Easy Apply
Easy Apply
Lead incident response efforts, mentor analysts, and collaborate with cross-functional teams to enhance security strategies while managing threats in multi-cloud environments.
Ro is a direct-to-patient healthcare company with a mission of helping patients achieve their health goals by delivering the easiest, most effective care possible. Ro is the only company to offer nationwide telehealth, labs, and pharmacy services. This is enabled by Ro's vertically integrated platform that helps patients achieve their goals through a convenient, end-to-end healthcare experience spanning from diagnosis, to delivery of medication, to ongoing care. Since 2017, Ro has helped millions of patients, including one in every county in the United States, and in 98% of primary care deserts.
Ro has been recognized as a Fortune Best Workplace in New York and Health Care for four consecutive years (2021-2024). In 2023, Ro was also named Best Workplace for Parents for the third year in a row. In 2022, Ro was listed as a CNBC Disruptor 50.
The Role:
We are seeking a Staff Security Analyst with with demonstrable experience leading comprehensive incident response engagements, capable of developing innovative solutions to track and defend against sophisticated adversaries, and brings a broad vision and a deep understanding of the cybersecurity tradecraft.
Successful candidates will have successfully led complex incident response scenarios in a multi-cloud environment in the last 3 years. They will bring hands-on technical experience investigating adversary tactics, techniques, and procedures, and are fluent in interpretting complex events and anomalies as a seasoned security operations professional. The candidate will be comfortable navigating between strategic and task level discussions gracefully, collaborating with other cross-functional experts, and representing the SOC as our subject matter expert.
Preferred candidates will be assertive but open-minded critical thinkers with a high ownership mentality, understanding they own the goals and the outcomes. They’re comfortable displaying humility in an environment where it’s not about “being right”, rather we are all responsible for “getting it right”. They thrive working in challenging and hyper-modern, multi-cloud, SAAS-native environments with container-based first-party application architectures that are monitored with contemporary security controls.
What You'll Do:
- Serve as the SOC’s highest point of escalation for technical analysis and response, shape program strategy as a trusted individual contributor, and mentor analyst teammates toward improvement.
- Command incident response engagements as a hands-on cross-functional expert, leading both technical and non-technical colleagues, partners, and business leaders through complex scenarios.
- Impact threat management program strategy across multiple competency domains including external threat, insider threat, threat intelligence, data security, fraud management, and physical security.
- Work with stakeholders such as IT, Security Engineering, Product Security, Infrastructure, Privacy, and Legal teams to solve security challenges at scale, and enhance program capability.
- Discover unknown technical risks, correlate disparate data sources to acquire evidence, and apply superior analytical techniques in pursuit of proposing your recommended remediation strategy.
- Develop new hypotheses and perform detection engineering upon a rich dataset to discover adversary tactics, techniques and procedures aligned with our program’s threat intelligence.
What You'll Bring:
- 7 years of experience in a security operations and incident response role, with a bachelor’s degree in a technical field or equivalent work experience.
- Real world experience in incident management, crisis management, and/or breach response with an in-depth knowledge of applying both manual and automated response procedures.
- Hands-on experience performing complex investigations and leading incident responses in AWS, Azure, or GCP environments, with experience interpreting and securing multi-cloud architectures.
- Seasoned SOC/CIRT operator fluent in cyber investigations, cloud native response, network/host intrusion analysis, with strong knowledge of adversary tactics, techniques, and procedures.
- Broad understanding of the risks facing the security industry, current and emerging threats, and varied approaches to applying modern controls in order to mitigate enterprise risks.
- Nice to have: certified GX-IH, GCIH, GCFR, GCSA, GCTD, GCFA, GWEB, AWS-Security or equivalents.
We've Got You Covered:
- Full medical, dental, and vision insurance + OneMedical membership
- Healthcare and Dependent Care FSA
- 401(k) with company match
- Flexible PTO
- Wellbeing + Learning & Growth reimbursements
- Paid parental leave + Fertility benefits
- Pet insurance
- Student loan refinancing
- Virtual resources for mindfulness, counseling, and fitness
We welcome qualified candidates of all races, creeds, genders, and sexuality to apply.
The target base salary for this position ranges from $186,000 - $227,000 in addition to a competitive equity and benefits package (as applicable). When determining compensation, we analyze and carefully consider several factors, including location, job-related knowledge, skills and experience. These considerations may cause your compensation to vary.
Ro recognizes the power of in-person collaboration, while supporting the flexibility to work anywhere in the United States. For our Ro’ers in the tri-state (NY) area, you will join us at HQ on Tuesdays and Thursdays. For those outside of the tri-state area, you will be able to join in-person collaborations throughout the year (i.e., during team on-sites).
At Ro, we believe that our diverse perspectives are our biggest strengths — and that embracing them will create real change in healthcare. As an equal opportunity employer, we provide equal opportunity in all aspects of employment, including recruiting, hiring, compensation, training and promotion, termination, and any other terms and conditions of employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, familial status, age, disability and/or any other legally protected classification protected by federal, state, or local law.
See our California Privacy Policy here.
Top Skills
AWS
Azure
GCP
Similar Jobs at Ro
.png)
Healthtech • Pharmaceutical • Telehealth
The Patient Advocate provides concierge-style service to patients, assisting with non-clinical inquiries and supporting providers with administrative tasks in a fast-paced environment.
Healthtech • Pharmaceutical • Telehealth
Lead and support Customer Experience teams, manage performance across BPO partners, streamline workflows, and enhance patient experience using data-driven insights.
Top Skills:
AIAutomationCrm PlatformsMacrosZendesk
Healthtech • Pharmaceutical • Telehealth
As a Virtual Member Experience Coordinator, you will assist patients by answering inquiries, troubleshooting issues, and ensuring seamless customer service in a fast-paced remote environment.
Top Skills:
CRMZendesk
What you need to know about the Los Angeles Tech Scene
Los Angeles is a global leader in entertainment, so it’s no surprise that many of the biggest players in streaming, digital media and game development call the city home. But the city boasts plenty of non-entertainment innovation as well, with tech companies spanning verticals like AI, fintech, e-commerce and biotech. With major universities like Caltech, UCLA, USC and the nearby UC Irvine, the city has a steady supply of top-flight tech and engineering talent — not counting the graduates flocking to Los Angeles from across the world to enjoy its beaches, culture and year-round temperate climate.
Key Facts About Los Angeles Tech
- Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
- Key Industries: Artificial intelligence, adtech, media, software, game development
- Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
- Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering
