23andMe · 16 hours ago
Senior Detection Engineer
Palo Alto, CA
Full-time
Onsite
Mid, Senior Level
3+ years exp23andMe is a leading consumer genetics and research company looking for an experienced Detection Engineer to join their Security Operations Team. The role involves leveraging enterprise security tools and best practices to secure customer data and corporate assets while collaborating with cross-functional teams to identify and respond to security threats.
BiotechnologyGeneticsLife Science
Responsibilities
Work within the Security Operations Team to identify threats within the environment through traditional threat hunting techniques
Work collaboratively to speed up response time and to determine the state of the potential threat / alert
Assist the security organization to identify automation opportunities and work to implement those integrations and automation improvements within the security tooling
Participate in an on-call rotation with additional bonus opportunities
Leverage multiple security techniques and tools daily, including but not limited to use of tools for: intrusion detection, endpoint detection and response, and SIEM
Actively threat hunt within security tools and determine steps to triage and filter the true events from background noise
Create and use threat hunting playbooks
Create and use security operations runbooks to respond to alerts
Design and implement new security playbooks and automation
Define, design, and build threat detection methodologies; help to improve the security posture of the company
Lead by example and share your creativity, wit and experience across the team, working on a variety of tasks ranging from threat detection within multiple enterprise security tools, assessing threats and providing targeted responses and monitoring the corporate environment for potential risks
Integrate, configure, and maintain SIEM tools
Train and mentor security engineers and analysts to utilize SIEM technology
Manage and improve our incident response workflow, implement mitigation plans in cooperation with Engineering, SecOps, AppSec, and IT teams
Help teams to leverage the existing and emerging logging and monitoring solutions, extract security events from the logs with filter/correlation tools, evaluate misconfiguration and intrusion detection signals, automate as much as possible
Improve our vulnerability management program: setup and integrate security scans, triage and mitigate vulnerabilities, communicate required actions to relevant teams
Implement, monitor and support Product, corporate IT and infrastructure security solutions, including:
Configure, manage and optimize logging, monitoring, correlation and alerting tools, and the orchestration through a security information and event management (SIEM) solution
Data Loss Prevention (DLP) solution focusing on PII and Intellectual Property related data
Detect and respond: Deploy Threat Intelligence products and develop threat reports
Assist with the design, development, delivery, documentation, training, and reporting on security control mechanisms (e.g. WAF, endpoint-protection/AV/EDR, etc.)
Evaluate security technologies; work closely with vendors to ensure timely delivery of products, services, and feature requests
Risk and evidence-based approach: Identify, assess, and prioritize security risks to Product, Infrastructure, Enterprise data and systems, including external threats, internal threats, and exposure to third-party vulnerabilities
Other duties as assigned
Qualification
Required
Passion for security!
Familiarity with how attacks are conducted against network infrastructure, web applications and employees
Hands-on experience with SIEM, EDR, osquery/FleetDM, and other security tools, with the ability to triage alerts effectively to identify potential threats
Some knowledge and capability with one or more scripting and programming languages (e.g., bash, Go, Python, etc.)
Experience implementing threat detection through security-as-code (e.g., Terraform)
Experience in evaluating the qualitative and quantitative effectiveness of security alerts
Familiarity with building product base alerting
Working knowledge of operating systems (e.g., MacOS, Windows, Linux)
Hands-on experience with information security tools in Google Workspace, Cloudflare, Okta, and AWS
Strong understanding of security concepts such as incident response, cloud security monitoring, network security monitoring, host based analysis, MITRE ATT&CK, Cyber Kill Chain, CIA triad, and Zero Trust
Sound familiarity with AWS security concepts
Ability to communicate well and work with others
Ability to think critically about challenging problems to determine the most effective method to solve and address
A minimum of 3 years of experience with managing large scale enterprise security infrastructure including security solution design and hands-on engineering
B.S./M.S. in computer science, engineering, information systems, IT, Information Security, or a related technical field
Company
23andMe
23andMe is a DNA testing technology company that enables its users to access their ancestry, genealogy, and inherited traits.
201-500 employees
H1B Sponsorship
23andMe has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (4)
2024 (15)
2023 (9)
2022 (16)
2021 (30)
2020 (21)
Funding
Current Stage
Public CompanyTotal Funding
$1.12BKey Investors
GlaxoSmithKlineSequoia CapitalNational Institutes of Health
2025-06-13Acquired
2021-06-17Post Ipo Equity· $250M
2021-06-17IPO
Leadership Team
Anne Wojcicki
Co-Founder and CEO
Joe Selsavage
Interim CFO and CAO
Recent News
2026-01-12
2026-01-06
Bizjournals.com Feed (2025-11-12 15:43:17)
2026-01-05
Company data provided by crunchbase