Application Engineer

Remote - US Full Time Mid Level

Published on May 29, 2026

In the U.S. alone, over 30 million patients per year are prescribed care via paper and fax. The ordering process is long, complicated, and yields an 83% error rate. Discharges are delayed, patients are stuck in care facilities, and often readmitted shortly thereafter if they do not receive the life-saving products they need.
The world is transitioning to digital ordering. At Parachute Health, we’re leading the charge with a platform that is 10 times faster than the status quo. We connect with major hospitals, payors, and suppliers of life-saving products. Our vision of a "delightfully simple" digital ordering experience for clinicians pushes us forward to transforming the world of post-acute care.
Founded in New York City, Parachute Health is the leading post-acute software platform with a network of over 3,000 supplier locations and 370,000 clinicians across 60,000 healthcare facilities across all 50 states. We help millions of patients each year access medical equipment, supplies and services they need quickly and reliably.

Parachute Health is transforming post-acute care through the leading digital ordering platform for medical equipment and supplies. We replace the outdated, error-prone paper and fax process, which negatively impacts over 30 million patients annually, with a system that’s 10 times faster. Our platform connects a vast network of Home Medical Equipment (HME) providers, clinicians, and payors across all 50 states, ensuring millions of patients get the life-saving products they need quickly and efficiently. 
 
Join our team and make a difference in patient care.

About the Role

You'll be the software engineer embedded in Parachute Health's IT & Security team, building the internal platforms, automations, and AI-powered workflows that keep our healthcare technology environment secure, compliant, and operationally efficient. 
You'll write code that touches on identity, endpoint, network, cloud security, compliance, evidence collection, and incident response in an environment governed by HITRUST, SOC 1, and SOC 2.

Responsibilities

Internal tooling & automation
  • Design, develop, and maintain internal applications and automations that eliminate manual IT/Security work, including provisioning, access reviews, compliance evidence collection, audit preparation, and ticket triage.
  • Develop and maintain integrations across the security and IT stack, including Okta, Zscaler, Splunk/Wazuh, Lacework, Drata, Datadog, AWS, GCP, GitHub, and n8n.
  • Package, deploy, and operate IT/Security tooling using Parachute's standard deployment patterns and observability stack.
AI & agentic workflows
  • Architect agentic AI workflows for IT and Security operations, including automated alert triage, log correlation, root-cause analysis, guided remediation, access-review automation, and audit evidence collection.
  • Build the context layer (MCP servers, retrieval pipelines, and embeddings) that grounds AI agents in Parachute-specific systems, policies, and runbooks.
  • Drive AI adoption across the IT/Security team through pairing, architecture reviews, and reusable skills/plugins/workflows.
  • Build an MCP-based agent that automates audit evidence collection from multiple sources
  • Replace manual access-review workflows with an agentic pipeline
Security
  • Develop, tune, and maintain SOAR/SIEM detections, dashboards, and correlation rules in Splunk/Wazuh.
  • Support threat hunting, incident investigation, pen test, and/or red teaming, and forensic analysis with custom tooling and queries (Redshift, BigQuery, log platforms)
  • Apply MITRE ATT&CK, NIST CSF, and HITRUST CSF to guide detection engineering and control implementation.
  • Contribute to SOC runbooks, SOPs, and automation playbooks (SOAR).
Security audits & reliability
  • Automate compliance evidence collection and control validation across SOC 2, HITRUST CSF, HITRUST AI, and HIPAA.
  • Participate in an on-call rotation for IT/Security incidents; contribute to post-incident reviews and continuous improvement.
  • Maintain stable, performant, and auditable internal application stacks.

Requirements

  • 2+ years of writing production code in a web-based environment.
  • Professional experience with Ruby on Rails, and/or Python, and/or JavaScript/TypeScript (React, Node.js).
  • Hands-on experience with AWS (IAM, EC2, ECS/EKS, S3, RDS, Lambda) and infrastructure-as-code.
  • Demonstrated experience integrating with REST/GraphQL APIs and building automations across SaaS platforms.
  • Working knowledge of at least one compliance framework - SOC 2, HITRUST, HIPAA, ISO 27001, or NIST.
  • Security-first mindset: you think about least privilege, secrets handling, PHI exposure, and audit trails by default.
  • Strong fundamentals in data structures, design patterns, and TDD.
  • Must reside in the U.S.

Nice to have

  • Experience building agentic AI systems in production - agent architectures, tool integration via MCP, retrieval-augmented generation, evaluation frameworks.
  • Experience setting up AI development environments and driving AI adoption across a technical team.
  • Familiarity with our stack: Okta, ZScaler, Splunk/Wazuh, Lacework, Drata, Datadog, n8n workflows and/or Argo workflows.
  • SIEM detection engineering or SOC tooling experience (Splunk SPL, Wazuh rules, Sigma).
  • Healthcare technology background - exposure to HIPAA, PHI handling, or DME workflows.
  • Security or cloud certifications (CCA-F, CISSP, CCSP, AWS Security Specialty, OSCP).
  • Experience as a technical lead bridging IT, Security, Engineering, and Compliance stakeholders.
  • Proficient in SQL (Redshift, BigQuery) for forensic and operational analytics.
Benefits
  • Medical, Dental, and Vision Coverage: Comprehensive plans with options for low-to-no-cost premiums.
  • Employer HSA Contribution: Company-funded contributions to your Health Savings Account.
  • 401(k) Retirement Plan
  • Equity Incentive Plan
  • Annual Company-Wide Bonus: Opportunity for up to 15% bonus based on company performance.
  • Remote-First Culture: We are remote-first with a dedicated NYC office and reimbursement options for co-working spaces.
  • Flexible Vacation Policy
  • Summer Fridays: 5 additional Fridays off during the summer (separate from PTO).
  • Home Office and Wellness Stipend
  • Monthly Internet Stipend
  • Annual Learning and Development Stipend
 
California job applicants may access the Notice of Collection of Personal Information and Privacy Policy with information and rights required by the California Privacy Rights Act (CPRA) the link here.
We are proud to be an equal opportunity employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth related medical conditions and lactation), gender identity or gender expression (including transgender status), sexual orientation, marital status, military service and veteran status, disability, genetic information, or any other characteristic protected by applicable federal, state, or local laws and ordinances.
This role is not eligible for employer visa sponsorship. Applicants must be legally authorized to work in the United States at the time of application and for the duration of employment. The Company does not sponsor employment authorization for this position, nor will it provide assistance in obtaining temporary work authorization
 
Previous
All Jobs
Next