Description:

The role is for a Sr. Security Operations Engineer to help build and scale Rula’s Detection and Response capabilities, laying the foundation for a future Security Operations Center (SOC).
The engineer will be responsible for protecting the platform and patient data, monitoring alerts, investigating threats, and collaborating with engineering teams to improve response times and automate key processes.
The position involves working closely with the Staff DART Engineer, external MDR providers, and stakeholders to refine security tooling, create actionable runbooks, and evolve the approach to detection and response.
The Security team at Rula is described as highly collaborative, pragmatic, and mission-driven, focused on protecting systems that enable mental health care at scale.
Candidates who thrive in hands-on roles, enjoy building from the ground up, and want their work to make a real impact are encouraged to apply.

Requirements:

Candidates must have 4+ years of experience as a Security Analyst, Incident Responder, Threat Hunter, or similar security operations role on a dedicated security team.
Demonstrated experience in monitoring cloud environments (with a strong preference for AWS) and responding to incidents is required.
Hands-on experience in creating, tuning, and implementing detection rules in SIEM platforms is necessary.
Proficiency in scripting for automation or data analysis, ideally in Python, is required.
Experience in developing and maintaining technical documentation, including SOC processes, runbooks, or incident reports, is essential.
Familiarity with threat hunting methodologies and frameworks, such as MITRE ATT&CK, is preferred but not mandatory.
Experience with Endpoint Detection and Response (EDR) tools, particularly in macOS environments, is a plus.
Relevant security certifications such as OSCP, GIAC (GCIH, GCIA, GSOC), BTL1, or AWS Security – Specialty are preferred.
Experience with no-code/low-code automation platforms or SOAR tools is advantageous.
Experience querying security data using SQL (e.g., Athena/Trino) and familiarity with schemas like OCSF is preferred.

The position offers a 100% remote work environment (US-based only) with working hours that support a healthy work-life balance.
Employees receive attractive pay and benefits, with full transparency of pay ranges regardless of location in the United States.
Comprehensive health benefits include medical, dental, vision, life, disability, and FSA/HSA.
Access to a 401(k) plan is provided to help employees save for their future.
The company has generous time-off policies, including 2 company-wide shutdown weeks each year for self-care.
Paid parental leave is available for all parents, including birthing, non-birthing, adopting, and fostering.
An Employee Assistance Program (EAP) is offered to support mental and physical health.
A new hire home office stipend is provided to help set up a successful workspace.
A quarterly department stipend is available to fund team-building activities or in-person gatherings.
Employees can participate in wellness events and lunch & learns that explore a variety of engaging topics.
The company promotes community and employee resource groups to celebrate employee identity and lived experiences, fostering a sense of community and belonging for all.