Senior Security Operations Engineer

Summary

Join Rula as a Sr. Security Operations Engineer and play a crucial role in building and scaling the company's Detection and Response capabilities. You will be responsible for protecting Rula's platform and patient data, monitoring alerts, investigating threats, and collaborating with engineering teams to enhance response times and automate processes. This role involves close collaboration with the Staff DART Engineer, external MDR providers, and various stakeholders. The ideal candidate will have a strong background in security operations, experience with cloud environments (AWS preferred), and proficiency in scripting and documentation. Rula offers a 100% remote work environment (US-based only), attractive pay and benefits, and a commitment to employee well-being.

Requirements

• 4+ years of experience as a Security Analyst, Incident Responder, Threat Hunter, or similar security operations role on a dedicated security team
• Demonstrated experience monitoring cloud environments (AWS strongly preferred) and responding to incidents
• Hands-on experience creating, tuning, and implementing detection rules in SIEM platforms
• Proficiency with scripting for automation or data analysis , ideally in Python
• Experience developing and maintaining technical documentation , including SOC processes, runbooks, or incident reports

Responsibilities

• Build and scale Rula’s Detection and Response capabilities—laying the foundation for our future Security Operations Center (SOC)
• Be at the front line of protecting our platform and patient data, monitoring alerts, investigating threats, and partnering across engineering teams to improve response times and automate key processes
• Work closely with our Staff DART Engineer, external MDR providers, and stakeholders across the organization to refine security tooling, create actionable runbooks, and evolve our approach to detection and response

Preferred Qualifications

• Familiarity with threat hunting methodologies and frameworks , such as MITRE ATT&CK
• Experience with Endpoint Detection and Response (EDR) tools , particularly in macOS environments
• Relevant security certifications such as OSCP, GIAC (GCIH, GCIA, GSOC), BTL1, or AWS Security – Specialty
• Experience with no-code/low-code automation platforms or SOAR tools
• Experience querying security data using SQL (e.g., Athena/Trino), and familiarity with schemas like OCSF

Benefits

• 100% remote work environment (US-based only): Working hours to support a healthy work-life balance, ensuring you can meet both professional and personal commitments
• Attractive pay and benefits : Full transparency of pay ranges regardless of where you live in the United States
• Comprehensive health benefits : Medical, dental, vision, life, disability, and FSA/HSA
• 401(k) plan access : Start saving for your future
• Generous time-off policies : Including 2 company-wide shutdown weeks each year for self-care (for most employees)
• Paid parental leave : Available for all parents, including birthing, non-birthing, adopting, and fostering
• Employee Assistance Program (EAP) : Support for your mental and physical health
• New hire home office stipend : Set up your workspace for success
• Quarterly department stipend : Fund team-building activities or in-person gatherings
• Wellness events and lunch & learns : Explore a variety of engaging topics
• Community and employee resource groups : Participate in groups that celebrate employee identity and lived experiences, fostering a sense of community and belonging for all