Senior Manager, Cloud Security Engineering

What You'll Be Doing

• Leadership & Strategy
• In partnership with the Principal Security Engineer & Architect and other stakeholders, develop and execute a comprehensive cloud security strategy aligned with Arcadia’s business objectives
• Mentor and guide a team of skilled and passionate cloud security engineers, fostering a culture of innovation, collaboration, and technical excellence
• Represent the security function in cross-functional meetings and strategic planning sessions
• Create and maintain documentation and training materials for SecOps policies, procedures, and software/security best practices
• Ensure the smooth operation of project management processes by leveraging automation to streamline workflows, monitor progress, resolve blockers, and enhance the efficiency of delivering security initiatives


Cloud Security Design & Implementation
• Oversee the design, deployment, and management of security controls across multi-cloud environments
• Securing Arcadia’s product and corporate computing environments from unauthorized access
• Architect scalable, automated security solutions leveraging best-in-class tools and methodologies
• Integrate security practices into DevOps pipelines, ensuring secure code, infrastructure as code (IaC), and continuous monitoring.
• Seeking and destroying vulnerabilities to protect our server- and serverless-based systems
• Establishing client connectivity via encrypted connections like IPsec, SSLVPN, NAT/PAT
• Constructing automated, scalable perimeter security solutions using cloud-native services and Enterprise security tools
• Managing Arcadia’s secrets, certificates, and PKI components to ensure data is protected throughout the product development and customer implementation processes
• Integrating with DevOps and software engineers to pre-bake security (encryption, logging, monitoring, auditing) into new products, modules, and processing architecture


Cyber Threat Monitoring and Intelligence
• Proactively collect and analyze cyber threat intelligence from various sources to understand threat actors, their tactics, techniques, and procedures (TTPs)
• Participate in incident response activities, including detection, containment, eradication, and post-incident analysis
• Monitor network traffic and logs to identify potential threats, vulnerabilities, and breaches
• Conduct regular vulnerability assessments and risk analyses to identify security gaps
• Prepare and present detailed threat reports to stakeholders and recommend appropriate countermeasures
• Work with IT and other departments to implement security measures and best practices
• Manage relationships with relevant cyber threat detection vendors (e.g., EDR, MDM, etc.)
• Keep abreast of the latest cybersecurity trends, tools, and technologies
• Conduct digital forensics to investigate security incidents and gather evidence
• Develop and maintain threat models to predict potential attack vectors and security breaches
• Engage in research to identify new threats and develop innovative defensive strategies
• Work with law enforcement, other organizations, and cybersecurity communities for information sharing and joint threat mitigation efforts


Risk Management & Compliance
• Support the Information Security team with ongoing compliance efforts related to SOC 2, ISO 27001, and HITRUST certification, along with general state and federal healthcare, privacy, and security requirements
• Collaborate with stakeholders to conduct security risk assessments and prioritize remediation efforts


Innovation & Thought Leadership
• Evaluate emerging security technologies, trends, and practices to continuously improve Arcadia’s security posture
• Champion Zero Trust principles, advanced encryption, and AI-based threat detection strategies

What You'll Bring

• 8+ years’ experience with a Bachelor’s Degree or equivalent experience
• Experience leading technical teams in a high-paced environment
• Deep understanding and recent experience with cloud security concepts, in particular with AWS, IAM management, container security, and infrastructure security architecture
• Experience with the design and implementation of enterprise-based security, such as IDS/IPS, SIEM, vulnerability management, etc
• Expert at securing Enterprise Windows and Microsoft 365 environments, Kubernetes clusters, and container technologies across multi-cloud infrastructure
• Experience in designing and managing enterprise-grade security architectures and solutions
• Proficiency in configuring virtual/physical perimeter security devices
• Comfortable using code to automate processes and drive results – PowerShell, Python, Bash, Terraform, CloudFormation, JavaScript/Node.js
• Strong understanding of healthcare compliance frameworks and data privacy regulations (e.g., HIPAA, HITRUST).
• Advanced security certifications such as CISSP, CCSP, CEH, CISA, GCFA, GCTI, GCFE, GCFR, GNFA, or similar

Would Love For You To Have

• Certifications such as AWS Certified Solutions Architect, AWS Security Specialist, CISSP, or CCSP
• Palo Alto Networks certifications or experience
• Experience managing Active Directory, Multifactor Auth, Single Sign-On in a multi-tier web-application infrastructure
• Demonstrated experience managing teams in a technical, fast-paced environment
• Exposure to multi-cloud environments, including Azure or GCP

What You'll Get

• Opportunity to lead transformative cloud security initiatives at a mission-driven organization
• Access to cutting-edge cloud technologies and a collaborative, remote-friendly work environment
• Comprehensive benefits, flexible time off, and career growth opportunities
• The opportunity to work for an amazing, fast-growing software company leveraging a highly scalable cloud platform
• You want to use your skills to make an impact in healthcare