Senior Infrastructure Security Engineer

### Who you are
- 4+ years of demonstrated experience as an infrastructure security or cloud security engineer
- 3+ years of AWS engineering experience (security or non-security role)
- Expertise using an AWS SDK for Python, Javascript, or Go for regular engineering tasks
- Proficiency using Infrastructure-as-Code tools, such as Terraform or CloudFormation
- Demonstrated ability in managing or developing security standards around Kubernetes and/or EKS
- While having the preferred qualifications enhances your candidacy, having all of them is not mandatory. We encourage all interested applicants to apply, even those who may not meet every preferred requirement
- Experience in healthcare industry, with functional understanding of HIPAA requirements and how they apply to infrastructure security practices
- Hands-on prowess securing GCP environments, including IAM and cloud security posture management across GCP services
- Expertise identifying and mitigating security risks introduced by AI/ML workloads in cloud infrastructure, such as securing model serving pipelines, training data access controls, and GPU/compute resource isolation
- Experience with Web Application Firewall (WAF) tuning and alerting
- Demonstrated success defining, implementing, and refining cloud organization-level policy controls such as Service Control Policies (SCPs) or GCP Organization Policies
- Established history of running security threat models against production cloud infrastructure

### What the job involves
- The Security Team at Rula is responsible for ensuring the protection of patient data and all of the technology behind our platform
- We maintain close partnerships with Engineering and Product teams, but interface with everyone across the company to ensure that security is an organic and adopted element of our culture
- In this role, you’ll have the opportunity to enhance the security of cloud infrastructure
- Overall, you’ll encounter endless learning opportunities and pursue projects that will leverage and refine your skills
- More importantly, the work you do will help ensure the best outcomes for patients as we strive to make mental healthcare work for everyone
- We commit to high ethical standards
- We focus on pragmatic assessments over assumptions
- We hold ourselves accountable to team and company standards
- We prioritize the relative ‘High-impact, low-effort’ security risks
- We assume best intentions in all of our partners
- We empower other teams with actionable data to make sound security decisions
- We value collaboration and practical experience over titles

### Benefits
- The ability to work remotely from any location in the US
- Pay and benefits that aren’t geo-locked
- Two company-wide shut-down weeks a year for self-care
- Access to 401(k) personal retirement plan
- Paid parental leave to support you and your family
- Medical, dental, and vision employer insurance plans
- Employee Assistance Programs (EAP) through our insurance
- The equipment you need for your home office