Role Description We are looking for a Senior Platform and Security Engineer to own the Azure infrastructure, IT operations, and technical implementation of security controls that underpin our Claims Intelligence Platform. This is a hands-on individual contributor role with a potential path toward team leadership as the company grows. You will work closely with the engineering team on platform changes and directly with leadership on SOC 2 Type 2 and HIPAA audit preparation. Essential Duties and Responsibilities - Azure Platform Ownership - Own infrastructure for all Azure resources across development, UAT, and production environments. - Manage and evolve Azure DevOps pipelines for build, test, and deployment. - Operate Azure Container Apps, App Service, Service Bus, Azure Database for PostgreSQL Flexible Server, Blob Storage, and supporting services. - Maintain Azure Key Vault including secrets rotation and enforcement of least-privilege access. - Configure and tune Application Insights and Log Analytics, including PHI-safe logging pipelines that prevent sensitive data from appearing in telemetry. - Security Controls and Compliance - Implement and maintain technical controls in support of SOC 2 Type 2 and HIPAA compliance programs. - Administer Entra ID including conditional access policies, MFA enforcement, group lifecycle management, and identity governance. - Partner with leadership on audit preparation, evidence collection, and control documentation. - Contribute to incident response readiness, including tabletop exercises and runbook development. - Manage logging and alerting functions through Microsoft Purview and Microsoft Sentinel, including alert tuning, analytics rules, and data connector configuration. - Maintain and improve the organization’s security posture through vulnerability management, access reviews, and security monitoring. - IT Operations - Own Office 365 administration, SharePoint configuration, and SaaS tool management for the organization. - Serve as the internal technical authority on endpoint security, device management, and employee access provisioning. - Evaluate and onboard new tooling as the company scales, with a bias toward security and operational simplicity. Technical Environment - Infrastructure: Azure Container Apps, Azure App Service, Azure Service Bus, Azure Database for PostgreSQL Flexible Server, Azure Blob Storage - Security and Identity: Azure Key Vault, Microsoft Entra ID, Microsoft Defender, Azure Policy - Observability and Security Operations: Application Insights, Log Analytics Workspaces, Microsoft Sentinel, Microsoft Purview - CI/CD: Azure DevOps pipelines - Productivity: Microsoft 365, SharePoint, Teams - Compliance targets: SOC 2 Type 2, HIPAA Qualifications - 7–10 years in cloud platform engineering, DevOps, or infrastructure security. - Hands-on production Azure experience across the full service lifecycle, not just resource provisioning. - Practical experience implementing technical controls for HIPAA and SOC 2 Type 2. - Fluent in Entra ID: conditional access, MFA, role assignments, and identity governance. - Applies appropriate safeguards for protected health information, including PHI-safe logging pipelines, data isolation, and least-privilege access controls. - Comfortable owning IT operations end-to-end: M365, SaaS administration, and employee access management included. - Brings a point of view. This role requires someone who assesses the environment, identifies gaps, and recommends a path forward. - Energized by doing the work. This is a hands-on role with full ownership of the platform and security posture. - Healthcare or regulated industry background is a genuine advantage. - Comfortable incorporating AI-assisted tools and workflows into day-to-day work to improve speed and quality.

• Support the infrastructure and platform layer of a modern AI-driven application • Collaborate with U.S.-based teams on high-impact data systems in production • Work independently on production data pipelines and troubleshoot live systems • Take ownership in a small team environment with a focus on data quality and modeling

• Build and run the internal platform that runs AI agents alongside human engineers • Shape how AI tooling evolves within the company • Decide the architecture, ship infrastructure as code, and own runbooks • Scope, build, and ship internal tools, dashboards, AI agents, and workflow automations • Partner with department leads to identify AI needs and design workflows • Manage identity, endpoint management, and access reviews to keep the team productive • Translate stakeholder problems into technical specifications

Role Description This is a greenfield platform function for Creative Chaos and its subsidiaries. You will build and run the internal platform (infrastructure, internal tools, IT operations, and the people who maintain them) that runs AI agents alongside human engineers as a deliberate operating model. You are also the architect and manager of every AI workflow, tool, and agent the ventures inside the group rely on day to day. Not a company that’s planning to “explore AI next year.” A group where AI tooling is already in the workflow, and you will shape how it evolves. Responsibilities - Infrastructure: Proxmox clusters, AWS workloads, self-hosted services (SSO, wikis, observability, internal apps). You decide the architecture, you ship the IaC, you own the runbooks. - Internal apps and agents: When a venture needs an internal tool, dashboard, AI agent, or workflow automation, your team scopes it, builds it, and ships it. You write code on this team, not just review it. - AI workflows across the group: Every venture has its own AI needs. You partner with the lead of each, scope what they need, design the workflow, and ship it. You are the person every department head comes to when they want AI in their work. - IT operations: Identity, endpoint management, access reviews, the unglamorous reliability work that keeps 150 people productive. - The translation layer: Stakeholders bring you problems in plain English. You turn them into technical specs your team can ship. - You’ll lead three direct reports today: one each for IT, infrastructure, and tools/apps. The team grows from there based on what the ventures need. How you’ll work - The operating model is AI-native. You will work alongside an AI DevOps agent that maintains runbooks, proposes architecture, and reviews infrastructure changes. - Claude or Cursor are daily tools for you and your team, the same way an IDE is. - Infrastructure is code by default. Documentation is written as work happens, not after. - If the idea of pairing with an AI agent on architecture review is interesting rather than uncomfortable, you’ll fit the room. Qualifications - 5-10 years of experience. Where you started as a developer, moved into DevOps or platform engineering, and never stopped writing code. You’ve been doing this long enough to have opinions about what works. - You’ve managed small teams (2-5 people) and were good at it, but the management didn’t pull you out of the work. - You have excellent organizational discipline. Drift is your enemy. SOPs, runbooks, and documentation stay current because you keep them current, not because someone reminds you. - You communicate clearly across functions. You can sit with the head of sales, the head of finance, or the head of operations, listen past the stated problem to the real one, and walk out with a working spec. - You already use AI coding tools in your daily work, not because someone told you to, but because you tried them and they made you better. - You’re comfortable owning ambiguity. Nobody hands you a roadmap. You build it. Requirements - You’re not a fit if: - You haven’t shipped code in years and prefer it that way. - You’re a deep specialist (pure SRE, pure observability, pure security) who wants to go deeper into one layer. - You need a fully scoped backlog before you can start. - You let documentation rot. You think SOPs are someone else’s job. - AI in your daily workflow feels like noise rather than amplification.