Senior Application Security Engineer

Summary

Join Rula's Security Team and play a vital role in protecting patient data and the technology behind our mental health platform. You will collaborate closely with Engineering and Product teams, ensuring security is a core company value. This position offers the chance to enhance code security, improve vulnerability management, and contribute to a positive impact on patient care. The role provides ample learning opportunities and allows you to leverage and refine your skills. Your work will directly contribute to better patient outcomes in our mission to make mental healthcare accessible to all. We offer a fully remote work environment (US-based) and a comprehensive benefits package.

Requirements

• 4+ years of experience as an application security engineer
• Experience with JavaScript, TypeScript, Node.js, and/or Ruby
• Demonstrated success applying OWASP Top 10 recommendations to modern application stacks
• Experience with common SAST and DAST tooling and best practices

Responsibilities

• Ensure the protection of patient data and all of the technology behind our platform
• Maintain close partnerships with Engineering and Product teams
• Interface with everyone across the company to ensure that security is a core component of Rula’s culture
• Enhance the security of our code and development practices
• Enhance our vulnerability management program with Engineering and external partners

Preferred Qualifications

• Experience launching and/or managing a bug bounty program
• An understanding of HIPAA requirements and how they apply to application security
• Established success leading threat modeling exercises to identify security risks in technical designs
• Experience with JS front-end libraries, preferably React
• Experience interfacing with 3rd party pentesters to validate findings and develop remediation plans

Benefits

• 100% remote work environment (US-based only): Working hours to support a healthy work-life balance, ensuring you can meet both professional and personal commitments
• Attractive pay and benefits : Full transparency of pay ranges regardless of where you live in the United States
• Comprehensive health benefits : Medical, dental, vision, life, disability, and FSA/HSA
• 401(k) plan access : Start saving for your future
• Generous time-off policies : Including 2 company-wide shutdown weeks each year for self-care (for most employees)
• Paid parental leave : Available for all parents, including birthing, non-birthing, adopting, and fostering
• Employee Assistance Program (EAP) : Support for your mental and physical health
• New hire home office stipend : Set up your workspace for success
• Quarterly department stipend : Fund team-building activities or in-person gatherings
• Wellness events and lunch & learns : Explore a variety of engaging topics
• Community and employee resource groups : Participate in groups that celebrate employee identity and lived experiences, fostering a sense of community and belonging for all