




Summary: This role involves evaluating, designing, and executing the migration of a HIPAA-compliant infrastructure to a self-hosted server environment, leading the transition to a multi-tenant SaaS model with white-labeling capabilities. Highlights: 1. Lead migration to self-hosted, HIPAA-compliant infrastructure 2. Develop multi-tenant SaaS model with white-labeling 3. Focus on automation, security, and scalability The primary objective of this role is to evaluate, design, and execute the migration of the current **HIPAA\-compliant infrastructure** toward a self\-hosted server environment that maintains the same security standards. The engineer will lead the transition toward a **multi\-tenant SaaS model** with **white\-labeling capabilities**, ensuring that the deployment of the **Laravel API** and **Angular frontend** is automated, scalable, and highly secure. This role is 100% remote but only open to candidates based in Latin America (LATAM). Applications outside this region will not be considered. **Key Responsibilities:** * **Auditing and Diagnosis:** Perform a complete audit of the current architecture (AS\-IS) to identify security risks and bottlenecks. * **Migration Strategy:** Design and implement the target architecture and the rollback plan for the server migration. * **Automation (CI/CD):** Configure pipelines for automated testing and deployment of Laravel and Angular applications. * **White Label Enablement:** Redesign the infrastructure to support multiple tenants with independent branding and total data isolation. * **Security Hardening:** Maintain HIPAA compliance through log centralization, access traceability, and encrypted backups. **Key Requirements** * **Skills and competencies needed:** + **Technical Experience:** Mastery of cloud environments (AWS, GCP, or Azure) and migration strategies with minimum downtime. + **Security:** Deep knowledge of encryption (KMS, SSL/TLS 1\.2\+), secrets management (Vault), and least privilege principles (IAM) under HIPAA standards. + **Databases:** Experience in MySQL/PostgreSQL, including replication, tuning, and data isolation strategies for multiple clients. + **Observability:** Implementation of monitoring stacks (Prometheus/Grafana) and log centralization (ELK/Loki). + **Mindset:** Focus on absolute automation, security by design, and scalability of regulated systems.


