DNAnexus combines expertise in cloud computing and bioinformatics to create the global network for genomics, operating in North America, Europe, Asia-Pacific (including China), South America, and Africa. The secure, scalable, and collaborative cloud-based DNAnexus Platform helps thousands of researchers across a spectrum of industries – biopharmaceutical, bioagricultural, sequencing services, clinical diagnostics, government, and research consortia – accelerate their genomics programs globally.
You are an information security engineer tasked to plan and conduct security testing of our platform. You have a strong understanding of security practices, principals and technologies for enterprise environments. The ideal candidate will thrive on defining, building and defending scalable, secure, and robust systems.
- Securing our AWS production environment as well as end points in our offices.
- Work with our engineering team to find, correct, and respond to vulnerabilities and/or threats.
- Plan and conduct security testing and reviews of our systems.
- Develop or implement open-source/third-party tools to assist in detection, prevention, and analysis of security threats.
- Help to answer customer’s security questions and concerns as well as provide company-wide security guidance.
- Develop new and maintain existing security related documentation.
- Plan, contribute to and participate in internal and external compliance audits.
- Candidate must have 1-3 years of true industry experience in an information security function to be considered.
- B.S. or M.S. in Computer Science or related field, or equivalent experience.
- Ability to develop tools using an interpreted programming language (Perl, Python, PHP, Ruby, etc.) for infrastructure protection, monitoring, auditing and remediation.
- Knowledge of AWS & cloud (PaaS) security.
- Experience using and automating security testing tools.
- Vulnerability assessment, scanning, and ethical penetration testing experience.
- Familiarity with web application vulnerabilities.
- Strong understanding of security practices and technologies for enterprise environments.
- Knowledge of operating systems internals and hardening (Linux, OS X, Windows).
- Experience with network technologies, and system, security and network monitoring tools.
- Thorough understanding of the latest security principles, techniques, and protocols.
Desired skills and Expertise
- Security-related certifications such as CISSP, CEH, CISA, CISM is a plus
- You have experience with Chef, git and JIRA
- A little paranoia and creativity regarding security (i.e. interest in DefCon talks).
- Capability to think outside-of-the-box.
- Knowledge of security information and event management.
- Experience with incident management, operational security, knowledge of standards and compliances such as ISO 27000, ISO 9001 and FedRAMP.
Based in Mountain View, California, DNAnexus is experiencing rapid growth and is searching for the best talent to join our team. Key investors include Google Ventures, TPG Biotech, Wuxi NextCODE and Claremont Creek.
If you are interested in joining our team, please apply today!