avatar

Ro is hiring a
Senior Director of Product Security

👈 Back to all jobs

Read by 271 job seekers.

New York, NY or Remote

Who We Are
Ro is a direct-to-patient healthcare company with a mission of helping as many patients as possible achieve their health goals. Ro is the only company to offer telehealth care, at-home diagnostic testing, labs, and pharmacy services nationwide. This is enabled by Ro's vertically integrated platform that helps patients achieve their goals through a convenient end-to-end healthcare experience spanning from diagnosis, to delivery of medication, to ongoing care. Since 2017, Ro has helped millions of patients in nearly every single county in the United States, including 98% of primary care deserts. 

Ro was recognized as a CNBC Disruptor 50 in 2022, listed by Inc. Magazine as a Best Place to Work in 2022 for our third consecutive year, and named one of FORTUNE's 2022 Best Medium Workplaces.

At Ro, we believe that we earn the right to serve our patients every day, and in security we do that through achieving and maintaining trust. As the Senior Director of Product Security, you will guide development, application security, and secure architecture across all products and platforms to build and maintain patient trust. This role has direct responsibilities to execute our application security, client-side security, data privacy infrastructure, and pentesting/bounty programs. The Senior Director reports directly to the Chief Information Security Officer and will work closely with our Engineering, Infrastructure, and Cyber teams.

Who are you? You are a proven senior leader and software engineer. You enjoy the balance of leading and mentoring a team of rockstars and rolling your sleeves up to join in troubleshooting and incident response efforts. You are a security expert and lifelong learner, well-versed in the latest threats. You are a business leader who has a track record of achieving alignment with product and engineering teams, mitigating risk while enabling the business. You subscribe to the shift-left security philosophy, enabling stakeholders to be secure and mitigate risks early in their cycle. You are an expert communicator and kind team player.

You will be working remotely, with monthly travel to our NYC headquarters.

What You'll Do:
  • Lead the advancement of Ro’s product security function
  • Collaborate with key stakeholders across product, engineering, operations, and counsel to integrate trust and security principles throughout the ecosystem
  • Build upon and maintain our risk management framework to ensure the continual assessment of product and platform security risks. Establish and maintain repeatable patterns and processes that scale
  • Achieve a shift-left security culture by empowering developers via self-help tools, automated tests throughout the SDLC, threat modeling, and furthering our security-as-code initiatives
  • Conduct risk assessments of digital healthcare products and underlying platform components, identifying potential vulnerabilities and recommending risk mitigation strategies
  • Lead the application security, vulnerability disclosure, bug bounty, pentest, and client-side security programs
  • Build, maintain, and execute a robust security education program
  • Provide training, brownbags, secure code examples, and self-help resources that enable developers to deliver magic

  • What You'll Bring:
  • 12+ years of security engineering and development experience operating a modern tech stack/security tools
  • Demonstrated track record leading product security, application security, and secure software development
  • Masters degree in computer science/engineering or commensurate experience
  • Strong interpersonal skills with the ability to work effectively with cross functional partners
  • Proven ability to execute security roadmaps through partnership with business leaders and project managers
  • Hands-on experience working with contemporary CI/CD development products (e.g. GitLab, GitHub, Jenkins, Sonarqube, Snyk, etc.)
  • Experience in or familiarity with Java, Python iOS, Android, JavaScript (NodeJS)

  • The target for this position ranges from $255,400 to $315,500, in addition to a competitive equity and benefits package (as applicable). When determining compensation, we analyze and carefully consider several factors, including location, job-related knowledge, skills and experience. These considerations may cause your compensation to vary.

    Ro recognizes the power of in-person collaboration, while supporting the flexibility to work anywhere in the United States. For our Ro’ers in the tri-state (NY) area, you will join us at HQ on Tuesdays and Thursdays. For those outside of the tri-state area, you will be able to join in-person collaborations throughout the year (i.e., during team on-sites).

    At Ro, we believe that our diverse perspectives are our biggest strengths — and that embracing them will create real change in healthcare. As an equal opportunity employer, we provide equal opportunity in all aspects of employment, including recruiting, hiring, compensation, training and promotion, termination, and any other terms and conditions of employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, familial status, age, disability and/or any other legally protected classification protected by federal, state, or local law.

    See our California Privacy Policy here.

    See more jobs at Ro

    Related jobs