Location: San Francisco, CA or Remote throughout US

Invitae is dedicated to bringing comprehensive genetic information into mainstream medicine to improve healthcare for billions of people. Our team is driven to make a difference for the patients we serve. We are leading the transformation of the genetics industry, by making genetic testing affordable and accessible for everyone to guide health decisions across all stages of life. 

Our Security Operations Team is building secure defenses against persistent threats both internal and external, and acts as the last line of defense against malicious actors to ensure all sensitive data at Invitae is protected and secured from unauthorized access.

What you’ll do:

  • Leading and managing all security operations for the organization, including in house security engineers and MSSP resources providing 24x7 SOC as a Service
  • Managing the Incident Response lifecycle and developing improvements to increase program maturity and reduce overall time for threat containment
  • Managing a diverse team of security analysts and engineers distributed globally
  • Establishing a threat intelligence strategy and incorporating it into the existing security operations solution stack
  • Defining and implementing incident response playbooks related to emerging threats and attack techniques  
  • Acting as incident response lead for security incidents and assisting with forensic investigation/analysis, advanced incident handling, intelligence gathering, forensic research, and formal incident investigation
  • Coordinating with outside law enforcement and incident response firms when required 
  • Developing training programs for skills enrichment related to incident response, forensic analysis and the use of threat intelligence to empower proactive threat hunting
  • Working closely with the CISO to develop and implement strategies for corporate-wide security initiatives to reduce operational risk
  • Working closely with Legal, Privacy and Security Governance & Compliance to design and implement data protection solutions to align with Privacy and Information Security policies, especially for cloud hosted and highly regulated data environments
  • Providing oversight and guidance for periodic security assessments to ensure compliance with information security policies and established security controls
  • Developing metrics and security operations dashboards to measure progress for security initiatives and communicate team accomplishments and the effectiveness of security controls and processes
  • Establishing the security operations roadmap to drive maturity improvements for incident response and operational excellence in the information security program
  • Conducting regular red team/blue team training exercises
  • Implement attack simulation solutions to identify endpoint, server and networking topology issues identified in the MITRE Attack Framework 
  • Driving and managing the vulnerability assessment and asset management lifecycle
  • Working closely with the Application Security team to establish a regular cadence for internal and external penetration testing for all products and cloud-hosted applications
  • Ensuring applications, networks, systems and cloud services are planned, designed, developed, implemented, and monitored in accordance with the Information Security Policy and associated HITRUST, HIPAA, PCI and SOX security controls
  • Developing and implementing monitoring capabilities for on premise and AWS hosted infrastructure for both corporate and customer environments
  • Implementing and maintaining the centralized logging infrastructure to support SIEM correlation, alerting and reporting
  • Guiding the Security Operations Center to develop new data feeds and services for continuous monitoring and detection capabilities, including the writing of data parsers, installation of data connectors and log collectors, and tuning and aggregating multiple security alerting sources
  • Assisting in the development and automation of threat management, vulnerability management, and incident management processes
  • Working closely with cross functional teams to embed security monitoring, logging, and auditing capabilities into all corporate and cloud operations

 What you bring:

  • Minimum 7+ years of experience in Information Security with an emphasis on leading security personnel to secure applications, networks and systems
  • At least one security related certification, such as CISSP, GIAC, CompTIA Security+, required.  CISSP strongly preferred.
  • Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment
  • Detailed understanding of Microsoft Active Directory, Identity and Auth services, DNS, DHCP and email infrastructure design and security
  • Deep understanding of VPN, PKI, IPAM and MFA technologies
  • Demonstrated proficiency in system hardening techniques for Microsoft Windows, Linux and Mac OSX
  • Hands-on technical proficiency with IDS/IPS and SIEM tools.  Splunk and Graylog expertise highly preferred.
  • Proven ability to manage priorities & deadlines and to work independently in a highly dynamic and diverse environment with multiple concurrent projects happening simultaneously
  • Demonstrated experience in investigating security issues related to Internet, server, desktop, laptop, tablet and other mobile device security issues; OS patching, hardening and anti-virus


  • Experience in DevOps environments and maintaining security in CI/CD processes
  • Deep understanding of GSuite and Okta highly desirable
  • Demonstrated ability to facilitate automation and integration through scripting in Powershell, Python, Perl, etc, highly preferred.
  • Knowledge of technical security control environments and compliance frameworks such as CSA CCM, ISO 270001 and SOC 2, etc.  Experience supporting HITRUST and HIPAA is highly desirable.
  • Solid understanding of AWS architecture and services
  • Hands-on experience with incident response as a senior or lead analyst or manager

At Invitae, you’ll work alongside some of the world’s experts in genetics and healthcare at the forefront of genetic medicine. Our teams thrive in our dynamic organization, which has been designed to empower them to make the biggest impact they can for our patients.  We give our employees the ability to explore interests and capabilities broadly within the organization. We prize freedom with accountability and offer significant flexibility. We also provide excellent benefits and competitive compensation in a fast-growing organization. 

At Invitae, we’re changing healthcare to change lives. Join us. 

At Invitae, we value diversity and provide equal employment opportunities (EEO) to all employees and applicants without regard to race, color, religion, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.



Apply for this Job

* Required


U.S. Equal Opportunity Employment Information (Completion is voluntary)

Individuals seeking employment at Invitae are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. You are being given the opportunity to provide the following information in order to help us comply with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements.

Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Form CC-305

OMB Control Number 1250-0005

Expires 05/31/2023

Voluntary Self-Identification of Disability

Why are you being asked to complete this form?

We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

  • Autism
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS
  • Blind or low vision
  • Cancer
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or hard of hearing
  • Depression or anxiety
  • Diabetes
  • Epilepsy
  • Gastrointestinal disorders, for example, Crohn's Disease, or irritable bowel syndrome
  • Intellectual disability
  • Missing limbs or partially missing limbs
  • Nervous system condition for example, migraine headaches, Parkinson’s disease, or Multiple sclerosis (MS)
  • Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression

1Section 503 of the Rehabilitation Act of 1973, as amended. For more information about this form or the equal employment obligations of Federal contractors, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.