Hims & Hers is the leading health and wellness platform, on a mission to help the world feel great through the power of better health. We are redefining healthcare by putting the customer first and delivering access to care that is affordable, accessible, and personal, from diagnosis to treatment to delivery. No two people are the same, so we provide access to personalized care designed for results. By normalizing health & wellness challenges and innovating on their solutions, we’re making better health outcomes easier to achieve.
Hims & Hers is a public company, traded on the NYSE under the ticker symbol “HIMS.” To learn more about the brand and offerings, you can visit hims.com/about and hims.com/how-it-works . For information on the company’s outstanding benefits, culture, and its talent-first flexible/remote work approach, see below and visit www.hims.com/careers-professionals.
About the Role:
We are seeking a Senior Security Analyst II to enhance our enterprise security operations through advanced monitoring, incident response, and vulnerability management. This role will leverage our security tech stack—Sumo Logic, Netskope, CrowdStrike, Proofpoint, Tenable, Palo Alto, and Tines—to proactively detect, investigate, and respond to threats. You will work closely with our cross-functional security teams (Red, Blue, and Purple) to defend against sophisticated adversaries, strengthen our detection capabilities, and ensure compliance with industry regulations.
You Will:
Manage continuous monitoring of Sumo Logic SIEM for threat detection and investigation.
Lead incident response activities, coordinating containment, eradication, and recovery.
Conduct vulnerability assessments and manage remediation across cloud and on-prem environments, including OT systems.
Execute threat hunting using custom queries, integrations, and advanced threat intelligence feeds.
Support Red/Blue/Purple team exercises and drive improvements based on findings.
Recommend and implement proactive security enhancements across the environment.
Assist with the development and enforcement of security policies, standards, and procedures.
Maintain compliance with frameworks such as NIST CSF, CIS, SOX, GDPR, and ISO.
Collaborate with engineering, IT operations, and cross-functional teams to embed security best practices.
Contribute to security automation by developing scripts, workflows, and tools in Tines and other platforms to streamline investigations and response playbooks.
You Have:
Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent experience.
8+ years of experience in security operations, incident response, or vulnerability management.
Proficiency with Sumo Logic for signals, insights, and log investigations.
Hands-on experience with security platforms: Netskope, CrowdStrike, Tenable, Cisco Meraki, Proofpoint.
Built out automation with Tines, XSOAR, or other similar SOAR platforms.
Strong problem-solving and analytical skills, with proven experience in security investigations.
Excellent communication, documentation, and teamwork skills.
Ability to work independently and under pressure in a fast-paced environment.
Preferred Qualifications
Certifications such as OCSP, CompTIA Security+, Pentest+, AWS Certified Security.
Experience with penetration testing platforms (Burp Suite, Kali Linux, Metasploit, Nexpose).
Familiarity with Palo Alto Firewalls, Cisco VPNs, and IDS solutions.
Advanced knowledge of security automation and workflow orchestration, including Tines.
Experience conducting tabletop exercises and building custom detection methodologies.
Exposure to regulated industries with understanding of compliance frameworks (NIST CSF, SOX, ISO, GDPR).
Our Benefits (there are more but here are some highlights):
Competitive salary & equity compensation for full-time roles
Unlimited PTO, company holidays, and quarterly mental health days
Comprehensive health benefits including medical, dental & vision, and parental leave
Employee Stock Purchase Program (ESPP)
401k benefits with employer matching contribution
Offsite team retreats
We are committed to building a workforce that reflects diverse perspectives and prioritizes ethics, wellness, and a strong sense of belonging. If you're excited about this role, we encourage you to apply—even if you're not sure if your background or experience is a perfect match.
Hims considers all qualified applicants for employment, including applicants with arrest or conviction records, in accordance with the San Francisco Fair Chance Ordinance, the Los Angeles County Fair Chance Ordinance, the California Fair Chance Act, and any similar state or local fair chance laws.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
Hims & Hers is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please contact us at accommodations@forhims.com and describe the needed accommodation. Your privacy is important to us, and any information you share will only be used for the legitimate purpose of considering your request for accommodation. Hims & Hers gives consideration to all qualified applicants without regard to any protected status, including disability. Please do not send resumes to this email address.
To learn more about how we collect, use, retain, and disclose Personal Information, please visit our Global Candidate Privacy Statement.