Senior Infrastructure & Automation Engineer

Heartflow is a medical technology company advancing the diagnosis and management of coronary artery disease, the #1 cause of death worldwide, using cutting-edge technology. The flagship product-an AI-driven, non-invasive cardiac test supported by the ACC/AHA Chest Pain Guidelines called the Heartflow FFRCT Analysis-provides a color-coded, 3D model of a patient's coronary arteries indicating the impact blockages have on blood flow to the heart.

Heartflow is the first AI-driven non-invasive integrated heart care solution across the CCTA pathway that helps clinicians identify stenoses in the coronary arteries (Road Map Analysis ), assess coronary blood flow (FFRCT Analysis), and characterize and quantify coronary atherosclerosis (Plaque Analysis). Our pipeline of products is growing and so is our team; join us in helping to revolutionize precision heartcare.

Heartflow is a publicly traded company (HTFL) that has received international recognition for exceptional strides in healthcare innovation, is supported by medical societies around the world, cleared for use in the US, UK, Europe, Japan and Canada, and has been used for more than 500,000 patients worldwide.

We are seeking a highly motivated and technically deep Staff Infrastructure & Automation Engineer to focus on automating, scaling, and securing our core hybrid cloud, on-premise, and endpoint infrastructure. This role is crucial for developing and maintaining our Infrastructure as Code (IaC) pipelines, evolving our private cloud, and ensuring the stability and performance of our foundational systems.

The ideal candidate has a strong engineering mindset and a proven track record of using scripting and automation tools to eliminate manual toil and drive infrastructure modernization.

Key Responsibilities

Hybrid Cloud &

Infrastructure:

* Lead the management and evolution of our Private or Hybrid Cloud infrastructure (e.g., VMware, Nutanix), focusing on stability, performance, and automation.

* Provide expertise in one or more major public cloud platforms:
Azure, AWS, or GCP.

* Manage and optimize DNS for both internal and external resources, utilizing platforms such as Windows DNS and Route 53.

* Experience securing and maintaining our file share infrastructure (Nutanix) and cloud file share services (Gdrive, Onedrive, etc.)

Automation, IaC, & Endpoints:

* Design, implement, and maintain automation solutions across the entire infrastructure lifecycle, including Windows 11-based medical desktop devices.

* Develop and manage IaC using tools like Ansible, Terraform, or Pulumi.

* Write and maintain complex scripts using Power Shell, Bash, and Python to automate provisioning, configuration management, and patching.

* Experience utilizing modern configuration/automation and deployment tools such as Intune, Automox, SCCM, PDQ Deploy & Inventory, or similar platforms.

Security & Compliance:

* Implement and enforce security hardening standards across the environment (e.g., CIS Benchmarks), including robust patch automation.

* Operate within a regulated environment, strictly adhering to change management processes and documentation standards.

* Familiarity with building and managing Linux systems (CentOS, RHEL, Rocky).

Foundational Knowledge:

* Provide foundational Network knowledge (DHCP, Radius, vLANs, whitelisting, vNets, ACLs, etc.) to inform infrastructure and security decisions (a strong plus).

* Knowledge of disaster recovery solutions (e.g., Rubrik, Barracuda, or Code
42) is a plus.

Required Qualifications

* 8+ years of progressive, hands-on experience in IT Infrastructure, Automation, and Dev Ops-like roles.

* Expert proficiency in using Power Shell, Python, and/or Bash to automate complex tasks.

* Proven hands-on experience developing and maintaining Infrastructure as Code (IaC) with tools like Terraform or Ansible.

* Deep expertise in managing Hybrid Cloud infrastructure (e.g., VMware, Nutanix).

* Demonstrable understanding of how automation and core infrastructure directly supports large, integrated SaaS application portfolios and federated identity platforms (e.g., Okta/Azure AD).

* Exceptional clear communication and collaboration skills, with a proven ability…