Senior Security Platform Engineer

Opala develops healthcare products that tackle the most complex data challenges faced by payers and providers. As a startup originating from a major healthcare plan in the Northwest, we combine deep health‑tech expertise with top‑tier data and software engineering talent to create products that our customers find meaningful and valuable. These data products empower payers and their partners to find timely insights and take action to intervene in areas like value‑based care analytics, interoperability compliance, and real‑time streaming of clinical data.

In this remote position, we’re seeking an experienced Senior Platform Security Engineer to join our team. Here, you will play a critical role in securing our cloud infrastructure and embedding strong security practices across our engineering squads. You’ll bridge platform engineering and security, building paved‑road guardrails that make it easy for developers to ship securely in a healthcare data environment.

You’ll also both "lead by doing" (designing and implementing IaC guardrails, CI/CD security checks, and software supply chain protections) AND "lead by influence" (mentoring engineers and partnering with our Security and Compliance team). Monitor and secure our Azure + AWS environments, responding to incidents and remediating vulnerabilities. Design and implement Infrastructure as Code guardrails (Terraform, Bash, Azure CLI, AWS CLI, Jinja, CloudInit).

Embed security checks into CI/CD pipelines (GitHub Actions). Build and manage secrets management, identity solutions, and key rotation. Investigate security breaches and document root cause and remediation steps.

Perform SAST/DAST testing and strengthen software supply chain security. Stay current on IT and security standards, advising the company on emerging risks. Bachelor’s degree in computer science or related field (or equivalent experience). 6+ years in platform engineering, DevSecOps, or cloud security roles, with at least 4 in a senior capacity.

Experience with security in both AWS and Azure. Experience with IaC tools and automation (Terraform, Bash, Azure CLI, AWS CLI, Jinja, CloudInit). Experience with SAST/DAST and securing the software supply chain.

Familiarity with SOC 2 controls and know how to enforce them in cloud systems. Familiarity with HIPAA controls and know how to enforce them in cloud systems. Security certifications (AWS Security Specialty, AZ500, CISSP, etc.).

Experience using or administering compliance automation tools (Drata or similar GRC platforms). Experience with HITRUST controls and how to enforce them in cloud systems. Experience with other scripting languages: PowerShell, python The Seattle base salary range for this full‑time position is $163k-$192k.

Within the range, individual pay is determined by work location and additional factors, including job‑related skills, experience, and relevant education or training. Benefits include medical, dental, vision, life and AD&D insurance, EAP, short‑term and long‑term disability, 16 days PTO, 8 paid holidays, fully paid holiday closure, parental and family medical leave, 401k, stock options and annual bonuses and salary increases based on merit. Diversity and Inclusivity Statement At Opala, we believe that diversity and inclusivity are critical to our success.

We encourage and value diverse perspectives and experiences, and we believe that they are essential for driving innovation and creating products that meet the needs of our diverse customer base. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, veteran status, disability status, pregnancy, parental status, genetic information, political affiliation, or any other status protected by the laws or regulations in the locations where we operate. Accommodations are available for applicants with disabilities. #