Senior Director of Security Operations – Engineering

October 31

Apply Now

Receive Emails with Similar Jobs

Arcadia

WebsiteLinkedInAll Job Openings

Arcadia is dedicated to happier, healthier days for all. We transform diverse data into a unified fabric for health. Our platform delivers actionable insights for our customers to advance care and research, drive strategic growth, and achieve financial success. For more information, visit arcadia.io.

201 - 500 employees

💰 $29.5M Venture Round on 2020-01

📋 Description

• Lead and develop teams responsible for cloud security engineering, network and infrastructure security, and security operations • Define and execute the security engineering roadmap aligned with Arcadia’s mission and regulatory and compliance obligations (e.g., HIPAA, HITRUST, ISO 27001, SOC 2) • Serve as the senior technical authority for all security controls, tooling, and automation initiatives • Partner with Engineering, IT, and Compliance leadership to embed secure design principles into products and operations • Own and evolve Arcadia’s Computer Security Incident Response Team (CSIRT), ensuring readiness, playbook maturity, and coordination across teams • Represent Security Operations & Engineering in architecture reviews, executive updates, and customer discussions. • Design, implement, and maintain security controls across Arcadia’s cloud, infrastructure, and application environments to ensure resilience, scalability, and compliance • Architect secure AWS multi-account environments using services such as EKS, ECS, Lambda, and VPC, applying Zero Trust principles and automating configuration management with Terraform or CloudFormation • Manage network and infrastructure security by maintaining segmentation, VPN, firewall, and endpoint protection controls, along with perimeter defenses including WAF, DDoS mitigation, and intrusion detection systems • Lead the configuration and tuning of detection and response capabilities including SIEM pipelines, threat intelligence integration, and incident response workflows to enable rapid detection, containment, and remediation • Serve as Arcadia’s Cyber Security Incident Response Team (CSIRT) Manager, directing the technical response to potential security incidents and coordinating cross-functional engagement during critical events • Implement security-as-code practices that automate control validation, configuration baselines, and remediation using scripting and orchestration tools such as Python, PowerShell, and Bash • Oversee identity and access management across AWS, Okta/Auth0, and Microsoft 365 environments to enforce least-privilege principles and secure authentication • Translate compliance controls (e.g., SOC 2, ISO 27001, HITRUST) into enforceable technical configurations • Partner with the Security Assurance team to provide audit evidence and continuous control monitoring • Partner with the Security Assurance to conduct and oversee technical risk assessments, vulnerability management, and remediation planning • Ensure technical alignment to healthcare privacy and security requirements (e.g., HIPAA, HITECH) • Evaluate emerging technologies in AI-driven detection, behavioral analytics, and modern DevSecOps tooling • Benchmark security capabilities against industry best practices and high-performing SaaS peers • Foster a culture of continuous improvement, collaboration, and technical excellence within Security Engineering and Operations

🎯 Requirements

• 10+ years in information security, with at least 5 years in technical leadership roles • Proven experience designing and operating secure, cloud-based SaaS infrastructure (AWS required; Azure or GCP a plus) • Cloud security architecture and automation • Incident detection and response • Network engineering and security controls • Vulnerability management and threat modeling • Hands-on technical expertise with scripting/automation (Python, PowerShell, Bash), infrastructure-as-code (Terraform, CloudFormation), and CI/CD integration • Strong familiarity with enterprise IT systems (Active Directory, Okta, MDM, SSO) • Knowledge of regulatory and compliance frameworks including HIPAA, HITRUST, and ISO 27001 • Demonstrated experience leading multidisciplinary technical teams in dynamic environments

🏖️ Benefits

• Build and lead a world-class technical security organization in a mission-driven healthcare company • Work with cutting-edge cloud technologies in a fully remote, collaborative environment • Competitive compensation, comprehensive benefits, and strong career advancement opportunities • Chance to be surrounded by a team of extremely talented and dedicated individuals driven to succeed • Be a part of a mission driven company that is transforming the healthcare industry by changing the way patients receive care • A flexible, remote friendly company with personality and heart • Employee driven programs and initiatives for personal and professional development