Join Rula's Mission: Secure the Future of Mental Healthcare
At Rula, we're revolutionizing mental healthcare, making it accessible and effective for everyone. We're looking for passionate cybersecurity professionals to join our Security Team and help us protect the sensitive data that fuels our mission.
About the Role: Application Security Engineer
As an Application Security Engineer at Rula, you'll play a critical role in safeguarding patient data and the technology that powers our platform. You'll collaborate closely with Engineering and Product teams, embedding security into our development lifecycle and fostering a security-conscious culture across the company. You'll be at the forefront of enhancing our code security, refining our development practices, and bolstering our vulnerability management program with both internal teams and external partners.
Here's what you'll be doing:
Enhance the security of our code and development practices.
Drive our vulnerability management program in collaboration with Engineering and external partners.
Partner with Engineering and Product teams, integrating security into the SDLC.
Tackle diverse challenges and continuously learn, refining your cybersecurity skills.
Contribute directly to improving patient outcomes by ensuring the security and privacy of their data.
If you're looking for a role where you can make a real impact and contribute to a meaningful mission, this is it.
Required Qualifications:
5+ years of experience in a security engineering or related role.
3+ years of experience in an application security engineering role.
Proficiency with TypeScript, JavaScript, and/or Node.js.
Deep understanding of OWASP Top 10 and its application to modern systems.
Proven experience with common SAST and DAST tooling and best practices.
Preferred Qualifications:
Experience reviewing and triaging externally reported security vulnerabilities (e.g., bug bounty).
Functional understanding of HIPAA requirements and their application to application security practices.
Experience leading threat modeling exercises to identify security risks in technical designs.
Familiarity with JS front-end libraries, preferably React.
Experience interfacing with 3rd party pentesters to validate findings and develop remediation plans.
Benefits That Prioritize Your Well-being:
We're serious about your well-being! As part of our team, full-time employees receive:
100% Remote Work Environment (US-based only): Enjoy flexible working hours to support a healthy work-life balance.
Attractive Pay and Benefits: Transparent pay ranges regardless of your location within the United States.
Comprehensive Health Benefits: Medical, dental, vision, life, disability, and FSA/HSA.
401(k) Plan Access: Invest in your future.
Generous Time-Off Policies: Including 2 company-wide shutdown weeks each year for self-care (for most employees).
Paid Parental Leave: Available for all parents, including birthing, non-birthing, adopting, and fostering.
Employee Assistance Program (EAP): Access mental and physical health support.
New Hire Home Office Stipend: Set up your workspace for success.
Quarterly Department Stipend: Fund team-building activities or in-person gatherings.
Wellness Events and Lunch & Learns: Explore engaging topics to enhance your well-being.
Community and Employee Resource Groups: Participate in groups that celebrate employee identity and lived experiences, fostering a sense of community and belonging for all.
Join Our Team
We believe that diversity, equity, and inclusion are fundamental to our mission. We're committed to fostering a culture of inclusion where every employee feels safe, seen, heard, and valued.