Senior Platform Security Engineer

Opala develops healthcare products that tackle the most complex data challenges faced by payers and providers. As a startup originating from a major healthcare plan in the Northwest, we combine deep health-tech expertise with top-tier data and software engineering talent to create products that our customers find meaningful and valuable. We're seeking an experienced Senior Platform Security Engineer to join our team to secure our cloud infrastructure and embed strong security practices across our engineering squads.

Requirements

• Monitor and secure our Azure + AWS environments, responding to incidents and remediating vulnerabilities.
• Design and implement Infrastructure as Code guardrails (Terraform, Bash, Azure CLI, AWS CLI, Jinja, CloudInit).
• Embed security checks into CI/CD pipelines (GitHub Actions).
• Build and manage secrets management, identity solutions, and key rotation.
• Partner with squads to ensure product features are secure and compliant by design.
• Investigate security breaches and document root cause and remediation steps.
• Integrate logging/monitoring with SOC/MDR vendor to ensure strong detection and response.
• Perform SAST/DAST testing and strengthen software supply chain security.
• Develop and implement an immutable infrastructure strategy.
• Build and execute a red team and blue team strategy to continually test defenses.
• Research security enhancements and make recommendations to leadership.
• Stay current on IT and security standards, advising the company on emerging risks.

Benefits

• Medical, dental, vision, life and AD&D insurance
• EAP
• Short-term and long-term disability
• 16 days PTO
• 8 paid holidays
• Fully paid holiday closure
• Parental and family medical leave
• 401k
• Stock options
• Annual bonuses and salary increases based on merit