CareDx, Inc. · 3 hours ago
Associate Director, IT Security Engineer
Brisbane, CA
Full-time
Onsite
Lead/Staff, Director/Executive
$208K/yr - $252K/yr
8+ years expCareDx, Inc. is a leading precision medicine solutions company focused on the discovery, development, and commercialization of clinically differentiated, high-value healthcare solutions for transplant patients and caregivers. This role will blend business and technical knowledge with strong analysis and technology skills in support of the company’s cybersecurity program, including the development and management of the Information Security Program and mentoring a security team.
BiotechnologyHealth CareHealth DiagnosticsInformation Technology
Responsibilities
Security operational and governance focus. Ensuring the business stays aligned with applicable risks and regulatory requirements
Ensure cybersecurity strategy and road map are in alignment with industry, threats, audit gaps, and best practices. Keep maturity efforts on-track
Develop, document, manage and improve security controls across all departments
Support configuration management by providing security best practice configuration recommendations
Support secure application development through Dev/Sec/Ops
Ensure compliance to security policies, standards and processes
Provide audit support through activities like, quarterly user role and access, ensuring alignment with role and access matrixes, working with external auditors
Conduct third-party risk management through risk assessments and provide recommendations
Provide risk management activities by qualifying and performing internal risk assessments and risk treatment recommendations
Assist in the development, delivery, training and administration of security awareness programs to the workforce
Ability to operate security tools, e.g. Endpoint protection, Web filtering, VM, MDM, SIEM, DLP, etc
Collect and gather metrics from tools and teams for security reporting. Prepare and present reports to security committee and leadership
Support and lead cybersecurity incident response efforts
Manage DR and BCP programs
Manage IT security budget
Other duties as assigned
Qualification
Required
Bachelor's degree in business, Computer Science, Engineering or related discipline or equivalent experience
8 years in an IT security leadership role required, or related technical leadership experience
Solid understanding of NIST CSF cybersecurity framework; including the ability to apply appropriate identification, proration, detection, respond, and recover capabilities
Experience managing SOC 2 audit efforts and HIPAA risk assessments
Business analyst and/or audit experience encompassing information technology systems and security controls
Understanding of application security disciplines, exploits, and frameworks such as OWASP
Working knowledge of directory services, application development, and infrastructure (networks, server and end computing devices) as required to ensure compliance with information security controls
Experience with IDR, EDR, PAM, SIEM and NAC tools
Experience providing technical oversight on managed, or internal, security services including endpoint protection, vulnerability assessments, patch management, log management, and perimeter controls
Office O365 experience focusing on security best practices and configuration
Azure experiences focusing on Security Center and best practices and configuration
Experience working with application development teams (DevOps)
A broad range of exposure to business continuity, systems analysis and risk management
Project or engagement management experience with the ability to manage multiple and complex priorities across cross-functional teams
Takes initiative on improvements and proposes solutions to security and audit gaps
Ability to handle multiple tasks and projects simultaneously in an organized and timely manner
Detailed oriented, with the ability to plan, prioritize, and meet deadlines in a fast-paced environment
Ability to communicate professionally and effectively, both written and verbally, particularly when under pressure
Ability to work independently, as well as part of a team
Preferred
Experience with cloud provider security concerns and documenting risk treatment initiatives is highly preferred
Experience with CrowdStrike, ArticWolf, Abnormal Security, Microsoft Purview a plus
Benefits
Competitive base salary and incentive compensation
Health and welfare benefits, including a gym reimbursement program
401(k) savings plan match
Employee Stock Purchase Plan
Pre-tax commuter benefits
Living Donor Employee Recovery Policy that allows up to 30 days of paid leave annually to a full-time employee who makes the selfless act of donating an organ or bone marrow.
Company
CareDx, Inc.
CareDx, Inc., headquartered in South San Francisco, is a precision medicine company focused on the discovery, development, and commercialization of clinically differentiated, high-value healthcare solutions for transplant patients and caregivers.
501-1000 employees
H1B Sponsorship
CareDx, Inc. has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (16)
2024 (8)
2023 (4)
2022 (22)
2021 (21)
2020 (9)
Funding
Current Stage
Public CompanyTotal Funding
$574.89MKey Investors
Bristol-Myers SquibbSprout Group
2021-01-21Post Ipo Equity· $164M
2020-06-09Post Ipo Equity· $117.1M
2018-11-13Post Ipo Equity· $52.8M
Leadership Team
John Hanna
President and CEO
Nathan Smith
Chief Financial Officer
Recent News
2026-01-16
2026-01-14
Company data provided by crunchbase