Key skills
AzureAWSTerraformBash scriptingAzure CLIAWS CLIJinjaCloudInitCI/CD pipelinesGitHub ActionsSecrets managementIdentity solutionsKey rotationSASTDASTSoftware supply chain securityOpenAPISwagger JSON specificationsAPI securitySOC 2 controlsHIPAA controlsPythonBashPowerShellSwaggerGitHubCI/CDLeadershipMentoringCloud Security
About this role
Opala is a healthcare startup that develops products to tackle complex data challenges faced by payers and providers. They are seeking an experienced Senior Platform Security Engineer to secure their cloud infrastructure and implement strong security practices across engineering teams, while also mentoring engineers and collaborating with the Security and Compliance team.
Responsibilities:
- Monitor and secure our Azure + AWS environments, responding to incidents and remediating vulnerabilities
- Design and implement Infrastructure as Code guardrails (Terraform, Bash, Azure CLI, AWS CLI, Jinja, CloudInit)
- Embed security checks into CI/CD pipelines (GitHub Actions)
- Build and manage secrets management, identity solutions, and key rotation
- Partner with squads to ensure product features are secure and compliant by design
- Investigate security breaches and document root cause and remediation steps
- Integrate logging/monitoring with SOC/MDR vendor to ensure strong detection and response
- Perform SAST/DAST testing and strengthen software supply chain security
- Develop and implement an immutable infrastructure strategy
- Build and execute a red team and blue team strategy to continually test defenses
- Research security enhancements and make recommendations to leadership
- Stay current on IT and security standards, advising the company on emerging risks
Requirements:
- Bachelor's degree in computer science or related field (or equivalent experience)
- 6+ years in platform engineering, DevSecOps, or cloud security roles, with at least 4 in a senior capacity
- 2+ years mentoring and developing junior team members
- Experience with security in both AWS and Azure
- Experience with IaC tools and automation (Terraform, Bash, Azure CLI, AWS CLI, Jinja, CloudInit)
- Experience with SAST/DAST and securing the software supply chain
- Experience with OpenAPI/Swagger JSON specifications and API security
- Familiarity with SOC 2 controls and know how to enforce them in cloud systems
- Familiarity with HIPAA controls and know how to enforce them in cloud systems
- Strong Bash scripting skills for automation
- Ability to collaborate closely with developers and product squads while setting security best practices
- 2+ years of vendor management experience
- Security certifications (AWS Security Specialty, AZ500, CISSP, etc.)
- Experience using or administering compliance automation tools (Drata or similar GRC platforms)
- Experience with HITRUST controls and how to enforce them in cloud systems
- Exposure to enterprise architecture frameworks such as TOGAF
- Experience in regulated industries (healthcare, fintech, etc.)
- Experience leading or coordinating red/blue team exercises
- Experience with other scripting languages: PowerShell, python