About ChamberCardiovascular disease remains the leading cause of death in America. At Chamber, we’re rebuilding the system for cardiology, creating a world where outcomes, not volume, define success. We partner with independent cardiologists to help them lead population health efforts in their communities, equipping them with technology, data, and operational tools that turn complex insights into better care for every patient.Our model blends clinical expertise, thoughtful design, and a modern operating platform that supports physicians, patients, and payers alike. We believe innovation and empathy go hand in hand, and that by combining cutting-edge AI tools with a relentless focus on human care, we can transform heart health at scale.About the Role:Chamber is hiring its first IT & Security Engineer — a foundational hire who will report directly to the Head of Security and IT. You're not walking into an established playbook; you're helping write it. From endpoint management to security operations, you'll build and own the infrastructure that keeps Chamber's team secure and running as we scale across the cardiology value-based care space.This role sits at the intersection of IT administration and security operations. You'll need to be equally comfortable provisioning a MacBook and triaging a security alert — and know when each one needs your full attention.Key Responsibilities:IT Administration & Endpoint ManagementProvision, configure, and maintain Apple (macOS/iOS) and Windows 11 endpoints using MDM solutions (Intune, NinjaOne, Apple Business or equivalent).Manage the full device lifecycle: imaging, enrollment, patching, retirement, and asset tracking.Administer Okta IdP & Microsoft 365 (Exchange Online, SharePoint, Teams, OneDrive, Azure AD) including user provisioning, licensing, and policy enforcement.Maintain identity and access controls — enforce MFA, Conditional Access policies, and least-privilege principles across all platforms.Own the Keeper Password Manager environment: administer vaults, shared folders, role-based permissions, and enforce enterprise password policies.Serve as Tier 2/3 helpdesk escalation for macOS and Windows issues; build self-service documentation to reduce repeat tickets.Compliance & PolicyContribute to SOC 2, HIPAA, and internal audit readiness by maintaining accurate records of access, configurations, and security controls.Develop and maintain IT policies, acceptable use agreements, and onboarding/offboarding checklists.Conduct periodic access reviews and user entitlement audits across M365, AWS, Keeper, and SaaS applications.Support security awareness training initiatives and phishing simulation programs.Security Operations & MonitoringMonitor and triage security alerts in Datadog (logs, APM, infrastructure metrics) and Sophos Central (endpoint protection, firewall, XDR).Investigate and respond to endpoint threats, phishing attempts, and anomalous behavior; document incidents and escalate appropriately.Tune Sophos policies (web filtering, application control, device encryption, threat intelligence rules) to balance security with productivity.Build and maintain Datadog dashboards and monitors for infrastructure health, authentication events, and security KPIs.Participate in on-call rotation for critical security incidents; conduct post-incident reviews and implement remediations.Support vulnerability management: track CVEs, coordinate patching windows, and validate remediation closure.What You’ll Achieve in Your First 90 Days:Deploy and configure Mobile Device Management across all endpointsEvaluate, select, and implement a Data Loss Prevention solutionStand up a scalable IT support desk — ticketing system, documentation, and initial playbooks