About Capsule

Capsule is a new kind of pharmacy. One that is smarter, friendlier, faster and hand-delivers your medication, same-day, for free. We have a national presence and have raised over $500MM from the best healthcare and technology investors in the world. People succeed in our culture when they are intensely focused on our customers, are energized by accomplishing ambitious goals, and push themselves and their teammates to be their best. If this excites you, we’d love to have you join us.

About the Role

Join Capsule’s IT Engineering leadership team to architect and enforce enterprise‑grade health care security for Protected Health Information (PHI). As our Director of IT, you will lead Device Management, govern networking and Endpoint Security, and Physical Security through the lens of SOC2 and HIPAA and compliance. In this role, you will:

• Drive Customer‑Driven Outcomes and Behaviors: At Capsule, our patients and clinicians are at the center of every decision we make, you will lead our IT organization in cultivating a customer‑centric culture by empowering and supporting our teams, operating and maintaining robust infrastructure controls.

• Strong Networking Experience: Review and manage a resilient network using Cisco Meraki for cloud‑managed switching, routing, and wireless; configure and tune enterprise firewalls and intrusion prevention; and maintain physical infrastructure to keep our pharmacy platform fast, secure, and always available.

• Lead Endpoint Management: Operate and secure our entire device fleet—provisioning and securing iOS devices and MacBooks with Jamf and Crowdstrike such as controlling admin rights, configuration profiles, and OS images. Additionally, managing cloud desktops via AWS WorkSpaces; and overseeing mobile phone lifecycle, patching, and remote wipe capabilities—to ensure every team member has a secure, compliant, and high‑performing devices.

• Security Centric: Provide vision and leadership for IT related security posture—defining policies, overseeing audits, and driving continuous control monitoring.

• Physical IT Infrastructure: Refine Architecture and manage cloud‑managed networking (Meraki), firewalls, and endpoint platforms (iOS, macOS, Linux), ensuring robust identity and access controls. Oversee physical access systems which span our facilities New York to Los Angeles and integrate these controls into our SIEM for unified risk management.

• Build and Mentor - Build People Up -Foster a culture of IT security awareness through training, secure‑code practices, and risk‑based prioritization of initiatives.

• Automate for the Future - Adopt AI when it improves velocity, improves customer experience, or provides competitive advantage. Great candidates should be adept at prioritizing and implementing new technologies where they demonstrably increase operational velocity, enhance customer satisfaction and establish a competitive moat. Success in this area would be characterized by a rare mix of technical expertise, strategic thinking and organizational alignment.

• Comfortable with Startup Culture - Comfortable with hands-on startup culture by diving deep into technical architectures, code, infrastructure and operational processes. A qualified candidate demonstrates a rare mix of both setting priority vision, while capable of executing POCs and implementing technical contributions.
  

Requirements

• Bachelor's degree in IT, Security, Computer Science, or related field

• 10+ years of technical leadership experience in SaaS/Cloud companies

• Deep understanding of HIPAA compliance requirements and Protected Health Information (PHI) handling protocols

• SOC2 Type II audit experience, including control design, implementation, and continuous monitoring

• Expert-level knowledge of enterprise networking technologies, specifically Cisco Meraki cloud-managed infrastructure including switching, wireless access points, and security appliances

• Hands-on experience with enterprise firewalls, intrusion prevention systems, network security architecture, firewall management, and centralized policy management

• Proficiency in endpoint security platforms, particularly Jamf for macOS/iOS management and CrowdStrike for threat detection

• Extensive experience managing enterprise device fleets including software inventory assessment, application deployment, and security configuration management across iOS, macOS, Windows, and Linux endpoints

• Experience with physical security systems integration and facility access control management

• Experience with cloud infrastructure management, AWS WorkSpaces, and hybrid cloud environments

• Strong background in identity and access management (IAM), privileged access management (PAM), and zero-trust security models

• Understanding of SIEM platforms and security monitoring tools for unified risk management

• Experience automating IT operations and security tasks using PowerShell, Python, Bash, or other scripting languages.

• Customer-centric mindset with focus on supporting end-user experience and business outcomes
  

Benefits

• Competitive salary and equity

• Health, Dental, and Vision Insurance

• Health and Commuter FSAs

• Flexible vacation policy