Key skills
Identity ManagementSplunkSaaSCommunicationCollaborationCloud Security
About this role
Ro is a healthcare technology company focused on building a new system that empowers patients. The Senior Security Engineer will lead the technical efforts in managing SaaS security posture and data loss prevention, ensuring the security and compliance of Ro's platforms as they scale.
Responsibilities:
- Own the architecture, implementation, and continuous improvement of Ro’s SSPM and DLP platforms driving security maturity across our robust SaaS landscape
- Define and evolve SaaS security standards, access models, and configuration baselines that balance control with business agility
- Engineer the SaaS lifecycle: Build scalable SaaS lifecycle automations, ranging from posture monitoring and alerting to end-to-end remediation workflows using Tines or similar orchestration platforms
- Partner across teams to embed SaaS security into identity management, onboarding/offboarding, and vendor risk processes
- Collaborate with Security Operations to investigate SaaS-related alerts, ensuring rapid, documented, and systemic remediation
- Lead the integration of SaaS controls into SIEM and SOAR systems (e.g., Splunk, Tines), ensuring actionable telemetry and streamlined response
- Contribute to compliance alignment, ensuring SSPM and DLP controls satisfy HIPAA,HITRUST and SOC 2 requirements
- Mentor peers and share expertise across Security and IT teams, elevating overall SaaS security awareness and discipline
Requirements:
- 5+ years of experience in Security Engineering or Cloud Security roles, with expertise in SaaS ecosystems, automation, and data protection
- Proven success implementing and managing SSPM and DLP technologies such as AppOmni, Obsidian, BetterCloud, Nightfall, Netskope, etc
- A sharp analytical mindset with the ability to ask the right questions to uncover hidden risks, coupled with the judgment to rationalize complex SaaS features against security policies and risk tolerance
- Demonstrated experience integrating SaaS controls into SIEM/SOAR systems and automating detection, response, and reporting
- Working knowledge of data classification, privacy, and governance frameworks relevant to healthcare or regulated industries
- Excellent communication and collaboration skills — able to influence both technical and executive stakeholders
- A builder's mindset — practical, automation-oriented, and focused on delivering scalable, measurable outcomes
- Bonus: direct experience supporting HIPAA, HITRUST or SOC 2 compliance, or prior work securing cloud-first healthcare or fintech environments