CareDx, Inc. · 2 days ago
Sr Information Security Engineer
Wonder how qualified you are to the job?
BiotechnologyHealth Care
Insider Connection @CareDx, Inc.
Responsibilities
Architect and Implement Security Solutions:
Design, deploy, and manage comprehensive security architectures and tools, including SIEM, EDR, firewalls, IDPS, and WAF.
Develop and maintain security infrastructure to ensure the highest level of protection for PII and PHI.
Regulatory Compliance:
Ensure compliance with SOC 2, HIPAA, HITECH, and other relevant regulatory requirements.
Analyze security controls and compliance requirements for various frameworks such as NIST CSF, SOC2, HIPAA, HITRUST, ISO27001, PCI, FedRAMP and Privacy Impact Assessments.
Conduct regular audits and assessments to ensure adherence to regulatory standards.
Security Monitoring and Incident Response:
Lead the development and implementation of security monitoring strategies and incident response plans.
Oversee threat detection, threat hunting, and the investigation of security incidents.
Coordinate incident response efforts and implement remediation plans.
Threat Modeling and Risk Management:
Conduct threat modeling exercises to identify and mitigate potential security risks.
Perform risk assessments and develop strategies to address identified vulnerabilities.
Cloud Security:
Architect and secure cloud environments (AWS, Azure, GCP) following industry best practices.
Implement and manage cloud security controls to protect data integrity and confidentiality.
Leadership and Mentorship:
Provide technical leadership and guidance to other engineers and other IT staff.
Stay updated on the latest security trends, technologies, and regulatory changes, and share knowledge with the team.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Bachelor’s degree in Computer Science, Information Technology, or a related field.
Minimum of 10 years of experience in cybersecurity, with at least 7 years in a senior or architect role.
Extensive experience with security tools such as SIEM, EDR, Firewall, IDPS, and WAF.
Strong knowledge of HIPAA, HITECH, and other healthcare-related regulations.
Proven track record in threat monitoring, security monitoring, and incident response.
In-depth understanding of cloud security principles and experience securing cloud environments.
Relevant certifications such as CISSP, CISM, CEH, or equivalent.
Demonstrated by means of experience or product technical certification to support in-depth knowledge for: Network and web related protocols, CrowdStrike or SentinelOne, Web Application Firewalls (WAFs), Security Controls for Cloud Environments (Microsoft Azure, Amazon Web Services), SAML, OAuth tools such as Okta and Azure, Rapid 7 IDR/InsightVM, LogRhythm, Splunk or Similar SIEM, Intermediate to Advanced Knowledge of Microsoft PowerShell, Web app security using various DAST, SAST, IAST and SCA tools, Various CI/CD integrations for DevSecOps practices.
Strong knowledge of NIST 800-53, HIPAA and one or more additional security frameworks from the following list is also essential for this role: ISO 27001, CIS Critical Controls, HITRUST.
Familiarity with programming languages such as .NET, Java and Python.
Excellent problem-solving and analytical skills.
Strong technical skills and the ability to work collaboratively with cross-functional teams.
Strong work ethic and integrity.
Benefits
Health and welfare benefits including a gym reimbursement program
401(k) savings plan match
Employee Stock Purchase Plan
Pre-tax commuter benefits
Living Donor Employee Recovery Policy - up to 30 days of paid leave annually for organ or bone marrow donation
Company
CareDx, Inc.
CareDx: Transforming Transplant Patient Care Through Novel Surveillance Management Solutions CareDx, Inc.
H1B Sponsorship
CareDx, Inc. has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Trends of Total Sponsorships
2023 (2)
2022 (26)
2021 (20)
2020 (15)
Funding
Current Stage
Public CompanyTotal Funding
$574.89MKey Investors
Bristol-Myers SquibbSprout Group
2021-01-21Post Ipo Equity· $164M
2020-06-09Post Ipo Equity· $117.1M
2018-11-13Post Ipo Equity· $52.8M
Recent News
2024-06-05
Company data provided by crunchbase