Key skills
Identity ManagementSplunkSaaSCommunicationCollaborationCloud Security
About this role
Ro is a company focused on revolutionizing healthcare by creating a system that empowers patients. They are seeking a Senior Security Engineer to lead the technical aspects of SaaS security posture management and data loss prevention, ensuring the security and compliance of their platforms as the business scales.
Responsibilities:
- Own the architecture, implementation, and continuous improvement of Ro’s SSPM and DLP platforms driving security maturity across our robust SaaS landscape
- Define and evolve SaaS security standards, access models, and configuration baselines that balance control with business agility
- Engineer the SaaS lifecycle: Build scalable SaaS lifecycle automations, ranging from posture monitoring and alerting to end-to-end remediation workflows using Tines or similar orchestration platforms
- Partner across teams to embed SaaS security into identity management, onboarding/offboarding, and vendor risk processes
- Collaborate with Security Operations to investigate SaaS-related alerts, ensuring rapid, documented, and systemic remediation
- Lead the integration of SaaS controls into SIEM and SOAR systems (e.g., Splunk, Tines), ensuring actionable telemetry and streamlined response
- Contribute to compliance alignment, ensuring SSPM and DLP controls satisfy HIPAA,HITRUST and SOC 2 requirements
- Mentor peers and share expertise across Security and IT teams, elevating overall SaaS security awareness and discipline
Requirements:
- 5+ years of experience in Security Engineering or Cloud Security roles, with expertise in SaaS ecosystems, automation, and data protection
- Proven success implementing and managing SSPM and DLP technologies such as AppOmni, Obsidian, BetterCloud, Nightfall, Netskope, etc
- A sharp analytical mindset with the ability to ask the right questions to uncover hidden risks, coupled with the judgment to rationalize complex SaaS features against security policies and risk tolerance
- Demonstrated experience integrating SaaS controls into SIEM/SOAR systems and automating detection, response, and reporting
- Working knowledge of data classification, privacy, and governance frameworks relevant to healthcare or regulated industries
- Excellent communication and collaboration skills — able to influence both technical and executive stakeholders
- A builder's mindset — practical, automation-oriented, and focused on delivering scalable, measurable outcomes
- Bonus: direct experience supporting HIPAA, HITRUST or SOC 2 compliance, or prior work securing cloud-first healthcare or fintech environments