Arcadia · 2 weeks ago
Sr. Director of Security Operations & Engineering
United States
Full-time
Remote
Director/Executive
$180K/yr - $240K/yr
10+ years expArcadia is dedicated to transforming healthcare through data-driven solutions. They are seeking a Senior Director of Security Operations & Engineering to lead the technical security function, ensuring the protection of healthcare data and SaaS platforms while managing incident response and implementing security solutions.
AnalyticsData IntegrationHealth CareInformation ServicesInformation TechnologySoftware
Responsibilities
Lead and develop teams responsible for cloud security engineering, network and infrastructure security, and security operations
Define and execute the security engineering roadmap aligned with Arcadia’s mission and regulatory and compliance obligations (e.g., HIPAA, HITRUST, ISO 27001, SOC 2)
Serve as the senior technical authority for all security controls, tooling, and automation initiatives
Partner with Engineering, IT, and Compliance leadership to embed secure design principles into products and operations
Own and evolve Arcadia’s Computer Security Incident Response Team (CSIRT), ensuring readiness, playbook maturity, and coordination across teams
Represent Security Operations & Engineering in architecture reviews, executive updates, and customer discussions
Design, implement, and maintain security controls across Arcadia’s cloud, infrastructure, and application environments to ensure resilience, scalability, and compliance
Architect secure AWS multi-account environments using services such as EKS, ECS, Lambda, and VPC, applying Zero Trust principles and automating configuration management with Terraform or CloudFormation
Manage network and infrastructure security by maintaining segmentation, VPN, firewall, and endpoint protection controls, along with perimeter defenses including WAF, DDoS mitigation, and intrusion detection systems
Lead the configuration and tuning of detection and response capabilities including SIEM pipelines, threat intelligence integration, and incident response workflows to enable rapid detection, containment, and remediation
Serve as Arcadia’s Cyber Security Incident Response Team (CSIRT) Manager, directing the technical response to potential security incidents and coordinating cross-functional engagement during critical events
Implement security-as-code practices that automate control validation, configuration baselines, and remediation using scripting and orchestration tools such as Python, PowerShell, and Bash
Oversee identity and access management across AWS, Okta/Auth0, and Microsoft 365 environments to enforce least-privilege principles and secure authentication
Translate compliance controls (e.g., SOC 2, ISO 27001, HITRUST) into enforceable technical configurations
Partner with the Security Assurance team to provide audit evidence and continuous control monitoring
Partner with the Security Assurance to conduct and oversee technical risk assessments, vulnerability management, and remediation planning
Ensure technical alignment to healthcare privacy and security requirements (e.g., HIPAA, HITECH)
Evaluate emerging technologies in AI-driven detection, behavioral analytics, and modern DevSecOps tooling
Benchmark security capabilities against industry best practices and high-performing SaaS peers
Foster a culture of continuous improvement, collaboration, and technical excellence within Security Engineering and Operations
Qualification
Required
10+ years in information security, with at least 5 years in technical leadership roles
Proven experience designing and operating secure, cloud-based SaaS infrastructure (AWS required; Azure or GCP a plus)
Cloud security architecture and automation
Incident detection and response
Network engineering and security controls
Vulnerability management and threat modeling
Hands-on technical expertise with scripting/automation (Python, PowerShell, Bash), infrastructure-as-code (Terraform, CloudFormation), and CI/CD integration
Strong familiarity with enterprise IT systems (Active Directory, Okta, MDM, SSO)
Knowledge of regulatory and compliance frameworks including HIPAA, HITRUST, and ISO 27001
Demonstrated experience leading multidisciplinary technical teams in dynamic environments
Preferred
More than one advanced security certifications such as CISSP, CCSP, GIAC (GCTI, GCIA, GCFA, GCSA), or AWS Security Specialty
Experience with container security, Kubernetes, and EDR/MDR solutions
Background in healthcare or other regulated industries
Prior ownership of 24x7 security operations in a SaaS or cloud-native organization
Benefits
Competitive compensation
Comprehensive benefits
Strong career advancement opportunities
Flexible, remote friendly company with personality and heart
Employee driven programs and initiatives for personal and professional development
Company
Arcadia
Arcadia helps providers, payers, and government organizations transform healthcare data into predictive insights that drive better outcomes, increase revenue, and reduce costs.
201-500 employees
H1B Sponsorship
Arcadia has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (4)
2024 (8)
2023 (4)
2022 (5)
2021 (8)
2020 (11)
Funding
Current Stage
Growth StageTotal Funding
$197.5MKey Investors
Vista Credit PartnersCigna Ventures
2025-07-01Acquired
2023-04-13Debt Financing· $125M
2020-01-13Series Unknown· $29.5M
Leadership Team
Anna Basevich
SVP Enterprise Partnerships and Customer Enablement
Aneesh Chopra
Chief Strategy Officer
Recent News
Company data provided by crunchbase