
Location	Hamburg, Germany (Hybrid)
Employment Type	Full-Time
Reports To	CTO
Start Date	As soon as possible

About IDM

IDM gGmbH is a nonprofit health-tech company building AI-powered products that physicians use every day. Our technology is deployed at the University Medical Center Hamburg-Eppendorf (UKE) and additional hospital networks across Germany.

We develop two core products: ARGO, a clinical workplace that unifies the fragmented IT landscape in hospitals, and ORPHEUS, an AI platform for medical documentation and Clinical NLP. As an agile startup, we move fast, ship often, and give our team real ownership over their domain.

The Role

As our IT Platform Engineer, you will own and evolve the internal platform that our engineering and product teams rely on every day. From identity management and access controls to developer tooling and compliance infrastructure — you ensure that everything runs securely, reliably, and efficiently.

This is not a passive admin role. You will actively shape how we work by improving automation, tightening security, and building the foundation for our growing compliance requirements (C5, ISO 27001, ISO 13485). You are the person who makes everyone else more productive.

What You Will Do

Identity & Access Management: Administer and evolve our Microsoft Entra ID environment — SSO, Conditional Access, MFA, user lifecycle (onboarding/offboarding), and license management.
Platform & Tooling Administration: Manage and configure our core collaboration and development platforms: Jira, Confluence, GitHub, GitLab, and Microsoft 365.
Security & Compliance: Implement and document access controls, RBAC policies, and audit trails to support our C5, ISO 27001, and ISO 13485 certification processes.
Automation: Automate repetitive processes — user provisioning, license assignments, policy enforcement — through scripting and Infrastructure as Code.
Monitoring & Reliability: Ensure platform availability, set up alerting, and proactively resolve issues before they impact the team.
Internal Support: Act as the go-to person for IT questions, tooling issues, and platform requests across the company.
Vendor & License Management: Manage relationships with SaaS vendors, track licenses, and optimize costs.

What We Are Looking For

Must Have

3+ years of experience in IT administration, systems engineering, or platform engineering
Strong experience with Microsoft Entra ID / Azure AD (SSO, Conditional Access, user management)
Hands-on experience administering Atlassian products (Jira, Confluence) and Git-based platforms (GitHub and/or GitLab)
Solid understanding of Identity & Access Management concepts (RBAC, SAML, OIDC, SCIM)
Experience with Microsoft 365 administration
Structured, documentation-oriented working style — you write things down without being asked
German language skills (B2+) — required for collaboration with clinical partners and compliance documentation
Comfortable working independently and taking ownership of your domain

Strong Plus

Experience with scripting and automation (PowerShell, Bash, Terraform, Ansible)
Familiarity with regulated environments (healthcare, ISO 27001, BSI Grundschutz, C5)
Knowledge of MDM / endpoint management solutions
Experience with monitoring and logging tools (Grafana, Prometheus, Azure Monitor)
Understanding of network fundamentals (DNS, VPN, firewalls)
Interest in healthcare technology and the challenges of clinical IT environments

What We Offer

Build the platform backbone for a company that directly improves patient care
Full ownership of your domain — you define how our internal IT works
A small, collaborative team where your decisions have immediate impact
Hybrid work model with office in Hamburg-Eppendorf (right next to UKE and Eppendorfer Park)
Flexible working hours and a low-hierarchy culture
The opportunity to grow into an IT Security / Compliance lead role as we scale
Professional development budget and conference attendance
And yes — a Nintendo Switch with Mario Kart for breaks

IT Platform Engineer