Director of Cloud & Security Operations

This position is fully on-site, in a fast-paced environment that requires initiative, flexibility, and strong collaboration. Please note: Remote or hybrid work options are not available for this role. About TALONAs the industry pioneer in transparent healthcare pricing, we are experts in leveraging price transparency and consumer-centric principles to produce optimal outcomes. We've built the ultimate suite of software services designed to protect healthcare consumers from overpaying for care. Our innovative tools deliver a market-driven healthcare system, empowering consumers to make smart decisions and control their financial and physical well-being.Recognized for rapid growth and industry leadership, TALON ranked #4 on the Boston Globe’s “New England’s 50 fastest-growing companies” and earned placement on the Inc. 5000 list in 2024 and2025.About the RoleThe Director of Cloud & Security Operations is a senior technical leader responsible for ensuring the reliability, security, performance, and scalability of the company’s cloud and internal infrastructure. This role oversees cloud operations, DevOps tooling, internal corporate security, secure file transfer operations, and provides technical support to the Compliance Officer for SOC 2, HIPAA, and HITRUST programs.This director will build, manage, and mentor a growing Cloud & Security Operations team. While hands-on expertise is important, the Director is accountable for the end-to-end success of all operational, infrastructure, and security functions.Key ResponsibilitiesLeadership & Team ManagementLead, mentor, and grow a Cloud & Security Operations team.Set priorities, delegate effectively, and uphold high-quality execution across cloud operations, DevOps, and internal security.Foster a culture of reliability, ownership, documentation, and continuous improvement.Infrastructure Availability & ReliabilityEnsure maximum uptime and performance across cloud, colocation, and on-prem compute, storage, and networking.Oversee monitoring, incident response, and operational readiness.Coordinate infrastructure changes with engineering to prevent downtime.Maintain consistent development, staging, and production environments.Ensure changes impacting applications or pipelines are properly communicated and documented.Capacity, Scalability & Cost ManagementForecast and provision capacity for large-scale data processing, application workloads, and analytics operations.Present capacity plans and forecasts to the CFO for budgeting and procurement.Maintain elasticity and performance in cloud environments.Implement cost controls, rightsizing, auto-scaling, tagging policies, and other optimization strategies.Ensure scalable infrastructure while meeting budget and financial visibility expectations.Platform Engineering, Deployment & Developer EnablementOversee CI/CD pipeline architecture, automation, and reliability.Maintain core platform tooling: secrets management, container orchestration, observability stack, automation frameworks, etc.Partner with engineering on release planning, rollback strategies, and environment management.Evaluate and introduce new tools to enhance developer productivity and platform stability.Ensure secure, predictable, and reliable environments across development lifecycle stages.Cloud Security & Internal SecurityEnforce least-privilege IAM, MFA, encryption, patching, vulnerability remediation, and continuous security monitoring.Oversee internal corporate security: desktops/laptops, MDM/endpoint management, secure Wi-Fi, internal network, VPN, firewalls, and SSO.Manage secure SFTP environments for clients, including IP allowlisting, credentials, logging, and reliability.Ensure timely patching and remediation across all infrastructure and endpoints.Compliance Support (Technical)Provide technical support for SOC 2, HIPAA, and HITRUST programs.Maintain infrastructure documentation, architecture diagrams, and audit evidence.Assist with remediation of vulnerabilities, pen test findings, and audit observations.Ensure alignment with SOC 2, HIPAA, and HITRUST controls.Observability & Incident ResponseOversee logging, metrics, alerting, dashboards, and distributed tracing.Own incident lifecycle: triage, escalation, communication, resolution, and postmortems.Partner with engineering for RCA and long-term corrective actions.Data Platform & Pipeline OperationsEnsure reliable operation of data pipelines and batch/stream processing jobs.Oversee monitoring and alerting for data workflows supporting analytics, reporting, and customer-facing services.Monitor data quality, job failures, throughput, and coordinate resolution with engineering/data teams.Provide daily visibility into data processing metrics.ExperienceDeep experience with AWS, Ubuntu/Linux, and macOS systems management.Experience with MongoDB, Redshift, Clickhouse, and MeteorJS strongly preferred.Strong knowledge of CI/CD, IaC (Terraform, CloudFormation), automation frameworks, and Python scripting.Hands-on experience with observability platforms (Datadog, CloudWatch, ELK, Grafana, etc.).Strong foundation in security: IAM, MFA, encryption, EDR, patching, network security, vulnerability management.Experience managing endpoint security and MDM (Intune/Jamf).Experience with secure SFTP operations, IP allowlisting, certificates, and secure data exchange.Strong understanding of SOC 2, HIPAA, and HITRUST requirements.Minimum Requirements8–12+ years in cloud infrastructure, SRE/DevOps, platform engineering, or security engineering.4–6+ years managing technical teams, ideally in SaaS, healthcare, or data-intensive environments.Experience operating large-scale distributed systems, ETL pipelines, or data processing platforms.Participation in SOC 2, HIPAA, or HITRUST audits.Proven track record of improving infrastructure reliability, maturing operational processes, and enhancing security.Strong leadership and cross-functional communication skills.Excellent incident management and analytical abilities.High operational rigor, documentation discipline, and ownership mindset.Ability to balance scalability, cost control, and performance.Company BenefitsIncentive Stock Options in a high-growth, “scale-up” companyPaid Time Off and Company HolidaysMedical Insurance with a fully funded individual or family Health Savings Account (HSA)401(k) retirement plan Join us on our mission to educate, empower, and incentivize the American healthcare consumer to meaningfully reduce costs and create a healthier ecosystem.