IT Security Operations Engineer responsible for implementing DLP, email security, endpoint protection, Okta/Google Workspace hardening, automation, compliance evidence collection, and incident response in a hybrid healthcare AI startup.
150k – 190k/yr
Hybrid4+ YOESecurity Engineering
About the role
What You'll Do
Implement and tune PHI Data Loss Prevention. Deploy and tune DLP policies across our SaaS estate (Google Workspace, Slack, GitHub, Jira/Confluence) and managed Mac endpoints. Build detections that catch real PHI exposure with minimal false positives, and partner with stakeholders to remediate findings.
Operate AI-powered email security. Stand up and tune an AI email security layer on top of Google Workspace covering phishing, BEC, payload analysis, and vendor impersonation. Run investigations end-to-end.
Configure MDR/EDR for endpoint posture. Tune detection coverage, response automation, and alert routing across the Mac fleet to maximize endpoint security posture, and integrate findings into our incident response workflow.
Harden Okta and Google Workspace. Maintain Okta (OIE policies, MFA, device trust, geo controls, lifecycle, SCIM/group push) and Google Workspace (context-aware access, DLP, alert center, drive sharing, admin hygiene) against documented baselines. Codify in Terraform where practical.
Automate security testing, reporting, and training. Automate phishing simulations, access reviews, configuration drift checks, and vulnerability rescans. Build reporting that produces the metrics leadership and auditors actually need, and run role-based security awareness training.
Lead incident response. Maintain runbooks, join the on-call rotation, and lead investigations involving SaaS account compromise and PHI exposure.
Support compliance at the source. Automate HITRUST, HIPAA, and SOC 2 evidence collection at the tool level rather than collecting screenshots after the fact.
Maintain living documentation. Keep configurations, runbooks, and procedures current so a teammate can operate the system without you.
What We're Looking For
4+ years in security operations, IT security, or a closely related role
Production experience reviewing and configuring security settings in Okta (or an equivalent IdP) and Google Workspace at meaningful scale
Hands-on experience deploying or operating a DLP product across SaaS and endpoints
Experience with AI/ML-driven email security tooling or modern SEGs (Abnormal, Material, Sublime, Proofpoint, Mimecast)
Comfort writing scripts and small services (Python, Go, or TypeScript) to automate repetitive work and integrate APIs
Working knowledge of at least one compliance framework relevant to our environment: HIPAA, HITRUST, SOC 2, or ISO 27001
Strong written communication. You can document a system clearly enough that a teammate can operate it without you.
Ownership mindset. You see something broken and fix it. You don't wait for a ticket to act on a problem you can solve, and you take a project from "idea" to "in production" without needing to be project-managed through it.
Bonus Points
Prior experience in healthcare or another regulated industry handling sensitive data
Familiarity with Terraform, especially for identity and SaaS configuration
Experience with Mac fleet management (Kandji, Jamf) and modern device trust (Okta Device Trust, SecureW2, EAP-TLS)
Background running phishing simulation and security awareness programs (KnowBe4, Hoxhunt, Living Security)
Experience integrating LLM or AI tooling into a security workflow (triage, summarization, evidence collection)
Incident response experience, including investigations involving SaaS account compromise
What We Offer
Flexible paid time off (PTO)
Expansive coverage for health, dental, and vision
Employer contribution to Health Savings Accounts (HSA)
Build and scale Mercor's novel identity and access management infrastructure across thousands of Slack workspaces and HR systems for a 100k+ expert network. Requires strong product engineering, large-scale distributed systems experience, and security-minded design instincts.
150k – 325k/yr
On-site5+ YOESecurity Engineering
Security Engineer
NovigNew York, NY
Build and maintain security automation pipelines, AI agents, SOAR/SIEM integrations, vulnerability management, and IAM systems for a sports prediction market platform.
150k – 200k/yr
On-site5+ YOESecurity Engineering
Governance, Risk & Compliance Engineer
FalSan Francisco, CA
GRC Engineer responsible for designing and improving governance, risk management, and compliance programs at a generative AI platform company. Manage certifications (SOC 2, ISO 27001, GDPR), lead risk assessments, support customer security reviews, and develop automation for cloud and AI infrastructure controls.
150k – 250k/yr
On-site5+ YOESecurity Engineering
Manager, Security Incident Response Team (USA)
GitLabUnited States
Leads the Security Incident Response Team in the Americas, managing engineers through threat hunting, investigations, triage, and large-scale responses while coaching performance and driving process improvements using AI and automation.
150k – 235k/yr
RemoteSecurity Engineering
Security Engineer (Purple Team)
Applied IntuitionSunnyvale, CA
Performs offensive security testing, penetration assessments, and risk analysis on vehicle software platforms and embedded systems. Collaborates with engineering teams to design secure architectures and implement mitigations for automotive products.