About the RoleWe are hiring a Manager, Security Operations to lead the team responsible for how Rula detects, investigates, responds to, and learns from security events. This person will manage and coach a team of engineers while remaining close to technical work such as detection design, alert tuning, incident response, runbooks, operations, and security automation.
You will manage the relationships with security operations vendors and work closely with Security, Engineering, IT, Compliance, Privacy, and external partners to improve Rula's ability to protect patient and provider data. The right candidate will have agency and support to build practical security operations in a high-trust environment where clear communication, sound judgment, and measurable outcomes matter more than titles or jargon.
Required Qualifications- 5+ years of professional experience in security operations, detection engineering, incident response, threat hunting, cloud security, or a related security engineering role
- 2+ years of direct people management experience for security engineers, incident responders, analysts, or a security operations / detection and response team
- Hands-on proficiency building, tuning, and operating detections in a modern SIEM and managing a SOAR tool (and/or comparable security operations solutions)
- Demonstrated expertise leading or materially contributing to incident response, including triage, containment, stakeholder communication, and post-incident improvements
- Working knowledge of cloud service provider and SaaS security telemetry, identity logs, endpoint security signals, and common attacker behaviors
Preferred QualificationsWhile having the preferred qualifications enhances your candidacy, having all of them is not mandatory. We encourage all interested applicants to apply, even those who may not meet every preferred requirement.
- Experience in healthcare or another regulated environment where incident response, privacy, and compliance requirements intersect
- Experience owning an MDR provider relationship, defining escalation quality expectations, running vendor reviews, and improving vendor-to-internal handoff workflows
- Experience applying MITRE ATT&CK, threat hunting methods, or detection engineering frameworks to prioritize coverage gaps
- Proficiency querying and analyzing security data using SQL, Python, or similar tools; familiarity with security data lakes, OCSF, Athena, Trino, Panther, or comparable platforms is helpful
- Experience building or improving security on-call, shared escalation models, incident command, tabletop exercises, or post-incident review practices
- Relevant security certifications such as OSCP, GCIH, GCIA, GCFA, or GSOC
We're serious about your well-being! As part of our team, full-time employees receive:- 100% remote work environment: Working hours to support a healthy work-life balance, ensuring you can meet both professional and personal commitments (must be based in United States, currently not hiring in Hawaii)
- Attractive pay and benefits: Full transparency of pay ranges regardless of where you live in the United States
- Comprehensive health benefits: Medical, dental, vision, life, disability, and FSA/HSA
- 401(k) plan access: Start saving for your future
- Generous time-off policies: Including 2 company-wide shutdown weeks each year for self-care (for most employees)
- Paid parental leave: Available for all parents, including birthing, non-birthing, adopting, and fostering
- Employee Assistance Program (EAP): Supporting your mental and physical health
- Quarterly department stipend: Fun team-building activities or in-person gatherings
- Community and employee resource groups: Participate in groups that celebrate employee identity and lived experiences, fostering a sense of community and belonging for all
- Home office stipend: New hire home office stipend & $50 monthly stipend to help cover internet or cell phone expenses
- Wellness at Rula program: Year-round wellness initiatives and a $50/month wellness stipend
