Senior Security Engineer, Enterprise SaaS

What You’ll Do

• Own the architecture, implementation, and continuous improvement of Ro’s SSPM and DLP platforms driving security maturity across our robust SaaS landscape.
• Define and evolve SaaS security standards, access models, and configuration baselines that balance control with business agility.
• Engineer the  SaaS lifecycle: Build scalable SaaS lifecycle automations,  ranging from posture monitoring and alerting to end-to-end remediation workflows using Tines or similar orchestration platforms.
• Partner across teams to embed SaaS security into identity management, onboarding/offboarding, and vendor risk processes.
• Collaborate with Security Operations to investigate SaaS-related alerts, ensuring rapid, documented, and systemic remediation.
• Lead the integration of SaaS controls into SIEM and SOAR systems (e.g., Splunk, Tines), ensuring actionable telemetry and streamlined response.
• Contribute to compliance alignment, ensuring SSPM and DLP controls satisfy HIPAA,HITRUST and SOC 2 requirements.
• Mentor peers and share expertise across Security and IT teams, elevating overall SaaS security awareness and discipline.

What You’ll Bring

• 5+ years of experience in Security Engineering or Cloud Security roles, with expertise in SaaS ecosystems, automation, and data protection.
• Proven success implementing and managing SSPM and DLP technologies such as AppOmni, Obsidian, BetterCloud, Nightfall, Netskope, etc.
• A sharp analytical mindset with the ability to ask the right questions to uncover hidden risks, coupled with the judgment to rationalize complex SaaS features against security policies and risk tolerance.
• Demonstrated experience integrating SaaS controls into SIEM/SOAR systems and automating detection, response, and reporting.
• Working knowledge of data classification, privacy, and governance frameworks relevant to healthcare or regulated industries.
• Excellent communication and collaboration skills — able to influence both technical and executive stakeholders.
• A builder’s mindset — practical, automation-oriented, and focused on delivering scalable, measurable outcomes.
• Bonus: direct experience supporting HIPAA, HITRUST or SOC 2 compliance, or prior work securing cloud-first healthcare or fintech environments.

We’ve Got You Covered

• Full medical, dental, and vision insurance + OneMedical membership
• Healthcare and Dependent Care FSA
• 401(k) with company match
• Flexible PTO
• Wellbeing + Learning & Growth reimbursements
• Paid parental leave + Fertility benefits
• Pet insurance
• Student loan refinancing
• Virtual resources for mindfulness, counseling, and fitness