and documentation.
• Bachelor's degree in Computer Science, Engineering, Information Systems, or a related field, or equivalent practical experience.

Details

• This position will be a full-time remote position.
• Health, Dental, Vision Insurance
• Generous 401k plan
• Paid time off and holidays
• Life Insurance
• Education stipend

Skilled Wound Care is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, age (40 or older), disability or genetic information.