Staff Security Analyst

Job Category: Technology and IT
Job Type: Full Time
Job Location: USA
Salary: $178K/yr - $217K/yr
Company Name: Ro

Company Overview

Ro is a direct-to-patient healthcare company committed to delivering high-quality, affordable care without requiring insurance. As the only provider seamlessly integrating telehealth, in-home care, diagnostics, labs, and pharmacy services nationwide, Ro offers a comprehensive, end-to-end healthcare experience.

Powered by a vertically integrated platform, Ro ensures personalized care—starting from diagnosis to medication delivery and ongoing treatment. Since its founding in 2017, Ro has facilitated over eight million digital healthcare visits across nearly every U.S. county, including 98% of primary care deserts.

Beyond patient care, Ro extends its innovative healthcare solutions to other organizations through services like Workpath, its in-home care API, and Kit, its at-home diagnostic testing service.

What You’ll Do

  • Serve as the top escalation point for cybersecurity incidents, applying advanced investigative skills and deep knowledge of adversary tactics, techniques, and procedures to analyze and respond effectively.
  • Lead cyber incident response efforts, swiftly correlating data from multiple sources to determine the best remediation strategies while tracking incidents to resolution.
  • Drive program strategy across key security domains, including external threats, insider risks, fraud management, and physical security.
  • Provide expert guidance during meetings, explaining complex cybersecurity topics to technical and non-technical stakeholders, including business leaders and partners.
  • Utilize cutting-edge security technologies to conduct investigations in collaboration with both internal Security Operations Center (SOC) teams and managed security providers.
  • Develop advanced threat detection strategies, leveraging threat intelligence insights to identify adversary tactics in real-time and retrospectively.
  • Design, maintain, and implement incident response playbooks to enable both manual and automated analysis within SIEM and SOAR platforms.
  • Collaborate with IT, Threat Intelligence, Product Security, Infrastructure, and patient care teams to address security challenges at scale, balancing security, usability, and performance.

What You’ll Bring

  • Bachelor’s degree in a technical field or equivalent hands-on experience.
  • 7+ years of experience in security operations and incident response.
  • GCIH certification and expertise in incident management, crisis response, and breach remediation.
  • Proficiency in Splunk SPL and SQL queries to analyze security event logs and raw data.
  • Deep knowledge of cloud security and experience investigating security incidents in AWS, Azure, and GCP environments.
  • Strong analytical and hypothesis-driven problem-solving skills.
  • Expertise in network and host-based intrusion analysis, malware analysis, cloud-native response, and forensics.
  • Advanced understanding of MITRE ATT&CK framework and modern cybersecurity tactics, techniques, and procedures (TTPs).
  • Solid grasp of network protocols and architectures.
  • Scripting/programming skills in Python, PowerShell, or Bash.
  • Experience developing remediation and recovery plans.
  • Strong background in automating security response using orchestration platforms.
  • Knowledge of threat intelligence platforms like CrowdStrike Falcon and Recorded Future to strengthen security strategies.
  • Preferred certifications: GCIA, GCFA, GNFA, GCFR, GREM, or GIME.
APPLY

Apply for this position

Allowed Type(s): .pdf, .doc, .docx