Join our gene pool.
Senior IT Security Engineer
Sunnyvale, California, United States
23andMe is looking for an experienced Enterprise Security Engineer to lead our Enterprise Security Systems team. You will bring critical thinking skills, hands on experience with Enterprise Security design and the ability to work with and influence cross-functional teams (Engineering, IT, NetOps and Architecture).
You’ll be leveraging your experience and expertise with enterprise security tools and industry best practices to secure our customer data and corporate assets.
Who we are
Since 2006, 23andMe’s mission has been to help people access, understand, and benefit from the human genome. We are a group of passionate individuals pushing the boundaries of what’s possible to help turn genetic insight into better health and personal understanding.
We are focused on proactive security and are looking for hands-on security engineers who are passionate about building and defending our company’s assets.
What you'll do
- Be an expert and the go-to person for enterprise security tools
- Lead a team of security engineers, together you’ll be responsible for:
o Enterprise-scale security controls technologies (e.g., firewall, HIDS/NIDS, remote forensics, user behavior analytics, cryptography and protocols that use it, MFA, etc.)
o Intrusion Detection optimized configuration and monitoring
o Network Security design in collaboration with NetOps and Security Architecture teams
o Identity and Access Management including enhancing Privileged Identity Management and Session Management (AD, Okta, AWS-IAM, etc.)
o Manage and optimize logging, monitoring, correlation and alerting tools, and the orchestration through a security information and event management (SIEM) solution
o Maintain our Data Loss Prevention (DLP) solution focusing on PII and Intellectual Property related data
o Detect and respond: Deploy Threat Intelligence products and develop threat reports
o Monitor, prioritize and react to signals coming out of our security tools (CrowdStrike, CiscoUmbrella/OpenDNS, Qualys, etc….)
- Mentor and provide guidance to junior team members in technical detection and response best practices
- Identify, assess, and prioritize IT risks to corporate data and systems, including external threats, internal threats, and exposure to third-party vulnerabilities.
- Collaborate with our IT and NetOps teams on the implementation and deployment of security tools
- Lead and Assist with the design, development, delivery, documentation, training, and reporting on security control mechanisms (e.g. firewall, NIPS/NIDS, endpoint-protection/AV/EDR, etc.)
- Evaluate security technologies; work closely with vendors to ensure timely delivery of products, services, and feature requests.
What you’ll bring
- A minimum of 5 years of experience with large scale enterprise security infrastructure including security solution design and hands-on engineering
- B.S./M.S. in computer science, engineering, information systems, IT, Information Security, or a related technical field
- Practical experience in a BeyondCorp or ZeroTrust model
- Experience managing IDS, IPS, vulnerability management, AV, and SIEM tools
- Solid understanding of log and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection, enterprise-level antivirus solutions/systems, and encryptions standards
- Experience with working with both centralized and decentralized business services
- Experience with managing and ensuring the timely response and investigation of security events and incidents
- Experience with compliance frameworks, standards, and assessments such as ISO 27001, HITRUST, SOC2, PCI, HIPAA, NIST, etc.
At 23andMe, we value a diverse, inclusive workforce and we provide equal employment opportunity for all applicants and employees. All qualified applicants for employment will be considered without regard to an individual’s race, color, sex, gender identity, gender expression, religion, age, national origin or ancestry, citizenship, physical or mental disability, medical condition, family care status, marital status, domestic partner status, sexual orientation, genetic information, military or veteran status, or any other basis protected by federal, state or local laws. If you are unable to submit your application because of incompatible assistive technology or a disability, please contact us at email@example.com. 23andMe will reasonably accommodate qualified individuals with disabilities to the extent required by applicable law.
Please note: 23andMe does not accept agency resumes and we are not responsible for any fees related to unsolicited resumes. Thank you.Back