Sr. Staff Cybersecurity Engineer - Enterprise Product Security
Dexcom, Inc

San Diego, California

Posted in Manufacturing and Production


This job has expired.

Job Info


About Dexcom:
Founded in 1999, Dexcom, Inc. provides continuous glucose monitoring technology to help patients and their clinicians better manage diabetes. Since our inception, we have focused on better outcomes for patients, caregivers, and clinicians by delivering solutions for people with diabetes - while empowering our community to take control of diabetes.

Position Summary:
The Dexcom IT Department is seeking a Senior Staff Cybersecurity Engineer - Enterprise Product Security to serve as a hands-on security architect, technical lead of enterprise product security, and implementor of security controls across cloud, DevOps, and software development domains. The position will partner with SMEs across the Information Security (Infosec), DevOps and Applications teams to secure the IT department's rapidly growing cloud, microservices and enterprise applications environments. The position will represent product security interests in the Technology Advisory Group (TAG) and Solution Review Board (SRB) meetings. The position will establish security architecture, document security standards, and influence adoption of security best practices in a fast-pace, high-growth environment.

Essential Duties and Responsibilities:
• Establish security architecture and best practices for securing public cloud platforms (GCP, AWS, Azure) and DevOps technology stacks (Kubernetes, containers, serverless).
• Partner with DevOps to implement cloud security "landing zones" where security controls are codified in Terraform and all changes to the cloud environment are made via Gitops.
• Perform security assessments of cloud or DevOps technology deployments.
• Integrate security checks into CI/CD pipelines and develop Policy as Code using Hashicorp Sentinel or similar technologies.
• Design security monitoring and threat detection systems for cloud and container environments.
• Integrate cloud/DevOps security tools into the SIEM (Splunk) and implement processes for alerting and remediation anomalous activities.
• Support cloud compliance/certification activities and participate in security audits/reviews.
• Provide consulting and influence other teams to mature product security capabilities.
• Serve as a security expert and provide technical leadership to other staff members.
• Help establish appsec capabilities and integrate SAST/DAST tools into the build pipeline.

Required Qualifications:
• BS/MS in computer science/engineering, information technology, or technical field.
• 8+ years of experience in the cybersecurity, IT, or engineering fields; with 4+ years in a senior security engineer or higher role.
• Strong understanding of security controls/services in public cloud environments.
• Strong understanding of GCP, AWS, and Kubernetes networking and network security.
• Experience in technologies such as Terraform/TFC, Gitlab or Github, Sentinel, Vault, Jenkins, Cloud Build, Twistlock, Splunk, Apigee, GCP, AWS, encryption, access keys and key hygiene, secrets management, IAM, K8s, and/or containers.
• Ability to work within an Agile/Scrum framework and to manage work in Jira.
• Proficient in automation and scripting in a programming language such as Python or Go.
• Experience with Linux administration, shell scripting, containers, and open source security tools.
• Demonstrated success in influencing peers/partners without direct authority.
• Proficiency in communicating technical concepts both verbally and in written documentation.

#LI-REMOTE

#LI-AP1

Functional Description

Performs security assessments of company products that may include vulnerability and risk assessments, threat analysis, and security code reviews to identify potential design and implementation vulnerabilities. Designs and develops security features for products including systems, applications and/or solutions. Integrates new security features and updates into existing products and ensures the security of all products is maintained throughout the product lifecycle. Provides product security engineering recommendations and resolves integration and testing issues. Builds a standardized set of security product requirements and produces metrics to report performance against those requirements. Reviews and defines security diagnostics and tools to facilitate the analysis and reporting of security events. Detects and mitigates security risks, responds to product security incidents, and works with customers regarding product security related issues. Leads or participates in security architecture and design review meetings.

Functional/Business Knowledge

  • Possesses expert knowledge of leading technical areas.
  • May be externally recognized as an expert in technical field.

Scope

  • High level of understanding of solving unique problems where analysis requires an in-depth evaluation and may impact future concepts or technologies.

Judgement

  • Exercises independent judgment in developing methods, techniques and evaluation criteria for obtaining results.
  • Demonstrates ability to discover and identify processes, novel science and technology which lead to increased productivity and results.

Management

  • N/A

Field Sales

  • N/A

Experience and Education

  • Typically requires a Bachelors degree in a technical discipline, and a minimum of 13+ years related experience or a Masters degree and 8+ years equivalent industry experience of a PhD and 5+ years of experience.

If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact Dexcom Talent Acquisition at talentacquisition@dexcom.com.

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Dexcom's AAP may be viewed upon request by contacting Talent Acquisition at talentacquisition@dexcom.com.

View the OFCCP's Pay Transparency Non Discrimination Provision at this link.

UnitedHealthcare creates and publishes the Machine-Readable Files on behalf of Dexcom. To link to the Machine-Readable Files, please click on the URL provided: https://transparency-in-coverage.uhc.com/.

To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Dexcom. Only authorized staffing and recruiting agencies may use this site or to submit profiles, applications or resumes on specific requisitions. Dexcom does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to the Talent Acquisition team, Dexcom employees or any other company location. Dexcom is not responsible for any fees related to unsolicited resumes/applications.


This job has expired.

More Manufacturing and Production jobs


Cochlear
Centennial, Colorado
$67,000.00 - $72,000.00 per year
Posted about 2 hours ago

Gorbel
New York, New York
Posted 21 minutes ago

Gorbel
Henrietta, New York
Posted 21 minutes ago

Get Hired Faster

Subscribe to job alerts and upload your resume!

*By registering with our site, you agree to our
Terms and Privacy Policy.