Senior Security Operations Engineer
Sword Health
Operations
United States
Posted on Feb 19, 2026
Sword Health is shifting healthcare from human-first to AI-first through its AI Care platform, making world-class healthcare available anytime, anywhere, while significantly reducing costs for payers, self-insured employers, national health systems, and other healthcare organizations. Sword began by reinventing pain care with AI at its core, and has since expanded into women’s health, movement health, and more recently mental health. Since 2020, more than 700,000 members across three continents have completed 10 million AI sessions, helping Sword's 1,000+ enterprise clients avoid over $1 billion in unnecessary healthcare costs. Backed by 42 clinical studies and over 44 patents, Sword Health has raised more than $500 million from leading investors, including Khosla Ventures, General Catalyst, Transformation Capital, and Founders Fund. Learn more at www.swordhealth.com.
As a Senior Security Engineer (Security Operations) at Sword, you will be at the forefront of safeguarding our cloud infrastructure, and applications. Your expertise will ensure robust security measures, incident response, and continuous improvement.
Are you looking to join an incredible IT team, passionate about simplifying everyone's work? Look no further, we're hiring! We're a proactive team, constantly staying ahead to ensure everything runs smoothly. As an IT Team we understand the importance of technology in today's workplace and the impact that technical issues can have on productivity and efficiency. Want to join the team? Find out if you've got what it takes!
What you’ll be doing:
- Design and continuously improve detection and alerting controls, ensuring high fidelity and contextual relevance to reduce noise and enable rapid response.
- Build, test, and automate incident response playbooks and runbooks, increasing efficiency and consistency across the incident lifecycle.
- Drive prioritization of alerts using a data-driven, scalable triage framework, aligned with business impact and threat context.
- Lead in-depth investigations, including root cause analysis and digital forensics, and convert findings into actionable insights to strengthen detection and resilience.
- Proactively engage in threat intelligence and threat hunting, identifying new tactics, techniques, and procedures (TTPs), enriching existing controls, and feeding insights into the detection pipeline.
- Own incident handling from detection to resolution, collaborating with engineering, IT, and business teams to contain, eradicate, and recover from threats.
- Define and maintain operational metrics for incident response, using them to drive continuous improvement in speed, accuracy, and organizational readiness.
What you need to have:
- Required: Public Trust Clearance
- Bachelor’s degree in Computer Science, Cybersecurity, or equivalent professional experience.
- Solid experience in cloud environments (AWS, GCP, or Azure), with strong understanding of cloud-native threats.
- Proficiency in scripting languages (e.g., Python, Bash) for automation and tooling development.
- Hands-on experience with SOC tools and platforms, such as SIEM (Splunk, Sentinel, etc.), SOAR, EDR/XDR, and log management.
- Strong understanding of incident containment and eradication strategies, with proven ability to coordinate response with technical teams.
- Familiarity with security frameworks and standards (NIST 800-61, CIS Controls, MITRE ATT&CK, ISO 27001).
- Excellent analytical, critical thinking, and problem-solving skills.
- Ability to consume and synthesize intelligence about actors, techniques or situations to identify emerging risk scenarios.
- Proficiency in process formulation and improvement.
- Background in threat modeling, adversary emulation, and risk-based alert tuning.
- Strong communicator with the ability to explain security risks and actions to both technical and non-technical audiences.
- Proven track record of leading cross-functional efforts in high-pressure situations.
- Ability to foster collaboration across InfoSec, IT, and engineering teams.
- Forensics experience, investigating incidents and preserving digital evidence.
To ensure you feel good solving a big Human problem, we offer:
- A stimulating, fast-paced environment with lots of room for creativity.
- A bright future at a promising high-tech startup company.
- Career development and growth, with a competitive salary.
- The opportunity to work with a talented team and to add real value to an innovative solution with the potential to change the future of healthcare.
- A flexible environment where you can control your hours (remotely) with unlimited vacation.
- Access to our health and well-being program (digital therapist sessions).
- Remote or Hybrid work policy.
- To get to know more about our Tech Stack, check here.
US - Sword Benefits & Perks:
• Comprehensive health, dental and vision insurance*
• Life and AD&D Insurance*
• Financial advisory services*
• Supplemental Insurance Benefits (Accident, Hospital and Critical Illness)*
• Health Savings Account*
• Equity shares*
• Discretionary PTO plan*
• Parental leave*
• 401(k)
• Flexible working hours
• Remote-first company
• Paid company holidays
• Free digital therapist for you and your family
*Eligibility: Full-time employees regularly working 25+ hours per week
Note: Applicants must have a legal right to work in the United States, and immigration or work visa sponsorship will not be provided.
SWORD Health, which includes SWORD Health, Inc. and Sword Health Professionals (consisting of Sword Health Care Providers, P.A., SWORD Health Care Providers of NJ, P.C., SWORD Health Care Physical Therapy Providers of CA, P.C.*) complies with applicable Federal and State civil rights laws and does not discriminate on the basis of Age, Ancestry, Color, Citizenship, Gender, Gender expression, Gender identity, Gender information, Marital status, Medical condition, National origin, Physical or mental disability, Pregnancy, Race, Religion, Caste, Sexual orientation, and Veteran status.