Sr. Security Technical Program Manager (Remote)

We believe that mental health is just as important as physical health. We recognize that mental health issues can be complex and multifaceted, and we are dedicated to treating the whole person, not just the symptoms.

We aim to create a world where mental health is no longer stigmatized or marginalized, but rather is embraced as an integral part of one's overall well-being. 

We believe that by providing quality care that is both evidence-based and compassionate, we can empower individuals to take charge of their mental health and achieve their full potential. We are passionate about making a positive impact on the lives of those struggling with mental health issues and we strive to be a force for positive change in the field of mental healthcare.

Rula is a remote-first company. We currently hire in most U.S. states, with the exception of Hawaii.

About the Role

As the Senior Security Technical Program Manager (TPM), you will sit at the critical intersection of Security, Engineering, and Compliance. Reporting directly to the Head of Security, you will drive the execution of complex technical programs that allow our security posture and culture to scale with our rapid growth. These programs are in direct service to our patients’ and providers’ safety.

This role partners closely with security engineering to translate complex technical initiatives into clear, executable programs that meet our security and regulatory obligations. You will own strategic planning, program execution, and cross-functional coordination, ensuring that security priorities are delivered with rigor, transparency, and accountability.

As a key member of the Security Leadership team, you will influence security strategy and drive alignment across Engineering, Compliance, and People Ops, enabling the organization to operate at scale while maintaining a strong security posture.

Required Qualifications

• 5+ years of hands-on experience in Security Technical Program Management (TPM) or Security Risk and Compliance roles

• Experience managing programs to support SOC 2, HIPAA, and/or HITRUST frameworks.

• Possesses a moderate understanding of modern security vulnerabilities (code and infrastructure), including prioritization and compensating approaches

• A background managing 3rd Party risks against security capabilities and compliance/partner requirements

• Expert skills in project management tools (e.g., JIRA) and practices, identifying risks/blockers, and managing complex deliverables from conception to completion.

• Experience managing a security awareness training function, including user communication, cultivated phishing simulations, and tracking progress

Preferred Qualifications

While having the preferred qualifications enhances your candidacy, having all of them is not mandatory. We encourage all interested applicants to apply, even those who may not meet every preferred requirement.

• Experience specifically within a healthcare SaaS environment or other highly regulated industry

• Understanding of cloud-native infrastructure services and security architecture (especially AWS services)

• Experience partnering with security and engineering leaders to translate long-term goals into actionable KPIs and board-level reporting

• Ability to manage the balance between business requirements, security/compliance needs, and risk mitigation strategies

We're serious about your well-being! As part of our team, full-time employees receive:

• 100% remote work environment: Working hours to support a healthy work-life balance, ensuring you can meet both professional and personal commitments (must be based in United States, currently not hiring in Hawaii)

• Attractive pay and benefits: Full transparency of pay ranges regardless of where you live in the United States

• Comprehensive health benefits: Medical, dental, vision, life, disability, and FSA/HSA

• 401(k) plan access: Start saving for your future

• Generous time-off policies: Including 2 company-wide shutdown weeks each year for self-care (for most employees)

• Paid parental leave: Available for all parents, including birthing, non-birthing, adopting, and fostering

• Employee Assistance Program (EAP): Support for your mental and physical health

• New hire home office stipend: Set up your workspace for success

• Quarterly department stipend: Fund team-building activities or in-person gatherings

• Wellness events and lunch & learns: Explore a variety of engaging topics

• Community and employee resource groups: Participate in groups that celebrate employee identity and lived experiences, fostering a sense of community and belonging for all

Our team

We believe that diversity, equity, and inclusion are fundamental to our mission of making mental healthcare work for everyone.  We are dedicated to having a culture of inclusion that will support our employees in feeling safe, seen, heard, and valued.