Skip to content
AKASAAKASASan Francisco, CA

IT Security Operations Engineer

IT Security Operations Engineer responsible for implementing DLP, email security, endpoint protection, Okta/Google Workspace hardening, automation, compliance evidence collection, and incident response in a hybrid healthcare AI startup.

150k – 190k/yr
Hybrid4+ YOESecurity Engineering

About the role

What You'll Do

  • Implement and tune PHI Data Loss Prevention. Deploy and tune DLP policies across our SaaS estate (Google Workspace, Slack, GitHub, Jira/Confluence) and managed Mac endpoints. Build detections that catch real PHI exposure with minimal false positives, and partner with stakeholders to remediate findings.
  • Operate AI-powered email security. Stand up and tune an AI email security layer on top of Google Workspace covering phishing, BEC, payload analysis, and vendor impersonation. Run investigations end-to-end.
  • Configure MDR/EDR for endpoint posture. Tune detection coverage, response automation, and alert routing across the Mac fleet to maximize endpoint security posture, and integrate findings into our incident response workflow.
  • Harden Okta and Google Workspace. Maintain Okta (OIE policies, MFA, device trust, geo controls, lifecycle, SCIM/group push) and Google Workspace (context-aware access, DLP, alert center, drive sharing, admin hygiene) against documented baselines. Codify in Terraform where practical.
  • Automate security testing, reporting, and training. Automate phishing simulations, access reviews, configuration drift checks, and vulnerability rescans. Build reporting that produces the metrics leadership and auditors actually need, and run role-based security awareness training.
  • Lead incident response. Maintain runbooks, join the on-call rotation, and lead investigations involving SaaS account compromise and PHI exposure.
  • Support compliance at the source. Automate HITRUST, HIPAA, and SOC 2 evidence collection at the tool level rather than collecting screenshots after the fact.
  • Maintain living documentation. Keep configurations, runbooks, and procedures current so a teammate can operate the system without you.

What We're Looking For

  • 4+ years in security operations, IT security, or a closely related role
  • Production experience reviewing and configuring security settings in Okta (or an equivalent IdP) and Google Workspace at meaningful scale
  • Hands-on experience deploying or operating a DLP product across SaaS and endpoints
  • Experience with AI/ML-driven email security tooling or modern SEGs (Abnormal, Material, Sublime, Proofpoint, Mimecast)
  • Comfort writing scripts and small services (Python, Go, or TypeScript) to automate repetitive work and integrate APIs
  • Working knowledge of at least one compliance framework relevant to our environment: HIPAA, HITRUST, SOC 2, or ISO 27001
  • Strong written communication. You can document a system clearly enough that a teammate can operate it without you.
  • Ownership mindset. You see something broken and fix it. You don't wait for a ticket to act on a problem you can solve, and you take a project from "idea" to "in production" without needing to be project-managed through it.

Bonus Points

  • Prior experience in healthcare or another regulated industry handling sensitive data
  • Familiarity with Terraform, especially for identity and SaaS configuration
  • Experience with Mac fleet management (Kandji, Jamf) and modern device trust (Okta Device Trust, SecureW2, EAP-TLS)
  • Background running phishing simulation and security awareness programs (KnowBe4, Hoxhunt, Living Security)
  • Experience integrating LLM or AI tooling into a security workflow (triage, summarization, evidence collection)
  • Incident response experience, including investigations involving SaaS account compromise

What We Offer

  • Flexible paid time off (PTO)
  • Expansive coverage for health, dental, and vision
  • Employer contribution to Health Savings Accounts (HSA)
  • Generous parental leave policy
  • Full employee coverage for life insurance
  • Home office stipend
  • Cell phone/internet reimbursement
  • Commuting benefits
  • Company-paid holidays
  • 401(K) plan

Compensation

  • $150,000 - $190,000 + Equity

Skills

OktaGoogle WorkspaceDlpPythonGoTypeScriptHIPAAHitrustSOC 2TerraformJamfKandjiEdrMdrIncident Response
Mercor

Software Engineer, Identity

MercorSan Francisco, CA

Build and scale Mercor's novel identity and access management infrastructure across thousands of Slack workspaces and HR systems for a 100k+ expert network. Requires strong product engineering, large-scale distributed systems experience, and security-minded design instincts.

150k – 325k/yr
On-site5+ YOESecurity Engineering
Novig

Security Engineer

NovigNew York, NY

Build and maintain security automation pipelines, AI agents, SOAR/SIEM integrations, vulnerability management, and IAM systems for a sports prediction market platform.

150k – 200k/yr
On-site5+ YOESecurity Engineering
Fal

Governance, Risk & Compliance Engineer

FalSan Francisco, CA

GRC Engineer responsible for designing and improving governance, risk management, and compliance programs at a generative AI platform company. Manage certifications (SOC 2, ISO 27001, GDPR), lead risk assessments, support customer security reviews, and develop automation for cloud and AI infrastructure controls.

150k – 250k/yr
On-site5+ YOESecurity Engineering
GitLab

Manager, Security Incident Response Team (USA)

GitLabUnited States

Leads the Security Incident Response Team in the Americas, managing engineers through threat hunting, investigations, triage, and large-scale responses while coaching performance and driving process improvements using AI and automation.

150k – 235k/yr
RemoteSecurity Engineering
Applied Intuition

Security Engineer (Purple Team)

Applied IntuitionSunnyvale, CA

Performs offensive security testing, penetration assessments, and risk analysis on vehicle software platforms and embedded systems. Collaborates with engineering teams to design secure architectures and implement mitigations for automotive products.

150k – 220k/yr
On-siteSecurity Engineering