Lead Arcadia's technical security across cloud, infrastructure, and operations, defining security roadmap, incident response, and ensuring compliance with regulations.
Arcadia is dedicated to happier, healthier days for all. We believe that there is a better healthcare world – one powered by data. Our platform transforms complex, diverse data into a unified foundation for health, helping organizations deliver better care, boost revenue, and lower costs.
We’re a team of fiercely driven individuals committed to making healthcare more sustainable—and we’re looking for passionate people to help us get there.
For more information, visit arcadia.io.
Why This Role Is Important to Arcadia
Arcadia is seeking a Senior Director of Security Operations & Engineering to lead the company’s technical security function across infrastructure, cloud platforms, and corporate environments. This role will unify Security Operations, Cloud and Infrastructure Security, and Threat Detection into a cohesive, high-performing team that protects Arcadia’s healthcare data and SaaS platform.
This is a hands-on technical leadership position. The successful candidate will architect, build, and operate modern security systems while leading engineers, analysts, and network specialists. They will define and drive Arcadia’s technical security roadmap, manage incident response, and implement resilient, scalable security solutions in a highly regulated healthcare SaaS environment.
What Success Looks Like
In 3 months
- Complete all mandatory training and onboarding activities
- Gain a deep understanding of Arcadia’s infrastructure, threat landscape, and existing controls
- Establish clear objectives and technical direction for each pod (e.g., Cloud Security/Security Engineering, Network & Infrastructure Security, and Threat Detection & Response)
- Lead and participate in active incident response and threat hunting activities
- Deliver measurable improvements in detection coverage, cloud posture, and automation
- Implement engineering and process changes that reduce operational burden and MTTR
- Mentor and grow the team’s technical capabilities and leadership maturity
In 6 months
- Mature Arcadia’s Security Operations & Engineering program into a data-driven, automation-enabled function
- Demonstrate reduced risk exposure and improved audit readiness through measurable KPIs
- Be recognized across the company as the go-to technical leader for security architecture and response
In 12 months
- Mature Arcadia’s Security Operations & Engineering program into a unified, metrics-driven function with defined KPIs for detection, response, and remediation performance
- Demonstrate measurable improvement in enterprise and cloud security posture through improved coverage, reduced mean time to detect (MTTD) and mean time to respond (MTTR), and reduced audit findings
- Establish and maintain automated, auditable evidence collection processes that streamline HITRUST, ISO 27001, and SOC 2 compliance
- Deliver a robust, continuously tested incident response framework with automated containment capabilities and full integration into corporate and product operations
- Partner with Product, Infrastructure, and Engineering leadership to embed security design principles and tooling into development lifecycles, driving measurable shifts toward secure-by-default practices
- Influence company-wide technology and risk strategies by serving as a key advisor to executive leadership on emerging threats, security investments, and architecture decisions
- Position Arcadia as an industry leader in healthcare security by driving innovation in automation, detection, and resilience while maintaining operational excellence
What You'll Be Doing
- Lead and develop teams responsible for cloud security engineering, network and infrastructure security, and security operations
- Define and execute the security engineering roadmap aligned with Arcadia’s mission and regulatory and compliance obligations (e.g., HIPAA, HITRUST, ISO 27001, SOC 2)
- Serve as the senior technical authority for all security controls, tooling, and automation initiatives
- Partner with Engineering, IT, and Compliance leadership to embed secure design principles into products and operations
- Own and evolve Arcadia’s Computer Security Incident Response Team (CSIRT), ensuring readiness, playbook maturity, and coordination across teams
- Represent Security Operations & Engineering in architecture reviews, executive updates, and customer discussions.
- Design, implement, and maintain security controls across Arcadia’s cloud, infrastructure, and application environments to ensure resilience, scalability, and compliance
- Architect secure AWS multi-account environments using services such as EKS, ECS, Lambda, and VPC, applying Zero Trust principles and automating configuration management with Terraform or CloudFormation
- Manage network and infrastructure security by maintaining segmentation, VPN, firewall, and endpoint protection controls, along with perimeter defenses including WAF, DDoS mitigation, and intrusion detection systems
- Lead the configuration and tuning of detection and response capabilities including SIEM pipelines, threat intelligence integration, and incident response workflows to enable rapid detection, containment, and remediation
- Serve as Arcadia’s Cyber Security Incident Response Team (CSIRT) Manager, directing the technical response to potential security incidents and coordinating cross-functional engagement during critical events
- Implement security-as-code practices that automate control validation, configuration baselines, and remediation using scripting and orchestration tools such as Python, PowerShell, and Bash
- Oversee identity and access management across AWS, Okta/Auth0, and Microsoft 365 environments to enforce least-privilege principles and secure authentication
- Translate compliance controls (e.g., SOC 2, ISO 27001, HITRUST) into enforceable technical configurations
- Partner with the Security Assurance team to provide audit evidence and continuous control monitoring
- Partner with the Security Assurance to conduct and oversee technical risk assessments, vulnerability management, and remediation planning
- Ensure technical alignment to healthcare privacy and security requirements (e.g., HIPAA, HITECH)
- Evaluate emerging technologies in AI-driven detection, behavioral analytics, and modern DevSecOps tooling
- Benchmark security capabilities against industry best practices and high-performing SaaS peers
- Foster a culture of continuous improvement, collaboration, and technical excellence within Security Engineering and Operations
Leadership & Strategy
Technical Security Ownership
Compliance & Risk Management
Innovation & Continuous Improvement
What You'll Bring
- 10+ years in information security, with at least 5 years in technical leadership roles
- Proven experience designing and operating secure, cloud-based SaaS infrastructure (AWS required; Azure or GCP a plus)
- Cloud security architecture and automation
- Incident detection and response
- Network engineering and security controls
- Vulnerability management and threat modeling
- Hands-on technical expertise with scripting/automation (Python, PowerShell, Bash), infrastructure-as-code (Terraform, CloudFormation), and CI/CD integration
- Strong familiarity with enterprise IT systems (Active Directory, Okta, MDM, SSO)
- Knowledge of regulatory and compliance frameworks including HIPAA, HITRUST, and ISO 27001
- Demonstrated experience leading multidisciplinary technical teams in dynamic environments
Would Love for You to Have
- More than one advanced security certifications such as CISSP, CCSP, GIAC (GCTI, GCIA, GCFA, GCSA), or AWS Security Specialty
- Experience with container security, Kubernetes, and EDR/MDR solutions
- Background in healthcare or other regulated industries
- Prior ownership of 24x7 security operations in a SaaS or cloud-native organization
What You'll Get
- Build and lead a world-class technical security organization in a mission-driven healthcare company
- Work with cutting-edge cloud technologies in a fully remote, collaborative environment
- Competitive compensation, comprehensive benefits, and strong career advancement opportunities
- Chance to be surrounded by a team of extremely talented and dedicated individuals driven to succeed
- Be a part of a mission driven company that is transforming the healthcare industry by changing the way patients receive care
- A flexible, remote friendly company with personality and heart
- Employee driven programs and initiatives for personal and professional development
About Arcadia
Arcadia.io helps innovative providers and payers across the country transform healthcare to reduce cost while improving patient health. We do this by aggregating large amounts of disparate data, applying algorithms to identify opportunities to provide better patient care, and making those opportunities actionable by physicians at the point of care in near-real time. We are passionate about helping our customers drive meaningful outcomes. We are growing fast and have emerged as a market leader in the highly competitive population health management software market and have been recognized by industry analysts KLAS, IDC, Forrester, and Chilmark for our leadership. For a better sense of our brand and products, please explore our website.
Protect Yourself
If you have concerns about the authenticity of a job offer or recruitment-related communication claiming to be from Arcadia, we encourage you to verify by contacting us directly at (781) 202-3600 and select option 3. For more information, visit our website.
This position is responsible for following all Security policies and procedures in order to protect all PHI under Arcadia's custodianship as well as Arcadia Intellectual Properties. For any security-specific roles, the responsibilities would be further defined by the hiring manager.
Top Skills
AWS
Bash
CloudFormation
Ecs
Eks
Lambda
Powershell
Python
Terraform
Vpc
Similar Jobs at Arcadia
Big Data • Fitness • Healthtech • Information Technology • Software • Analytics
The Enterprise Implementation Manager leads and manages complex implementation projects for clients, ensuring successful product delivery and customer satisfaction through effective communication and project coordination.
Top Skills:
Claims DataEhrQlikviewSQLTableau
Big Data • Fitness • Healthtech • Information Technology • Software • Analytics
The Senior Implementation Manager leads complex health data integration projects, ensuring customer satisfaction through effective communication and project management. Responsibilities include developing implementation plans, coordinating teams, and mitigating risks.
Top Skills:
Data ArchitectureHealthcare Data IntegrationPower BISQLTableau
Big Data • Fitness • Healthtech • Information Technology • Software • Analytics
The Senior Advisor, Member Services will cultivate relationships with members, align their strategies with Arcadia's solutions, and provide strategic guidance to optimize utilization of the platform.
Top Skills:
AtlassianMS OfficeSalesforceSnowflake
What you need to know about the Belfast Tech Scene
If asked to name the birthplace of the RMS Titanic, you might not say Belfast. Similarly, if asked to name Europe's leading destination for foreign direct investment in new software development, Belfast might not come to mind. Yet, both are true. The city has emerged as a tech powerhouse, recently ranked among the best in the U.K. for tech careers — especially for software developers. It also leads the U.K. with the highest percentage of software development jobs advertised.
