What will you be empowered to do?

IT & Security

Sr. PKI/Encryption Engineer

Sunnyvale, California, United States

23andMe is looking for an experienced PKI Engineer. You will bring hands-on experience analyzing existing data flows and business requirements, and building infrastructure to support genetic research and development while maintaining the highest standards of data protection. Expertise with AWS KMS and Hashicorp’s Vault are a plus. You’ll be on a team with other experts busy implementing the next generation of customer protections at 23andMe.


Who We Are

Since 2006, 23andMe’s mission has been to help people access, understand, and benefit from the human genome.  We are a group of passionate individuals pushing the boundaries of what’s possible to help turn genetic insight into better health and personal understanding.

We are focused on proactive security and are looking for hands-on security engineers who are passionate about building and defending our company’s assets.


What You'll Do

  • Design our next generation infrastructure for ensuring the confidentiality and integrity of our customers’ genetic and phenotypic data for both our customer facing web apps as well as our internal research and therapeutics environments.
  • Modernize a secure key management philosophy to include key rotation and use policies depending on rotation scheme and identity.
  • Work with service teams to design infrastructure and deploy field level database encryption where appropriate.
  • Assist our application security team in auditing ciphers, modes, policies, and rotation schedules in existing software.
  • Help design, build, and deploy strong identity solutions that, when used in conjunction with a policy engine, can provide better solutions for secret storage.
  • Help design, build, and integrate solutions for service to service authentication *and authorization* using mTLS, JWT, and other modern solutions.
  • Maintain our deployment of Hashicorp Vault and other services using Infrastructure as Code (Hashicorp’s Terraform) deployed with CI/CD.

What You’ll Bring

  • A minimum of 5 years of experience being waist deep in cryptography, PKI, etc.
  • B.S./M.S. in computer science, engineering, or a matching technical expertise.
  • Experience working cross functionally to learn requirements and data-flows and to build solutions that meet said requirements.
  • Preferred to have experience building self service tools in Python and deploying those tools in a cloud environment.
  • Preferred, but not required, to have experience with DevOps or SRE principals or a willingness to learn.
  • Preferred to have experience working across teams to deploy field level encryption for service databases.
  • Experience building systems that satisfy the requirements of compliance frameworks, standards, and assessments such as: ISO 27001, HITRUST, SOC2, PCI, HIPAA, NIST, etc.

Note: While our team is based in Sunnyvale, CA this position is open to remote work, and we will consider exceptional candidates throughout the United States.


About Us

23andMe, headquartered in Sunnyvale, CA, is a leading consumer genetics and research company. Founded in 2006, the company’s mission is to help people access, understand, and benefit from the human genome. 23andMe has pioneered direct access to genetic information as the only company with multiple FDA authorizations for genetic health risk reports. The company has created the world’s largest crowdsourced platform for genetic research, with 80 percent of its customers electing to participate. The platform also powers the 23andMe Therapeutics group, currently pursuing drug discovery programs rooted in human genetics across a spectrum of disease areas, including oncology, respiratory, and cardiovascular diseases, in addition to other therapeutic areas. More information is available at www.23andMe.com.

At 23andMe, we value a diverse, inclusive workforce and we provide equal employment opportunity for all applicants and employees. All qualified applicants for employment will be considered without regard to an individual’s race, color, sex, gender identity, gender expression, religion, age, national origin or ancestry, citizenship, physical or mental disability, medical condition, family care status, marital status, domestic partner status, sexual orientation, genetic information, military or veteran status, or any other basis protected by federal, state or local laws.  If you are unable to submit your application because of incompatible assistive technology or a disability, please contact us at accommodations-ext@23andme.com. 23andMe will reasonably accommodate qualified individuals with disabilities to the extent required by applicable law.

Please note: 23andMe does not accept agency resumes and we are not responsible for any fees related to unsolicited resumes. Thank you.