We believe that mental health is just as important as physical health. We recognize that mental health issues can be complex and multifaceted, and we are dedicated to treating the whole person, not just the symptoms.We aim to create a world where mental health is no longer stigmatized or marginalized, but rather is embraced as an integral part of one's overall well-being. We believe that by providing quality care that is both evidence-based and compassionate, we can empower individuals to take charge of their mental health and achieve their full potential. We are passionate about making a positive impact on the lives of those struggling with mental health issues and we strive to be a force for positive change in the field of mental healthcare.About the RoleThe Security Team at Rula is responsible for ensuring the protection of patient data and all of the technology behind our platform. We maintain close partnerships with Engineering and Product teams, but interface with everyone across the company to ensure that security is a core component of Rula’s culture. In this role, you’ll have the opportunity to enhance the security of our code and development practices, and enhance our vulnerability management program with Engineering and external partners. Overall, you’ll encounter endless learning opportunities and pursue projects that will leverage and refine your skills. More importantly, the work you do will help ensure the best outcomes for patients as we strive to make mental healthcare work for everyone.Required Qualifications4+ years of experience as an application security engineer Experience with JavaScript, TypeScript, Node.js, and/or RubyDemonstrated success applying OWASP Top 10 recommendations to modern application stacksExperience with common SAST and DAST tooling and best practicesPreferred QualificationsExperience launching and/or managing a bug bounty programAn understanding of HIPAA requirements and how they apply to application securityEstablished success leading threat modeling exercises to identify security risks in technical designsExperience with JS front-end libraries, preferably ReactExperience interfacing with 3rd party pentesters to validate findings and develop remediation plansWe're serious about your well-being! As part of our team, full-time employees receive:100% remote work environment (US-based only): Working hours to support a healthy work-life balance, ensuring you can meet both professional and personal commitmentsAttractive pay and benefits: Full transparency of pay ranges regardless of where you live in the United StatesComprehensive health benefits: Medical, dental, vision, life, disability, and FSA/HSA401(k) plan access: Start saving for your futureGenerous time-off policies: Including 2 company-wide shutdown weeks each year for self-care (for most employees)Paid parental leave: Available for all parents, including birthing, non-birthing, adopting, and fosteringEmployee Assistance Program (EAP): Support for your mental and physical healthNew hire home office stipend: Set up your workspace for successQuarterly department stipend: Fund team-building activities or in-person gatheringsWellness events and lunch & learns: Explore a variety of engaging topicsCommunity and employee resource groups: Participate in groups that celebrate employee identity and lived experiences, fostering a sense of community and belonging for allOur teamWe believe that diversity, equity, and inclusion are fundamental to our mission of making mental healthcare work for everyone. We are dedicated to having a culture of inclusion that will support our employees in feeling safe, seen, heard, and valued.