Director of Cloud Infrastructure and Cybersecurity
Opala
Opala empowers healthcare companies with interoperability capabilities for a competitive advantage. Through automated, real-time connections between provider organizations and health plans, clinical information is shared, administrative functions (such as eligibility, access to care, closing care gaps, managing risk adjustments) are streamlined, and HEDIS and Star ratings are improved. In addition to delivering compliance with federal interoperability requirements, Opala combines claims and clinical data to establish a complete healthcare profile of an individual to improve healthcare outcomes and cost, reduce administrative waste, and enable digital solutions. Opala curates a unified patient record and makes that record available to health plans, providers, and members/patients in a standardized Fast Healthcare Interoperability Resources (FHIR) format through an Application Programming Interfaces (API). Opala also offers artificial intelligence and machine learning solutions for risk stratification and predictive analytics to manage medical care over time. In this remote-based position, the Director of Cloud Infrastructure and Cybersecurity is responsible for managing IT infrastructure in the cloud (AWS, Azure and GCP) along with establishing and administering the overall strategies, processes and procedures for the Information Security program for the company. Communicating information security processes to all stakeholders and ensuring the organization’s security processes consider and address organizational requirements. You will be responsible for satisfying the scaling needs of the platform and the trust needs of clients, customers, and employees. Experience managing IT corporate, and sales offices distributed globally is preferred. The Director of Cloud Infrastructure and Cybersecurity reports directly to our CTO.At Opala: - Our Mission is to collect, standardize and consolidate healthcare data to build a complete picture of patient health.
- Our Vision is to be the most trusted source of patient insights, radically improving healthcare.
- And our team values Integrity, Innovation, Inclusivity and Excellence.
Responsibilities:- Manage a team (internal and partner staff) of DevOps engineers, system engineers, network engineers, security engineers, and other IT support staff
- Maintain and optimize the company's Cloud Infrastructure.
- Define and implement IT policies and security policies across the organization
- Implement Zero-Trust security principles within the multi-cloud environment and raise security awareness within the enterprise
- Define and implement identity management solutions for internal and external users
- Collaborate with Managed Security Services Provider (MSSP) in setting up a security operations center (SOC) for the enterprise
- Collaborate with business leaders across the company to ensure our approach to security meets company cultural principles while achieving defined security objectives
- Be responsible for device and password management (Protected Access Management)
- Define and implement best practices around user access controls
- Clean up access for users and security groups within Active Directory (AD)
- Protect data assets from unauthorized user access (on-prem and cloud)
- Protect O365 and D365 environments (Email, Teams, SharePoint, OneDrive, etc.)
- Perform business impact analysis (BIA) and implement a disaster recovery plan to meet organizational resiliency goals
- Facilitate audits and certifications needed to promote trust in the platform
- Implement super-user access tracking and log aggregation for audit and forensics
- Implement modern DevOps practices to support platform operations in terms of scalability, availability, security, and resiliency
- Engage third-party service providers to perform network penetration and vulnerability testing
- Perform Information Technology Risk Assessments to identify potential control gaps
- Control costs and budgets around IT systems (including security)
- Manage contracts with vendors (e.g., cloud providers, SaaS/PaaS application providers, Software vendors, and telecommunication companies)
Minimum Qualifications:- 8+ years of experience leading platform operations (cloud and cybersecurity)
- 10+ years of information technology and cybersecurity experience
- 5+ years Azure experience
- Experience in developing IT policies and procedures
- Strong knowledge of information security best practices, standards, and frameworks
- Strong understanding of compliance requirements
- Leadership and Organizational skills
- Excellent communications skills
- Problem-solving and analytical skills
Benefits:- The Seattle base salary range for this full-time position is $188k-$216k. Our salary ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.
- Benefits include medical, dental, vision, life and AD&D insurance, EAP, short-term and long-term disability, 16 days PTO, 8 paid holidays, fully paid holiday closure, parental and family medical leave, 401k, stock options and annual bonuses and salary increases based on merit.
Diversity and Inclusivity Statement:- At Opala, we believe that diversity and inclusivity are critical to our success. We encourage and value diverse perspectives and experiences, and we believe that they are essential for driving innovation and creating products that meet the needs of our diverse customer base.
Opala is an equal opportunity employer and makes employment decisions on the basis of merit. We are committed to providing a workplace free from harassment and discrimination. We celebrate the unique differences of our employees because that is what drives curiosity, innovation, and the success of our business. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, veteran status, disability status, pregnancy, parental status, genetic information, political affiliation, or any other status protected by the laws or regulations in the locations where we operate. Accommodations are available for applicants with disabilities.