|Location||San Diego, CA|
|Date Posted||February 22, 2019|
Dexcom is a high-growth, fast-paced environment where you work with leading-edge, cloud-native technologies supporting containerized, micro-services-based applications and big data platforms in a DevOps environment. The Dexcom R&D Data team is establishing an information security program to protect multiple web applications, APIs, and a Data Platform and Data Science environment hosted in a public cloud. We’re seeking a Staff Security Engineer (one level above Senior Engineer) to design and implement security controls/services and champion security initiatives across our team. This is a greenfield opportunity where you will help design the security architecture and determine our future road-map. You will work alongside highly-skilled and passionate innovators who know how to deliver exceptional results while also having some fun along the way.
- Design, implement and manage security controls and automation in a DevOps environment within public clouds (such as AWS, GCP, etc.) across IaaS, SaaS and container platforms.
- Perform security assessments and provide recommendations and consulting on securing cloud infrastructure and in selecting and implementing cloud-native security tools.
- Design and manage security monitoring and threat detection systems for cloud environments.
- Develop incident response tools/capabilities and lead forensics investigations.
- Conduct vulnerability scanning and penetration testing activities and drive remediation of findings.
- Serve as a security expert and provide guidance and technical leadership to other staff members.
- Keep abreast of and provide recommendations on emerging security technologies/tools.
- Support compliance/certification activities and participate in security audits/reviews.
- 6+ years’ experience in the cybersecurity, IT, or engineering fields; with at least 2 years in a DevOps security role.
- Strong understanding of security controls/services in public cloud environments (AWS or GCP).
- Experience in threat detection, monitoring, log management, incident response, and forensics.
- Experience in IAM, secrets management, encryption technologies, OS security hardening, SaaS services hardening, and container security.
- Experience with Linux administration, shell scripting, and open source security tools.
- Proficient with a modern programming/scripting language such as Python, Go, or Ruby
- Ability to work effectively in a cross-functional setting through influence, persuasion, and collaboration; strong communication skills
- BS/MS in computer science/engineering or equivalent work experience.
- Understanding of TCP/IP networking, firewalls, WAF and DNS.
- Familiarity with regulatory security/privacy standards such as HIPAA, GPDR, NIST or ISO.
- CISSP, GIAC or CCSP certification preferred.
Please see the following video for more information about working for Dexcom: