Optoinvest
Head of Platform & Security
Salary
Job description
Opto is engineering the future of private markets to improve client outcomes and drive capital to the most transformative ideas.
The opportunity is huge. The global alternative investments industry is forecast to grow to $30T by 2029, however the private investment process typically remains opaque, highly manual, and error-prone, which limits access to the select few insiders who are willing to bear the pain.
Opto is a revolutionary end-to-end solution for wealth managers of any size- from small investment advisors to large multi-family offices to private banks- to build, fundraise for, and manage private markets programs at scale. We combine exceptional Silicon Valley engineering talent with experienced investors and industry specialists to fix this broken system through the power of technology. Our platform banishes the nightmare of slide decks, spreadsheets, and paperwork to the past, and arms our clients with the tools, data, and guidance to identify and access the right opportunities for their clients.
Fixing private markets will not be easy and demands courage, but we’re not afraid to do things differently. We are unapologetically bold. We value strong opinions, clear communication, and purposeful execution.
Up for the challenge? Come join us.
The Role
The Head of Platform & Security is a senior leadership role responsible for the reliability, security, and operational excellence of Opto's technology platform. You will partner with the CTO to define and execute Opto's security strategy while leading a team of four engineers spanning infrastructure, security, DevOps, and internal IT. You will own our enterprise and application security program end-to-end and lead a four-person platform engineering team spanning infrastructure, security, DevOps, and internal IT. You will partner closely with engineering leadership, legal, and executive stakeholders to ensure that Opto's platform meets the highest standards demanded by our clients — wealth managers and financial institutions who entrust us with highly sensitive data.
This is a pivotal leadership role at a critical stage of Opto's growth. You will take ownership of an established security program and drive it forward — hardening policies, processes, and tooling, raising the bar on compliance maturity, and ensuring the platform engineering team delivers the reliability and operational excellence the program demands.
Our tech stack consists of a series of React-based Next.js Typescript applications. Behind that a collection of Aurora-backed Python REST API services are hosted as containerized applications in AWS. We make use of AWS Lambda for asynchronous tasks and we rely on Snowflake for data ingestion and warehousing. Our service deployments are completely automated and execute multiple times daily. Our tech stack continues to evolve, driven by our shared principles of optimizing for modularity, scalability, and team-level service ownership.
Expectations
Security Leadership
- Own Opto's enterprise and platform security posture across all applications, services, business tools, and processes
- Maintain Opto's SOC 2 Type 2 audit reports, ensuring ongoing compliance and readiness for annual assessments
- Own and continuously improve programs for security incident management, vulnerability management, penetration testing, network security, authentication and authorization, system access control, data privacy and governance, encryption and certificate management, and threat detection
- Define and monitor compliance with internal security policies, including MDM, SSO/MFA/RBAC, VPN/zero trust, and data governance
- Partner with Legal to establish a comprehensive security and compliance program, ensuring appropriate processes, documentation, and staffing are in place with no single points of failure
- Promote a culture of security across the organization — ensuring all individuals understand and follow security policies and appreciate why they matter
- Represent Opto's security program externally to customers, prospects, and investors, including responding to security audits and due diligence questionnaires (DDQs)
Engineering Management
- Lead, mentor, and grow a four-person platform engineering team (infrastructure, security, DevOps, internal IT)
- Maintain team roadmap and backlog in cooperation with engineering leadership and product stakeholders
- Keep stakeholders informed of key milestones, risks, reprioritizations, and escalations
- Provide technical direction on platform architecture decisions, tooling choices, and engineering standards
- Own the internal IT function, ensuring employees get the support they need
- Work with engineering leadership and Recruiting to ensure the team is properly resourced
- Contribute directly to technical projects as bandwidth allows (up to 50% of your time)
- Foster a collegial, trust-filled, and high-accountability team environment
Qualifications
- 4-year degree in Computer Science, Engineering, or a related technical field (or equivalent work experience)
- 5+ years of professional experience in Information Security
- 5+ years in software engineering, SRE, DevOps, or a closely related technical discipline
- Experience managing compliance with SOC 2, ISO 27001, and/or PCI standards
- Experience building and managing engineering or security teams
- Experience with cloud-native architectures, particularly AWS
- Familiarity with the full software development lifecycle (CI/CD, Git, etc.)
- Strong preference for automation and tooling over manual processes
- Comfort with ambiguity and the ability to execute in a fast-paced startup environment
- Excellent written, verbal, and interpersonal communication skills — equally effective with engineers, executives, and enterprise clients
- [Preferred] Background in financial services or fintech
- [Preferred] Experience operating in a SaaS startup environment
