Ro is a direct-to-patient healthcare company with a mission of helping patients achieve their health goals by delivering the easiest, most effective care possible. Ro is the only company to offer nationwide telehealth, labs, and pharmacy services. This is enabled by Ro's vertically integrated platform that helps patients achieve their goals through a convenient, end-to-end healthcare experience spanning from diagnosis, to delivery of medication, to ongoing care. Since 2017, Ro has helped millions of patients in nearly every single county in the United States, including 99% of primary care deserts.
Ro is consistently recognized as a top workplace in Health Care, in New York, and for Women and Parents—earning more than 20 honors from Fortune, Great Place to Work, and PEOPLE since 2021. In 2025 alone, we ranked top 5 among medium workplaces in Health Care and New York, and top 50 nationwide.
The Role
As a Senior Security Engineer, Enterprise SaaS, you’ll serve as Ro’s hands-on technical lead and builder for SaaS security posture management (SSPM) and data loss prevention (DLP). You’ll define the standards, automation, and monitoring that keep our SaaS platforms secure, compliant, and reliable as the business scales. This role blends architecture with execution: you’ll engineer hands-on solutions and automated workflows while guiding how Ro integrates, governs, and secures numerous SaaS services across the enterprise. You’ll partner across Security Operations, IT, GRC, and Product Security to shape a unified SaaS security strategy that keeps our people productive and patient data protected.
What You’ll Do
Own the architecture, implementation, and continuous improvement of Ro’s SSPM and DLP platforms driving security maturity across our robust SaaS landscape.
Define and evolve SaaS security standards, access models, and configuration baselines that balance control with business agility.
Engineer the SaaS lifecycle: Build scalable SaaS lifecycle automations, ranging from posture monitoring and alerting to end-to-end remediation workflows using Tines or similar orchestration platforms.
Partner across teams to embed SaaS security into identity management, onboarding/offboarding, and vendor risk processes.
Collaborate with Security Operations to investigate SaaS-related alerts, ensuring rapid, documented, and systemic remediation.
Lead the integration of SaaS controls into SIEM and SOAR systems (e.g., Splunk, Tines), ensuring actionable telemetry and streamlined response.
Contribute to compliance alignment, ensuring SSPM and DLP controls satisfy HIPAA,HITRUST and SOC 2 requirements.
Mentor peers and share expertise across Security and IT teams, elevating overall SaaS security awareness and discipline.
What You’ll Bring
5+ years of experience in Security Engineering or Cloud Security roles, with expertise in SaaS ecosystems, automation, and data protection.
Proven success implementing and managing SSPM and DLP technologies such as AppOmni, Obsidian, BetterCloud, Nightfall, Netskope, etc.
A sharp analytical mindset with the ability to ask the right questions to uncover hidden risks, coupled with the judgment to rationalize complex SaaS features against security policies and risk tolerance.
Demonstrated experience integrating SaaS controls into SIEM/SOAR systems and automating detection, response, and reporting.
Working knowledge of data classification, privacy, and governance frameworks relevant to healthcare or regulated industries.
Excellent communication and collaboration skills — able to influence both technical and executive stakeholders.
A builder’s mindset — practical, automation-oriented, and focused on delivering scalable, measurable outcomes.
Bonus: direct experience supporting HIPAA, HITRUST or SOC 2 compliance, or prior work securing cloud-first healthcare or fintech environments.
The target base salary for this position ranges from $153,400 to $186,000, in addition to a competitive equity and benefits package (as applicable). When determining compensation, we analyze and carefully consider several factors, including location, job-related knowledge, skills and experience. These considerations may cause your compensation to vary.
Ro recognizes the power of in-person collaboration, while supporting the flexibility to work anywhere in the United States. For our Ro’ers in the tri-state (NY) area, you will join us at HQ on Tuesdays and Thursdays. For those outside of the tri-state area, you will be able to join in-person collaborations throughout the year (i.e., during team on-sites).
At Ro, we believe that our diverse perspectives are our biggest strengths — and that embracing them will create real change in healthcare. As an equal opportunity employer, we provide equal opportunity in all aspects of employment, including recruiting, hiring, compensation, training and promotion, termination, and any other terms and conditions of employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, familial status, age, disability and/or any other legally protected classification protected by federal, state, or local law.
Ro is committed to providing reasonable accommodations for qualified individuals with disabilities in our application and interview process. If you require a reasonable accommodation in the application or interview process, please contact us at talent@ro.co.
See our California Privacy Policy
here.
