Infrastructure Security Engineer / Red Team at Helix DNA Store (San Carlos, CA)

Desired Skills and Experience

• Curiosity - we are all passionate about the possibilities enabled by having access to your own genome
• Responsibility - we have an obligation to people and our partners to operate with highly credible research guided by well-respected advisors, with clear and effective communication about our products
• Agility - flexibility and a desire to be nimble, smart, and effective are important to the Helix culture
• Experience - we’re building a team with amazing track records of achievement in multidisciplinary environment
• Perform assessment of Helix infrastructure to identify and prioritize risks, driving prioritization and remediation across engineering and science teams
• Be the expert on vulnerabilities and attack vectors that have the potential to impact Helix’s platform, our partners, and our users
• Perform security reviews, network and host vulnerability testing, and penetration testing, and train engineering/DevOps/IT teams on best practices in infrastructure security
• Identify and implement products and tools to ensure security of our infrastructure, collaborating with engineering, operations, and IT to harden our environment (Anti-Virus, Anti-phishing, OS/Mobile hardening, Patching, IDS/IPS, Application Whitelisting, Logging, Anti-spam, etc.)
• Perform red team exercises, social engineering, research and exploit development
• Develop security solutions to facilitate secure partner integrations and consulting with partner engineering teams
• Keep current with latest security developments and leverage your information security experience in the new field of bioinformatics and big data genetics infrastructure
• A passion for improving people’s lives through access to better information about their DNA
• 3+ years engineering experience of security tools, network infrastructure, operating systems hardening, red teaming, and vulnerability research
• Have a hacker mindset, curious to break and tinker with technology
• Very strong logic and problem-solving skills
• Familiar with network protocols and their weaknesses
• Very familiar with network and host scanning tools for vulnerabilities and exploits
• Familiar with threat models for large, distributed systems and cloud-based infrastructure (AWS, Google Cloud, or Azure)
• Excellent communication skills to document and explain security vulnerabilities and technical risks to a technical audience
• Diverse domain expertise such as e-commerce, financial, wireless, and healthcare security implementations and techniques
• Basic understanding of application security, mobile security, and cryptography
• Affinity for an engineering culture that emphasizes Agile, DevOps, and continuous delivery
• BS+ in Computer Science or equivalent experience required; coursework in cryptography, genetics/bioinformatics a plus

Apply