Own the architecture, implementation, and continuous improvement of Ro’s SSPM and DLP platforms driving security maturity across our robust SaaS landscape.
Define and evolve SaaS security standards, access models, and configuration baselines that balance control with business agility.
Engineer the SaaS lifecycle: Build scalable SaaS lifecycle automations, ranging from posture monitoring and alerting to end-to-end remediation workflows using Tines or similar orchestration platforms.
Partner across teams to embed SaaS security into identity management, onboarding/offboarding, and vendor risk processes.
Collaborate with Security Operations to investigate SaaS-related alerts, ensuring rapid, documented, and systemic remediation.
Lead the integration of SaaS controls into SIEM and SOAR systems (e.g., Splunk, Tines), ensuring actionable telemetry and streamlined response.
Contribute to compliance alignment, ensuring SSPM and DLP controls satisfy HIPAA,HITRUST and SOC 2 requirements.
Mentor peers and share expertise across Security and IT teams, elevating overall SaaS security awareness and discipline.

Requirements

5+ years of experience in Security Engineering or Cloud Security roles, with expertise in SaaS ecosystems, automation, and data protection.
Proven success implementing and managing SSPM and DLP technologies such as AppOmni, Obsidian, BetterCloud, Nightfall, Netskope, etc.
A sharp analytical mindset with the ability to ask the right questions to uncover hidden risks, coupled with the judgment to rationalize complex SaaS features against security policies and risk tolerance.
Demonstrated experience integrating SaaS controls into SIEM/SOAR systems and automating detection, response, and reporting.
Working knowledge of data classification, privacy, and governance frameworks relevant to healthcare or regulated industries.
Excellent communication and collaboration skills — able to influence both technical and executive stakeholders.
A builder’s mindset — practical, automation-oriented, and focused on delivering scalable, measurable outcomes.
Bonus: direct experience supporting HIPAA, HITRUST or SOC 2 compliance, or prior work securing cloud-first healthcare or fintech environments.

Benefits

Full medical, dental, and vision insurance + OneMedical membership
Healthcare and Dependent Care FSA
401(k) with company match
Flexible PTO
Wellbeing + Learning & Growth reimbursements
Paid parental leave + Fertility benefits
Pet insurance
Student loan refinancing
Virtual resources for mindfulness, counseling, and fitness

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

SaaS securitySSPMDLPautomationdata protectionSIEMSOARdata classificationprivacy frameworksgovernance frameworks

Soft Skills

analytical mindsetcommunication skillscollaboration skillsinfluencejudgmentbuilder's mindsetmentoringproblem-solvingrisk assessmentstakeholder engagement

Certifications

HIPAA complianceHITRUST complianceSOC 2 compliance