Lead Security Engineer, Product Security

POSITION SUMMARY

We are looking for a highly skilled and motivated Lead Application Security Engineer to join our security team at Natera. This position is a highly visible, business-facing, and hands-on role. The ideal candidate will be responsible for ensuring the security of our applications through the identification of vulnerabilities, implementation of security measures, and promotion of best practices across the development lifecycle. This role requires expertise in Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), penetration test, vulnerability management, WAF, API security, and ideally, a strong understanding of application security compliance standards such as OWASP, SOC2, NIST, HIPAA, and FDA Cybersecurity Guidelines.

You will lead, build, and maintain the application security initiatives, including security architecture, security testing, and related security compliances for the Natera market segment. Additionally, you will lead the product security policies, strategies, and activities, as well as interact with product and engineering teams through the security champion program. You will collaborate with senior-level leaders and key stakeholders on matters that often require the coordination of activity across organizational lines to build and maintain robust and scalable enterprise security solutions.

PRIMARY RESPONSIBILITIES:

  • Lead, build, and maintain the application security initiatives, including security architecture,  security testing, vulnerability management, and security champion program

  • Develop and enforce product security policies, reference architectures, procedures, and standards in compliance with SOC2, FDA Cybersecurity Guidelines, NIST, HIPAA, and other relevant regulations

  • Conduct security assessments, including SAST, DAST, pen test, to identify vulnerabilities in applications

  • Expert hands on experiences in WAF, API Security in complex enterprise environments

  • Collaborate with development teams to integrate security practices into the secure software development lifecycle (SDLC)

  • Lead the product security strategies and activities, ensuring alignment with business objectives.

  • Perform penetration testing and simulate attacks to identify potential security weaknesses.

  • Monitor and respond to security incidents, providing timely analysis and resolution.

  • Stay up-to-date with the latest security trends, vulnerabilities, and technologies

  • Provide training and guidance to developers on secure coding practices

  • Participate in the design and architecture of secure applications and systems

  • Assist in compliance efforts and audits related to application security, including preparation of necessary documentation

  • Interact with senior-level leaders and key stakeholders to coordinate activities across organizational lines and maintain robust and scalable enterprise business solutions

  • Keep track of new regulations, industry best practices, and implement continuous improvement on an ongoing basis

  • Collaborate with Information Security, Engineering and product teams to create, maintain and deliver an overall compliance/certifications roadmap

  • Collaborate with Technical Program Management and Engineering, and help drive the development of standardized processes and procedures to assure product security requirements are accounted for in New Product Introduction (NPI), New Feature Introduction (NFI), and acquisition activities

Requirements

  • Bachelor’s degree in Computer Science, Information Security, or a related field

  • 10+ years of experience in application security or a related role

  • Strong knowledge of security principles, vulnerabilities, and remediation techniques

  • Experience with SAST and DAST tools such as OWASP ZAP, Burp Suite, Checkmarx, Veracode, or similar

  • Proficiency in programming languages such as Java, C#, Python, or JavaScript

  • Familiarity with web application security standards (e.g., OWASP Top Ten)

  • Understanding of compliance standards such as SOC2, FDA Cybersecurity Guidelines, NIST, and how they apply to application security

  • Excellent analytical and problem-solving skills

  • Strong communication skills and the ability to work collaboratively in a team environment.

  • Relevant security certifications (e.g., CISSP, CEH, OSCP) are a plus

  • Strong analytical abilities to make data-based and strategic value-driven business decisions, including the ability to make reasoned decisions in the face of uncertainty or imperfect data

  • Strong technical background and communication skills are highly preferred

The pay range is listed and actual compensation packages are based on a wide array of factors unique to each candidate, including but not limited to skill set, years & depth of experience, certifications and specific office location. This may differ in other locations due to cost of labor considerations.
Remote USA
$172,400$215,450 USD

OUR OPPORTUNITY

Natera™ is a global leader in cell-free DNA (cfDNA) testing, dedicated to oncology, women’s health, and organ health. Our aim is to make personalized genetic testing and diagnostics part of the standard of care to protect health and enable earlier and more targeted interventions that lead to longer, healthier lives.

The Natera team consists of highly dedicated statisticians, geneticists, doctors, laboratory scientists, business professionals, software engineers and many other professionals from world-class institutions, who care deeply for our work and each other. When you join Natera, you’ll work hard and grow quickly. Working alongside the elite of the industry, you’ll be stretched and challenged, and take pride in being part of a company that is changing the landscape of genetic disease management.

WHAT WE OFFER

Competitive Benefits - Employee benefits include comprehensive medical, dental, vision, life and disability plans for eligible employees and their dependents. Additionally, Natera employees and their immediate families receive free testing in addition to fertility care benefits. Other benefits include pregnancy and baby bonding leave, 401k benefits, commuter benefits and much more. We also offer a generous employee referral program!

For more information, visit www.natera.com.

Natera is proud to be an Equal Opportunity Employer. We are committed to ensuring a diverse and inclusive workplace environment, and welcome people of different backgrounds, experiences, abilities and perspectives. Inclusive collaboration benefits our employees, our community and our patients, and is critical to our mission of changing the management of disease worldwide.

All qualified applicants are encouraged to apply, and will be considered without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, age, veteran status, disability or any other legally protected status. We also consider qualified applicants regardless of criminal histories, consistent with applicable laws.

If you are based in California, we encourage you to read this important information for California residents. 

Link: https://www.natera.com/notice-of-data-collection-california-residents/

Please be advised that Natera will reach out to candidates with a @natera.com email domain ONLY. Email communications from all other domain names are not from Natera or its employees and are fraudulent. Natera does not request interviews via text messages and does not ask for personal information until a candidate has engaged with the company and has spoken to a recruiter and the hiring team. Natera takes cyber crimes seriously, and will collaborate with law enforcement authorities to prosecute any related cyber crimes.

For more information:
- BBB announcement on job scams 
- FBI Cyber Crime resource page 

Apply for this Job

* Required

resume chosen  
(File types: pdf, doc, docx, txt, rtf)
cover_letter chosen  
(File types: pdf, doc, docx, txt, rtf)


Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Natera’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.


Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.


Enter the verification code sent to to confirm you are not a robot, then submit your application.

This application was flagged as potential bot traffic. To resubmit your application, turn off any VPNs, clear the browser's cache and cookies, or try another browser. If you still can't submit it, contact our support team through the help center.