Invitae is dedicated to bringing comprehensive genetic information into mainstream medicine to improve healthcare for billions of people. Our team is driven to make a difference for the patients we serve. We are leading the transformation of the genetics industry by making genetic testing affordable and accessible for everyone to guide health decisions across all stages of life.
POSITION SUMMARY: We are looking for a smart, passionate, and experienced Cyber Security Engineer with a broad range of experience working in dynamic enterprise environments. The position will have a special focus on ensuring that Archer’s flagship cloud-based genomics product is secure from threat by working with the teams responsible for a variety of process and infrastructure initiatives, including platform maintenance and product enhancements by guiding the teams in application of regulatory and industry guidance relating to cyber security, as well as working with the appropriate product owners to help assess, categorize, score (CVSS), and mitigate vulnerabilities.
RESPONSIBILITIES: Job performance will involve a variety of activities including:
- Prioritize, lead, and perform advanced threat analysis for network, web applications, business application, and cloud infrastructure
- Guide the team in the development of technical frameworks, tools and execution of Threat Modeling
- Assist with red team assessments and adversary emulation engagements to support the organizations risk management program
- Assist with “Purple teaming”exercises in collaboration with the Security Operations team
- Collaborate with 3rd parties including consulting firms and security researchers on coordinating assessments, validating vulnerability reports/findings and influencing remediation
- Assist team with creating and maintaining cyber security content within ArcherDX processes and procedures
- You will employ cybersecurity best practices, risk management techniques, and vulnerability assessments
- Work closely with the Information Security team and Software Development teams in securing product software and network assets
- Provide technical reviews of deliverables, results and internal documentation
- Evaluate remediation suggestions and provide consultative support with implementation of remediation steps, standards, and best practices where needed
EXPERIENCE:
- 2-8 years’experience in an IT or security function, with at least 1 year of hands-on experience in cybersecurity risk assessment (threat modeling, applying CSF, etc.)
- You have proficiency with enterprise operating systems, including Linux and Windows
- You have practical experience with encryption, IAM systems, VPN, and authentication technologies
- Experience with one or more of the following Compliance frameworks (FedRAMP, PCI, SOCII, HIPAA)
- Experience with threat modeling tools –e.g. MS TMT, Threat Dragon
- Experience with cloud &container technologies
- Prefer security certifications –e.g. CISSP, CISM, NCFS
EDUCATION:
- BS (or equivalent) in cyber security, information security, IT, EE, Network Engineering Computer Science or related field
Invitae offers a competitive total rewards package, which includes healthcare coverage, 401k, and a broad range of other benefits, outlined below:
Health, dental, vision, short- and long-term disability, and basic life insurance coverage
Paid time off, holiday pay, parental leave, and other health and wellness supports
Expected Pay Rate in Colorado from: $69,000
Compensation for the role will depend on a number of factors, including a candidate’s geographic location, qualifications, skills, competencies and experience and may fall outside of the range shown.
At Invitae, we value diversity and provide equal employment opportunities (EEO) to all employees and applicants without regard to race, color, religion, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.