About the RoleWe're looking for a resourceful, automation-minded IT Security Operations Engineer to help build, support, and grow an innovative technology experience for all AKASAns. This role is ideal for someone who thrives in startup environments and wants to join a small but mighty team and have immediate impact. The ideal candidate can context-switch with ease, build scalable solutions from scratch, and genuinely enjoys empowering their colleagues through technology and mentorship. You'll own the security configurations that keep AKASA securely running day to day while continuously finding ways to automate, document, and improve. AKASA is a fast-paced startup environment, and we look for people who are agile, organized, and have an ownership mindset.
This is a hybrid position that requires 2+ days a week in our South San Francisco HQ.What You'll Do- Implement and tune PHI Data Loss Prevention. Deploy and tune DLP policies across our SaaS estate (Google Workspace, Slack, GitHub, Jira/Confluence) and managed Mac endpoints. Build detections that catch real PHI exposure with minimal false positives, and partner with stakeholders to remediate findings.
- Operate AI-powered email security. Stand up and tune an AI email security layer on top of Google Workspace covering phishing, BEC, payload analysis, and vendor impersonation. Run investigations end-to-end.
- Configure MDR/EDR for endpoint posture. Tune detection coverage, response automation, and alert routing across the Mac fleet to maximize endpoint security posture, and integrate findings into our incident response workflow.
- Harden Okta and Google Workspace. Maintain Okta (OIE policies, MFA, device trust, geo controls, lifecycle, SCIM/group push) and Google Workspace (context-aware access, DLP, alert center, drive sharing, admin hygiene) against documented baselines. Codify in Terraform where practical.
- Automate security testing, reporting, and training. Automate phishing simulations, access reviews, configuration drift checks, and vulnerability rescans. Build reporting that produces the metrics leadership and auditors actually need, and run role-based security awareness training.
- Lead incident response. Maintain runbooks, join the on-call rotation, and lead investigations involving SaaS account compromise and PHI exposure.
- Support compliance at the source. Automate HITRUST, HIPAA, and SOC 2 evidence collection at the tool level rather than collecting screenshots after the fact.
- Maintain living documentation. Keep configurations, runbooks, and procedures current so a teammate can operate the system without you.
What We're Looking For- 4+ years in security operations, IT security, or a closely related role
- Production experience reviewing and configuring security settings in Okta (or an equivalent IdP) and Google Workspace at meaningful scale
- Hands-on experience deploying or operating a DLP product across SaaS and endpoints
- Experience with AI/ML-driven email security tooling or modern SEGs (Abnormal, Material, Sublime, Proofpoint, Mimecast)
- Comfort writing scripts and small services (Python, Go, or TypeScript) to automate repetitive work and integrate APIs
- Working knowledge of at least one compliance framework relevant to our environment: HIPAA, HITRUST, SOC 2, or ISO 27001
- Strong written communication.You can document a system clearly enough that a teammate can operate it without you
- Ownership mindset.You see something broken and fix it. You don't wait for a ticket to act on a problem you can solve, and you take a project from "idea" to "in production" without needing to be project-managed through it.
Bonus Points- Prior experience in healthcare or another regulated industry handling sensitive data
- Familiarity with Terraform, especially for identity and SaaS configuration
- Experience with Mac fleet management (Kandji, Jamf) and modern device trust (Okta Device Trust, SecureW2, EAP-TLS)
- Background running phishing simulation and security awareness programs (KnowBe4, Hoxhunt, Living Security)
- Experience integrating LLM or AI tooling into a security workflow (triage, summarization, evidence collection)
- Incident response experience, including investigations involving SaaS account compromise
What We Offer- Flexible paid time off (PTO)
- Expansive coverage for health, dental, and vision
- Employer contribution to Health Savings Accounts (HSA)
- Generous parental leave policy
- Full employee coverage for life insurance
- Home office stipend
- Cell phone/internet reimbursement
- Commuting benefits
- Company-paid holidays
- 401(K) plan
Compensation- Based on geo, market data, and other factors, the salary range for this position is $150,000 - $190,000 + Equity. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description.
