Opala · 1 month ago
Senior Platform Security Engineer
United States
Full-time
Remote
Senior Level
$163K/yr - $192K/yr
6+ years expOpala develops healthcare products that tackle complex data challenges faced by payers and providers. They are seeking a Senior Platform Security Engineer to secure their cloud infrastructure and implement strong security practices across engineering teams.
Data ManagementHealth CareSoftware
Responsibilities
Monitor and secure our Azure + AWS environments, responding to incidents and remediating vulnerabilities
Design and implement Infrastructure as Code guardrails (Terraform, Bash, Azure CLI, AWS CLI, Jinja, CloudInit)
Embed security checks into CI/CD pipelines (GitHub Actions)
Build and manage secrets management, identity solutions, and key rotation
Partner with squads to ensure product features are secure and compliant by design
Investigate security breaches and document root cause and remediation steps
Integrate logging/monitoring with SOC/MDR vendor to ensure strong detection and response
Perform SAST/DAST testing and strengthen software supply chain security
Develop and implement an immutable infrastructure strategy
Build and execute a red team and blue team strategy to continually test defenses
Research security enhancements and make recommendations to leadership
Stay current on IT and security standards, advising the company on emerging risks
Qualification
Required
Bachelor's degree in computer science or related field (or equivalent experience)
6+ years in platform engineering, DevSecOps, or cloud security roles, with at least 4 in a senior capacity
2+ years mentoring and developing junior team members
Experience with security in both AWS and Azure
Experience with IaC tools and automation (Terraform, Bash, Azure CLI, AWS CLI, Jinja, CloudInit)
Experience with SAST/DAST and securing the software supply chain
Experience with OpenAPI/Swagger JSON specifications and API security
Familiarity with SOC 2 controls and know how to enforce them in cloud systems
Familiarity with HIPAA controls and know how to enforce them in cloud systems
Strong Bash scripting skills for automation
Ability to collaborate closely with developers and product squads while setting security best practices
Preferred
2+ years of vendor management experience
Security certifications (AWS Security Specialty, AZ500, CISSP, etc.)
Experience using or administering compliance automation tools (Drata or similar GRC platforms)
Experience with HITRUST controls and how to enforce them in cloud systems
Exposure to enterprise architecture frameworks such as TOGAF
Experience in regulated industries (healthcare, fintech, etc.)
Experience leading or coordinating red/blue team exercises
Experience with other scripting languages: PowerShell, python
Benefits
Medical, dental, vision, life and AD&D insurance
EAP
Short-term and long-term disability
16 days PTO
8 paid holidays
Fully paid holiday closure
Parental and family medical leave
401k
Stock options
Annual bonuses and salary increases based on merit
Company
Opala
Opala is the data automation partner that makes payer-provider collaboration radically easy.
11-50 employees
H1B Sponsorship
Opala has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1)
2024 (1)
2023 (8)
Funding
Current Stage
Early StageTotal Funding
$7.6M2021-09-27Seed· $7.6M
Leadership Team
Meghan Quint
SVP Product and Customer Success
Recent News
Company data provided by crunchbase