Senior Security Engineer (SIEM)
About Ro
Ro is the healthcare technology company building a patient-centric healthcare system. Ro's vertically-integrated primary care platform powers a personalized, end-to-end healthcare experience from diagnosis, to delivery of medication, to ongoing care. With a nationwide provider network, in-home care API, and proprietary pharmacy distribution centers, Ro is the only company to seamlessly connect telehealth and in-home care, diagnostics, and pharmacy services nationwide to provide high-quality, affordable healthcare without the need for insurance. Since 2017, Ro has facilitated more than six million digital healthcare visits in nearly every county in the United States, including 98% of primary care deserts. Ro also provides its patient-centric solutions including Workpath, its in-home care API, and Kit, its at-home diagnostic testing service, to other healthcare companies. Visit Ro.co for more information.
Ro was named #2 in Wellness on Fast Company's 2019 list of the World's Most Innovative Companies, listed by Inc. Magazine as a Best Place to Work in 2020 and 2021, and named one of FORTUNE's 2021 Best Workplaces In Health Care.
Come be a core member of Ro’s Security Operations Team. This is a highly-technical, hands-on role leading the day-to-day operations of our SIEM platform. This role is responsible for working across all aspects of Ro’s operations to gather security and product telemetry, surface detections/anomalies and create event alerting pipelines with SOAR Teammates. The candidate will work with market-leading security technologies, surfacing threats from our rich data sources, content subscriptions and threat intelligence investments. At Ro, automation is in our DNA and this role will have a direct impact on defining the future of digital healthcare. This role reports to the Security Operations Manager and will work closely with other internal security teams.
*This role has the ability to sit out of our NYC office once safe to do so or remote*
• 4+ years performing security analysis and developing/implementing SIEM detection logic
• 2+ years experience operating and surfacing threats within a cloud-based SIEM such as Jask/Sumo, Devo, etc
• Hands-on experience creating and tailoring detection logic in a modern SIEM platform
• Strong scripting skills (JS, python, powershell)
• In-depth knowledge of modern security technologies such as next-generation firewalls, SIEM, WAF, IDS/IPS and vulnerability management tools
• GCIA, GMON, GCDA, GSOC, GSEC, PCNSA, CISSP certifications a plus
• Develop comprehensive SIEM ingestion and event processing pipelines
• Work closely with Threat Intelligence Teammates to surface security threats and anomalies. Go beyond simple event detection by establishing baselines and hunting asymmetric threats
• Create context-rich dashboards detailing Security, IT and Product operations
• Work closely with Security Operations Teammates to ensure full automation of surfaced threats
• Continuously refine processes and collection platforms to reduce false positives and manual workflows
• Analyze security data and respond to incidents during normal working hours
• Full medical, dental, and vision insurance + OneMedical membership
• Healthcare and Dependent Care FSA
• Commuter benefits
• 401(k)
• Flexible PTO
• Fitness reimbursement
• Paid maternity/parental leave
• A never-ending supply of office snacks + coffee + tea
• The cutest office dog you’ve ever seen
We welcome qualified candidates of all races, creeds, genders, and sexuality to apply.
See our California Privacy Policy here.