Senior Platform Security Engineer

Senior Platform Security Engineer

Opala develops healthcare products that tackle the most complex data challenges faced by payers and providers. As a startup originating from a major healthcare plan in the Northwest, we combine deep health-tech expertise with top-tier data and software engineering talent to create products that our customers find meaningful and valuable. These data products empower payers and their partners to find timely insights and take action to intervene in areas like value-based care analytics, interoperability compliance, and real-time streaming of clinical data.

We're seeking an experienced Senior Platform Security Engineer to join our team in this remote position. You will play a critical role in securing our cloud infrastructure and embedding strong security practices across our engineering squads. You’ll bridge platform engineering and security, building paved-road guardrails that make it easy for developers to ship securely in a healthcare data environment.

Responsibilities

• Monitor and secure our Azure + AWS environments, responding to incidents and remediating vulnerabilities.
• Design and implement Infrastructure as Code guardrails (Terraform, Bash, Azure CLI, AWS CLI, Jinja, CloudInit).
• Embed security checks into CI/CD pipelines (GitHub Actions).
• Build and manage secrets management, identity solutions, and key rotation.
• Partner with squads to ensure product features are secure and compliant by design.
• Investigate security breaches and document root cause and remediation steps.
• Integrate logging/monitoring with SOC/MDR vendor to ensure strong detection and response.
• Perform SAST/DAST testing and strengthen software supply chain security.
• Develop and implement an immutable infrastructure strategy.
• Build and execute a red team and blue team strategy to continually test defenses.
• Research security enhancements and make recommendations to leadership.
• Stay current on IT and security standards, advising the company on emerging risks.

Minimum Qualifications

• Bachelor’s degree in computer science or related field (or equivalent experience).
• 6+ years in platform engineering, DevSecOps, or cloud security roles, with at least 4 in a senior capacity.
• 2+ years mentoring and developing junior team members.
• Experience with security