Personalis is a rapidly growing cancer genomics company transforming the development of next-generation therapies by providing more comprehensive molecular data about each patient’s cancer and immune response. Our ImmunoID NeXT Platform® is enabling the development of next generation immuno-oncology therapeutics and diagnostics.
The Information Security Engineer will plan and carry out the Personalis information security strategy. Reporting to the Associate Director, Information Technology and Scientific Computing, the Information Security Engineer will be responsible for maintaining the high availability, configuration/efficiency and implementation of information security tools, systems and services. The information security engineer will partner with architects, business and IT teams to ensure that security is applied to the technology platforms and information within the organization in accordance with established standards and policies.
- Participate in the development, planning and implementation of a variety of platforms including SEIMs, IDS/IPS, firewalls, WAFs, anti-malware, EDR, Encryption/HSMs, DDOS services, configuration management, vulnerability scanning, penetration testing, PKI, CASB, DLP, and more.
- Builds resilient security platforms/services with strong monitoring and alerting and encouraging automation for operational processes and orchestrating workflows.
- Partner with cross-functional teams to deliver widely impactful security initiatives.
- Participates in the design and implementation of security controls built and engineered to meet compliance controls including internal controls, as well as SOX and PCI controls.
- Participates in security incident response activities.
- Ensures documentation for managed platforms/services are detailed, thorough, and kept up to date.
- Demonstrate excellent judgement in prioritizing security efforts to mitigate the appropriate risks.
- BA or BS in Computer Science, Management Information Systems, or related field, from an accredited college or university or equivalent experience.
- 10+ years of experience in a security role.
- Thorough understanding of network defense technologies, TCP/IP networking, Active Directory, DHCP, DNS, network security monitoring tools, secure engineering principles and technical security testing.
- Working knowledge of global threats to cyber security and understanding of the tools and tactics utilized by threat actors.
- Direct experience with anti-virus software, intrusion detection, firewalls and content filtering, SIEM, DarkTrace.
- Professional experience in a system administration role supporting multiple platforms and applications.
- Highly organized, can multitask and meet aggressive deadlines, and is a team-player and team-builder who can make meaningful and long-lasting connections with others.
- Ability to deliver succinct and fact-based communications, both verbally and in writing.
Nice to have:
- One or more of the following industry recognized security certifications:
- Certified Ethical Hacker (CEH)
- CompTIA Security+
- Certified Information System Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- NIST Cybersecurity Framework (NCSF)
- Certified Cloud Security Professional (CCSP)
- Computer Hacking Forensic Investigator (CHFI)
- Cisco Certified Network Associate (CCNA) Security.
Personalis is an Equal Opportunity Employer/Minorities/Females/Veterans/Disabilities. Personalis offers a competitive compensation package.