Join our gene pool.
Senior Cloud Security Engineer
Sunnyvale, California, United States
A Senior Cloud Security Engineer at 23andMe is responsible for securing the applications, the data and the cloud infrastructure of the company. In this role, the engineer also provides guidance to the application and business teams on improving the security posture of the company.
Who we are
Since 2006, 23andMe’s mission has been to help people access, understand, and benefit from the human genome. We are a group of passionate individuals pushing the boundaries of what’s possible to help turn genetic insight into better health and personal understanding.
What you'll do
Information Security Engineering & Architecture:
- Evaluate architectural designs and perform security reviews with Engineering teams;
- Provide guidance on security solutions and best practices to internal teams;
- Introduce and maintain information security tools, both in-sourced and outsourced, inclusive of event management, monitoring, and other specific cloud security solutions and tools;
- Follow DevOps principles in implementing security controls in the cloud infrastructure;
- Utilize existing monitoring infrastructure to collect actionable security signals and automate remediation.
Information Security Operations:
- Review the signal coming from the cloud security tools and third-party/managed security service providers, coordinate with teams to address findings;
- Incident management: perform security analysis and investigations of incidents involving the cloud components;
- Support compliance activities for frameworks like SOC1/2, ISO27001, PCI-DSS, HITRUST, and more.
- 5 years of experience in Security Engineering, DevOps or IT Operations roles, strong familiarity with the principles of DevOps and Agile development;
- 2 years of hands-on experience securing cloud applications and infrastructure (AWS strongly preferred);
- Excellent understanding/working knowledge of the public cloud infrastructure and services in AWS (IAM, VPC, KMS, CloudWatch, Systems Manager, S3, RDS, Route53, Lambda, AWS Config, etc.) is a strong plus;
- Experience building and securing infrastructure as code using CloudFormation, Ansible, SAM and/or similar tools.
- Understanding of software development lifecycle models, as well as the approaches to implement the AWS Well-Architected Framework;
- Understanding of the shared responsibility model in AWS;
- Fluency with one or more scripting/coding languages (e.g. bash, Python);
- Experience implementing and leveraging the logging and monitoring solutions is a plus;
- Relevant security and AWS certifications are a plus but not required.
Communication and interpersonal skills:
- Proven focus on teamwork and collaborative interaction with operations and development teams and other departments.
- Ability to present ideas in business-friendly and user-friendly language.
- Can-do attitude, motivation and ability to prioritize and execute tasks with minimal supervision.
23andMe, Inc. is the leading consumer genetics and research company. Our mission is to help people access, understand and benefit from the human genome. The company was named by MIT Technology Review to its “50 Smartest Companies, 2017” list, and named one of Fast Company’s “25 Brands That Matter Now, 2017”. 23andMe has over 5 million customers worldwide, with ~85 percent of customers consented to participate in research. 23andMe is located in Sunnyvale, CA. More information is available at www.23andMe.com.
At 23andMe, we value a diverse, inclusive workforce and we provide equal employment opportunity for all applicants and employees. All qualified applicants for employment will be considered without regard to an individual’s race, color, sex, gender identity, gender expression, religion, age, national origin or ancestry, citizenship, physical or mental disability, medical condition, family care status, marital status, domestic partner status, sexual orientation, genetic information, military or veteran status, or any other basis protected by federal, state or local laws. If you are unable to submit your application because of incompatible assistive technology or a disability, please contact us at email@example.com. 23andMe will reasonably accommodate qualified individuals with disabilities to the extent required by applicable law.
Please note: 23andMe does not accept agency resumes and we are not responsible for any fees related to unsolicited resumes. Thank you.Back