Logo for Opala

Senior Platform Security Engineer

Role overview

Qualifications

  • 6+ years in platform engineering, DevSecOps, or cloud security roles, with at least 4 in a senior capacity
  • Experience with security in AWS and Azure
  • Experience with IaC tools and automation (Terraform, Bash, Azure CLI, AWS CLI, Jinja, CloudInit)
  • Experience with SAST/DAST and securing the software supply chain

Responsibilities

  • Monitor and secure Azure + AWS environments, responding to incidents and remediating vulnerabilities
  • Design and implement Infrastructure as Code guardrails (Terraform, Bash, Azure CLI, AWS CLI, Jinja, CloudInit)
  • Embed security checks into CI/CD pipelines (GitHub Actions)
  • Build and manage secrets management, identity solutions, and key rotation

About the company

Opala logo

Opala

Digital Health & Health Tech

Opala is a data automation partner that makes payer-provider collaboration easier. We collect, standardize, and consolidate healthcare data to build a complete picture of patient health. Our vision is to be the most trusted source of patient insights, radically improving healthcare. We’re Hiring! www.opala.com/careers We're looking for passionate industry professionals to join Opala. If you want to directly impact healthcare through data and technology, we'd love to hear from you. We are a hybrid and remote-friendly company for most positions. Please see individual job listings for requirements. Our headquarters are in downtown Seattle, offering amazing views of the Puget Sound, Mt Rainier, and the Olympics. We're conveniently located next to major transit lines and a quick walk to Pike Place Market and the Seattle Art Museum. Complimentary perks include onsite bike storage, a beautiful gym, a fully-outfitted game room, and more.

Company details

Company typeStartup
IndustryDigital Health & Health Tech
Company size11 - 50

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

Opala develops healthcare products that tackle the most complex data challenges faced by payers and providers. As a startup originating from a major healthcare plan in the Northwest, we combine deep health-tech expertise with top-tier data and software engineering talent to create products that our customers find meaningful and valuable. These data products empower payers and their partners to find timely insights and take action to intervene in areas like value-based care analytics, interoperability compliance, and real-time streaming of clinical data.

In this remote position, we're seeking an experienced Senior Platform Security Engineer to join our team.  Here, you will play a critical role in securing our cloud infrastructure and embedding strong security practices across our engineering squads. You’ll bridge platform engineering and security, building paved-road guardrails that make it easy for developers to ship securely in a healthcare data environment. 

You'll also both "lead by doing" (designing and implementing IaC guardrails, CI/CD security checks, and software supply chain protections) AND "lead by influence" (mentoring engineers and partnering with our Security and Compliance team). 

Responsibilities:

  • Monitor and secure our Azure + AWS environments, responding to incidents and remediating vulnerabilities.
  • Design and implement Infrastructure as Code guardrails (Terraform, Bash, Azure CLI, AWS CLI, Jinja, CloudInit).
  • Embed security checks into CI/CD pipelines (GitHub Actions).
  • Build and manage secrets management, identity solutions, and key rotation.
  • Partner with squads to ensure product features are secure and compliant by design.
  • Investigate security breaches and document root cause and remediation steps.
  • Integrate logging/monitoring with SOC/MDR vendor to ensure strong detection and response.
  • Perform SAST/DAST testing and strengthen software supply chain security.
  • Develop and implement an immutable infrastructure strategy.
  • Build and execute a red team and blue team strategy to continually test defenses.
  • Research security enhancements and make recommendations to leadership.
  • Stay current on IT and security standards, advising the company on emerging risks.

Minimum Qualifications:
  • Bachelor’s degree in computer science or related field (or equivalent experience).
  • 6+ years in platform engineering, DevSecOps, or cloud security roles, with at least 4 in a senior capacity.
  • 2+ years mentoring and developing junior team members.
  • Experience with security in both AWS and Azure.
  • Experience with IaC tools and automation (Terraform, Bash, Azure CLI, AWS CLI, Jinja, CloudInit).
  • Experience with SAST/DAST and securing the software supply chain.
  • Experience with OpenAPI/Swagger JSON specifications and API security.
  • Familiarity with SOC 2 controls and know how to enforce them in cloud systems.
  • Familiarity with HIPAA controls and know how to enforce them in cloud systems.
  • Strong Bash scripting skills for automation.
  • Ability to collaborate closely with developers and product squads while setting security best practices.

Preferred Qualifications:
  • 2+ years of vendor management experience.Security certifications (AWS Security Specialty, AZ500, CISSP, etc.).
  • Experience using or administering compliance automation tools (Drata or similar GRC platforms).
  • Experience with HITRUST controls and how to enforce them in cloud systems.
  • Exposure to enterprise architecture frameworks such as TOGAF.
  • Experience in regulated industries (healthcare, fintech, etc.).
  • Experience leading or coordinating red/blue team exercises.
  • Experience with other scripting languages: PowerShell, python

Benefits:
  • The Seattle base salary range for this full-time position is $163k-$192k. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.  
  • Benefits include medical, dental, vision, life and AD&D insurance, EAP, short-term and long-term disability, 16 days PTO, 8 paid holidays, fully paid holiday closure, parental and family medical leave, 401k, stock options and annual bonuses and salary increases based on merit.

Diversity and Inclusivity Statement:
  • At Opala, we believe that diversity and inclusivity are critical to our success. We encourage and value diverse perspectives and experiences, and we believe that they are essential for driving innovation and creating products that meet the needs of our diverse customer base.β€― 


Opala is an equal opportunity employer and makes employment decisions on the basis of merit.  We are committed to providing a workplace free from harassment and discrimination. We celebrate the unique differences of our employees because that is what drives curiosity, innovation, and the success of our business. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, veteran status, disability status, pregnancy, parental status, genetic information, political affiliation, or any other status protected by the laws or regulations in the locations where we operate. Accommodations are available for applicants with disabilities.

 

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
Β·

Security Engineer Related jobs

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.