Senior Mainframe Security Engineer at Capital One, focusing on Identity Access Management using IBM z/OS and CICS Security. Collaborate on automation and security solutions in a fast - paced environment.
About the role
- Senior Security Engineer for Ro, enhancing SaaS security posture management and data loss prevention. Collaborating across teams to secure patient data and maintain compliance standards.
Responsibilities
- Own the architecture, implementation, and continuous improvement of Ro’s SSPM and DLP platforms driving security maturity across our robust SaaS landscape.
- Define and evolve SaaS security standards, access models, and configuration baselines that balance control with business agility.
- Engineer the SaaS lifecycle: Build scalable SaaS lifecycle automations, ranging from posture monitoring and alerting to end-to-end remediation workflows using Tines or similar orchestration platforms.
- Partner across teams to embed SaaS security into identity management, onboarding/offboarding, and vendor risk processes.
- Collaborate with Security Operations to investigate SaaS-related alerts, ensuring rapid, documented, and systemic remediation.
- Lead the integration of SaaS controls into SIEM and SOAR systems (e.g., Splunk, Tines), ensuring actionable telemetry and streamlined response.
- Contribute to compliance alignment, ensuring SSPM and DLP controls satisfy HIPAA,HITRUST and SOC 2 requirements.
- Mentor peers and share expertise across Security and IT teams, elevating overall SaaS security awareness and discipline.
Requirements
- 5+ years of experience in Security Engineering or Cloud Security roles, with expertise in SaaS ecosystems, automation, and data protection.
- Proven success implementing and managing SSPM and DLP technologies such as AppOmni, Obsidian, BetterCloud, Nightfall, Netskope, etc.
- A sharp analytical mindset with the ability to ask the right questions to uncover hidden risks, coupled with the judgment to rationalize complex SaaS features against security policies and risk tolerance.
- Demonstrated experience integrating SaaS controls into SIEM/SOAR systems and automating detection, response, and reporting.
- Working knowledge of data classification, privacy, and governance frameworks relevant to healthcare or regulated industries.
- Excellent communication and collaboration skills — able to influence both technical and executive stakeholders.
- A builder’s mindset — practical, automation-oriented, and focused on delivering scalable, measurable outcomes.
- Bonus: direct experience supporting HIPAA, HITRUST or SOC 2 compliance, or prior work securing cloud-first healthcare or fintech environments.
Benefits
- Full medical, dental, and vision insurance + OneMedical membership
- Healthcare and Dependent Care FSA
- 401(k) with company match
- Flexible PTO
- Wellbeing + Learning & Growth reimbursements
- Paid parental leave + Fertility benefits
- Pet insurance
- Student loan refinancing
- Virtual resources for mindfulness, counseling, and fitness
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
BO
Cybersecurity Senior Manager leading CUI compliance operations at Boeing across multiple locations in the U.S. Responsible for team management and cybersecurity strategies in compliance with regulations.
Experienced Product Security Engineer working on Government Vehicle Health Management Systems at Boeing. Responsible for developing product security and ensuring cybersecurity compliance across multiple platforms.
Senior Offensive Security Consultant at IBLISS specializing in vulnerability assessments and penetration testing in AI/ML systems. Engaging in Red Team exercises and providing technical leadership.
Lead Security Engineer maturing Copia's security engineering program for industrial automation. Collaborating with CISO and covering multiple security domains including detection engineering and IAM.
Cloud Security Engineer overseeing multi - cloud security strategies and compliance. Collaborating with engineering and operations teams to establish cloud - native security best practices.
Senior Delivery Manager leading complex technology programs for Appvia's public sector clients. Collaborating with engineering teams while ensuring successful delivery outcomes in regulated environments.
Detection & Incident Response Engineer enhancing security operations for Relax Gaming. Building monitoring capabilities and investigating security threats across the organization.
Security Project & Service Manager managing cybersecurity projects for enterprise clients at Var Group. Overseeing teams and ensuring project delivery within time and budget.
Cyber Security Manager responsible for security architecture and risk management for a global specialty chemicals company. Overseeing security frameworks, incident handling, and compliance to ensure robust security operations.