What will you be empowered to do?
Compute Enterprise Infrastructure
Senior Security Analyst
Sunnyvale, California, United States
23andMe is looking for an experienced Security Analyst to join our Enterprise Security team. You will bring critical thinking skills, hands-on experience with Enterprise Security design and the ability to work with and influence cross-functional teams. You will be leveraging your experience and expertise with enterprise security tools and industry best practices to secure our customer data and corporate assets.
Who We Are
Since 2006, 23andMe’s mission has been to help people access, understand, and benefit from the human genome. We are a group of passionate individuals pushing the boundaries of what’s possible to help turn genetic insight into better health and personal understanding.
What You'll Do
- Security Operations
- You will review security platforms to detect potential issues and actively respond to the events. This includes but is not limited to:
- Endpoint detection and response.
- Intrusion Detection and Prevention monitoring.
- Monitor, prioritize and react to signals coming out of our security tools.
- Data Loss Prevention (DLP) solution focusing on PII and Intellectual Property related data.
- Coordinate with IT on vulnerability management and patch cycles
- Detect and respond: Deploy Threat Intelligence products, develop threat reports, research and respond to potential events.
- Document operational processes available for analysts to respond to alerts.
- Evaluate new technologies and work with new and existing vendors to develop tools.
- Partner with junior analysts to complete common goals and projects.
- Log Management and Event Correlation
- Configure, manage and optimize logging, monitoring, correlation and alerting tools, and the orchestration through user behavior analytics and data lake solutions
- You will create alerts and dashboards within the environment to detect security events.
- You will ensure that all appropriate logs are added to our SIEM and that they are parsed properly and provide actionable intelligence.
- You will work with peers internal and external to the organization to ensure that the security solutions are functioning properly and providing results to support the security team.
- Incident Response
- Participate in the Cyber Incident Response Team as a subject matter expert and active responder.
- Identify, assess, and prioritize IT risks to corporate data and systems, including external threats, internal threats, and exposure to third-party vulnerabilities.
- Participate in an on-call rotation
- Other duties as assigned
What You'll Bring
- 5+ years of experience with monitoring a large scale enterprise security infrastructure including security solution design and hands-on engineering; experience managing IDS, IPS, vulnerability management, AV, and SIEM tools.
- You will have strong familiarity with log and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems, and encryption standards.
- You are familiar with incident response and event triage and have functional knowledge related to compliance frameworks, standards and assessments such as: ISO 27001, HITRUST, SOC2, PCI, HIPAA, NIST, etc. B.S./M.S. in computer science, engineering, information systems, IT, Information Security, or a related technical field or relevant experience.
- Lead by example and share your creativity, wit and experience across the team. Enjoy a collaborative environment with small project teams working on a variety of tasks ranging from threat detection within multiple enterprise security tools, assessing threats and providing targeted responses and monitoring the corporate environment for potential risks.
- CISSP, CCSP, CISM, GIAC or equivalent certificate preferred.
- General familiarity with AWS security concepts and securing the cloud.
23andMe, headquartered in Sunnyvale, CA, is a leading consumer genetics and research company. Founded in 2006, the company’s mission is to help people access, understand, and benefit from the human genome. 23andMe has pioneered direct access to genetic information as the only company with multiple FDA authorizations for genetic health risk reports. The company has created the world’s largest crowdsourced platform for genetic research, with 80 percent of its customers electing to participate. The platform also powers the 23andMe Therapeutics group, currently pursuing drug discovery programs rooted in human genetics across a spectrum of disease areas, including oncology, respiratory, and cardiovascular diseases, in addition to other therapeutic areas. More information is available at www.23andMe.com.
At 23andMe, we value a diverse, inclusive workforce and we provide equal employment opportunity for all applicants and employees. All qualified applicants for employment will be considered without regard to an individual’s race, color, sex, gender identity, gender expression, religion, age, national origin or ancestry, citizenship, physical or mental disability, medical condition, family care status, marital status, domestic partner status, sexual orientation, genetic information, military or veteran status, or any other basis protected by federal, state or local laws. If you are unable to submit your application because of incompatible assistive technology or a disability, please contact us at email@example.com. 23andMe will reasonably accommodate qualified individuals with disabilities to the extent required by applicable law.
Please note: 23andMe does not accept agency resumes and we are not responsible for any fees related to unsolicited resumes. Thank you.Back