Staff Security Engineer (Devops)
Location: San Diego
Posted on: December 8, 2018
About Dexcom: Founded in 1999, Dexcom, Inc. provides continuous glucose monitoring (CGM) technology to help patients and their clinicians better manage diabetes. Since our inception, we have focused on better outcomes for patients, caregivers, and clinicians by delivering solutions for people with diabetes - while empowering our community to take control of diabetes. Position Description: The Staff Security Engineer (one level above Senior Engineer) is responsible for security assurance of the infrastructure supporting Dexcom R&D Data team products and services, which includes multiple APIs, Data Platform, and Data Science environments within a public cloud environment. The position is a highly technical, hands-on role that requires a wide and deep experience in managing security controls/infrastructure across cloud environments using a DevOps/Agile methodology. The role ensures the teams compliance with regulations and standards, administers security policies and procedures, and implements security best practices. The security engineer works closely with the development and operations teams to support security audits, penetration testing and incident response activities, ensures compliance for new products and applications, responds to security assessments and supports security certification activities, and acts as an expert resource in the cloud security domain. The position is embedded in the R&D Data team but has a dotted-lined relationship to the IT Information Security team and will work out of our San Diego, CA office. Additional Responsibilities: Works closely with development, operations, and IT to develop a comprehensive security architecture and then designs/implements the associated security controls, processes, and infrastructure to fulfill the architecture. Develops and maintains security and compliance performance goals and metrics. Reports and ensures performance goals are achieved. Conducts security assessments and documentation reviews, assesses projects against security requirements, and participates in system verification reviews. Keeps abreast of emerging security technologies and makes appropriate recommendations regarding their implementation. Required Qualifications: Bachelors degree 4 years experience, or Masters degree 2 years experience, or 8 years combined experience in the cybersecurity, IT, or engineering fields; with at least 2 years in an cloud/DevOps security role. Expert in implementing security infrastructure in public cloud environments (AWS, GCP, etc.) including virtual firewalls, endpoint security solutions, threat detection/response, log management and SIEM, vulnerability and application security and scanning, container security, web application firewalls (WAF), file/system integrity monitoring, and data protection solutions. Experience developing specifications and managing security controls across IAM, authentication, MFA, SSO, PKI and key management, asset inventory and tagging, encryption technologies, security hardening, native cloud service hardening, and container security. Strong technical knowledge of security methodologies and tools, security operations, event/incident handling, forensics and penetration testing. Strong understanding of networking, TCP/IP, IPv6, routing, subnetting, segmentation/zoning, NACLs, firewalls, DNS, DHCP, load-balancing, with hands-on experience managing networking in cloud environments. Proficient with a modern programming/scripting language such as Python, Go, or Ruby Experience with Linux administration, shell scripting, open source development tools Experience with IAAS systems administration, automation and orchestration tools. Ability to work effectively in a cross-functional setting through influence, persuasion, and collaboration; strong communication skills Preferred Qualifications: Experience with Kubernetes, Docker, Puppet, Jenkins, Ansible, Terraform, etc. Familiarity with regulatory security/privacy standards such as HIPAA, FDA/CFR Title 21, GPDR, and/or ISO 27k. CISSP, GIAC or CCSP certification preferred LI-BA1 An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact Talent Acquisition at talentacquisitiondexcom.com. To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Dexcom. Only authorized staffing and recruiting agencies may use this site or to submit profiles, applications or resumes on specific requisitions. Dexcom does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to the Talent Acquisition team, Dexcom employees or any other company location. Dexcom is not responsible for any fees related to unsolicited resumes/applications.
Keywords: DexCom, San Diego , Staff Security Engineer (Devops), Engineering , San Diego, California
Didn't find what you're looking for? Search again!