Arcadia

Senior Director of Security Operations – Engineering

Arcadia

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud PlatformPythonTerraform

About the role

  • Lead and develop teams responsible for cloud security engineering, network and infrastructure security, and security operations
  • Define and execute the security engineering roadmap aligned with Arcadia’s mission and regulatory and compliance obligations (e.g., HIPAA, HITRUST, ISO 27001, SOC 2)
  • Serve as the senior technical authority for all security controls, tooling, and automation initiatives
  • Partner with Engineering, IT, and Compliance leadership to embed secure design principles into products and operations
  • Own and evolve Arcadia’s Computer Security Incident Response Team (CSIRT), ensuring readiness, playbook maturity, and coordination across teams
  • Represent Security Operations & Engineering in architecture reviews, executive updates, and customer discussions.
  • Design, implement, and maintain security controls across Arcadia’s cloud, infrastructure, and application environments to ensure resilience, scalability, and compliance
  • Architect secure AWS multi-account environments using services such as EKS, ECS, Lambda, and VPC, applying Zero Trust principles and automating configuration management with Terraform or CloudFormation
  • Manage network and infrastructure security by maintaining segmentation, VPN, firewall, and endpoint protection controls, along with perimeter defenses including WAF, DDoS mitigation, and intrusion detection systems
  • Lead the configuration and tuning of detection and response capabilities including SIEM pipelines, threat intelligence integration, and incident response workflows to enable rapid detection, containment, and remediation
  • Serve as Arcadia’s Cyber Security Incident Response Team (CSIRT) Manager, directing the technical response to potential security incidents and coordinating cross-functional engagement during critical events
  • Implement security-as-code practices that automate control validation, configuration baselines, and remediation using scripting and orchestration tools such as Python, PowerShell, and Bash
  • Oversee identity and access management across AWS, Okta/Auth0, and Microsoft 365 environments to enforce least-privilege principles and secure authentication
  • Translate compliance controls (e.g., SOC 2, ISO 27001, HITRUST) into enforceable technical configurations
  • Partner with the Security Assurance team to provide audit evidence and continuous control monitoring
  • Partner with the Security Assurance to conduct and oversee technical risk assessments, vulnerability management, and remediation planning
  • Ensure technical alignment to healthcare privacy and security requirements (e.g., HIPAA, HITECH)
  • Evaluate emerging technologies in AI-driven detection, behavioral analytics, and modern DevSecOps tooling
  • Benchmark security capabilities against industry best practices and high-performing SaaS peers
  • Foster a culture of continuous improvement, collaboration, and technical excellence within Security Engineering and Operations

Requirements

  • 10+ years in information security, with at least 5 years in technical leadership roles
  • Proven experience designing and operating secure, cloud-based SaaS infrastructure (AWS required; Azure or GCP a plus)
  • Cloud security architecture and automation
  • Incident detection and response
  • Network engineering and security controls
  • Vulnerability management and threat modeling
  • Hands-on technical expertise with scripting/automation (Python, PowerShell, Bash), infrastructure-as-code (Terraform, CloudFormation), and CI/CD integration
  • Strong familiarity with enterprise IT systems (Active Directory, Okta, MDM, SSO)
  • Knowledge of regulatory and compliance frameworks including HIPAA, HITRUST, and ISO 27001
  • Demonstrated experience leading multidisciplinary technical teams in dynamic environments
Benefits
  • Build and lead a world-class technical security organization in a mission-driven healthcare company
  • Work with cutting-edge cloud technologies in a fully remote, collaborative environment
  • Competitive compensation, comprehensive benefits, and strong career advancement opportunities
  • Chance to be surrounded by a team of extremely talented and dedicated individuals driven to succeed
  • Be a part of a mission driven company that is transforming the healthcare industry by changing the way patients receive care
  • A flexible, remote friendly company with personality and heart
  • Employee driven programs and initiatives for personal and professional development

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
cloud security engineeringnetwork securityinfrastructure securitysecurity operationssecurity engineering roadmapAWSTerraformCloudFormationincident detectionvulnerability management
Soft skills
leadershipcollaborationcommunicationtechnical excellencecontinuous improvement
Certifications
HIPAAHITRUSTISO 27001SOC 2