Role Overview
We are seeking a high-level Infrastructure Expert to design, deploy, and manage a secure, scalable cloud ecosystem. You will be responsible for building the backbone of our web hosting services and high-performance Virtual Desktop Infrastructure (VDI). Your primary mission is to ensure 99.99% uptime, automated data redundancy, and seamless client-server communication in a Linux-heavy environment.
Key Responsibilities
- Virtualization Mastery: Design and manage Virtual Machine (VM) clusters using KVM, QEMU, Proxmox, or VMware ESXi.
- Web Hosting Architecture: Set up and optimize high-traffic web environments (Nginx, Apache, LiteSpeed) with automated provisioning (WHMCS/cPanel or open-source alternatives).
- Virtual Desktop Deployment: Build and maintain secure, low-latency Linux/Windows Virtual Desktops for remote client access.
- Data Integrity & Recovery: Architect automated, off-site backup solutions and Disaster Recovery (DR) protocols using tools like Restic, Bacula, or Veeam.
- Network Security: Implement robust firewall rules (IPTables/NFTables), Load Balancers (HAProxy), and secure VPN tunnels for client-server isolation.
- Automation: Use Ansible, Terraform, or SaltStack to automate the deployment of new client environments.
Required Technical Skill Set
- OS: Expert-level mastery of Ubuntu Server, CentOS/AlmaLinux, and Debian.
- Virtualization: Deep experience with Hypervisors and Containerization (Docker/Kubernetes is a plus).
- Storage: Knowledge of distributed storage solutions like Ceph or ZFS for data reliability.
- Networking: Strong understanding of DNS management, SSL/TLS automation, and VLAN/VXLAN for client isolation.
- Monitoring: Experience setting up Prometheus, Grafana, or Zabbix to predict hardware failures before they happen.
The Ideal Candidate Profile
- Psychology: You don't just "fix" things; you build systems that don't break. You understand that in the hosting business, downtime is a loss of reputation.
- Communication: You can explain complex "Hard IT" architecture to "Soft IT" teams and management.
- Experience: 5+ years in Data Center management, Cloud Service Provider (CSP) environments, or high-level Systems Administration.
Specialized Responsibilities
- HIPAA Technical Safeguards: Implement and maintain the "Technical Safeguards" required by HIPAA ($45 \text{ CFR } \S 164.312$), including unique user identification, emergency access procedures, and automatic log-offs.
- Data Encryption at Rest & Transit: Ensure all PHI (Protected Health Information) is encrypted using AES-256 at the storage level and TLS 1.3 during transmission across the client-server architecture.
- Audit Logging & Monitoring: Configure centralized, immutable logging (e.g., ELK Stack or Graylog) to track every access point, modification, or deletion of sensitive data for mandatory 6-year retention.
- Business Associate Agreement (BAA) Alignment: Architect systems that adhere to the specific security requirements outlined in our BAAs with Google Cloud and our Texas healthcare clients.
Advanced Security Requirements
- Identity & Access Management (IAM): Implement Role-Based Access Control (RBAC) and Zero Trust Architecture to ensure the principle of "Least Privilege."
- Vulnerability Management: Perform regular automated vulnerability scans and coordinate with the team for rapid patching of the Linux kernel and web server binaries (CVE monitoring).
- Intrusion Detection: Setup and manage HIDS/NIDS (Host/Network Intrusion Detection Systems) such as Wazuh or OSSEC.
Certifications (Preferred but not Mandatory)
- HCISPP (HealthCare Information Security and Privacy Practitioner)
- CompTIA Security+ or CISSP
- AWS/GCP Certified Security Specialty
Job Type: Full-time
Work Location: In person
