Sr Cybersecurity Engineer

About Dexcom

Founded in 1999, Dexcom, Inc. (NASDAQ: DXCM), develops and markets Continuous Glucose Monitoring (CGM) systems for ambulatory use by people with diabetes and by healthcare providers for the treatment of people with diabetes. The company is the leader in transforming diabetes care and management by providing CGM technology to help patients and healthcare professionals better manage diabetes. Since the company’s inception, Dexcom has focused on better outcomes for patients, caregivers, and clinicians by delivering solutions that are best in class - while empowering the community to take control of diabetes. Dexcom reported full-year 2022 revenues of $2.9B, a growth of 18% over 2021. Headquartered in San Diego, California, with additional offices in the Americas, Europe, and Asia Pacific, the company employs over 8,000 people worldwide.

Meet the team:

Dexcom is a high-growth, fast-paced environment where you work with leading-edge, software teams in to ensure the security of modern diabetes medical device systems. You will work alongside highly skilled and passionate innovators who know how to deliver exceptional results while also having some fun!

As a member of the R&D Cybersecurity team, you will be responsible for reviewing new mobile applications, identifying, and ranking potential risks, as well as documenting your findings for review. Additionally, you will be responsible for working with the various development teams and product managers to ensure that new projects are implemented correctly and on time.  The ideal candidate is one who has previous experience with security-based threat models.

Where  you come in:

• You will attend design review meetings to identify and document any potential security risks in a new implementation.

• You will document any findings and recommendations for formal review.

• Oversee implementation of security-based controls to mitigate any potential risks identified during a security review.

• Experience with using a security-based risk scoring system (CVSS).

• Knowledge of OWASP top ten vulnerabilities for mobile applications and APIs.

• Experience with a common scripting language (Python, Bash).

• Advise development team members on security best-practices.

• Attend design review meetings to identify and document any potential security risks in a new mobile APP implementation.

• Document any findings and recommendations for formal review.

• Oversee implementation of security-based mobile APP (iOS / Android) controls to mitigate any potential risks identified during a security review.

• Advise development team members on security best-practices. 

What makes you successful:

• You have experience working in a mobile APP environment (iOS and/or Android) and RASP technologies.

• You have a solid understanding of symmetric key and public key cryptography and standard security protocols such as TLS and IPsec.

• Development experience with a common scripting language (e.g., Python, Bash) or programming language ( Kotlin or Swift).

• Experience with a Threat Modeling tool such as Irius Risk and STRIDE Threat Modeling methodology.

• You have exposure to agile development.

• Experience in Medical device industry and FDA/HIPAA regulations.

Experience and Education Requirements:

• Typically requires a Bachelor’s degree in a technical discipline, and a minimum of 5-8 years related experience or Master’s degree and 2-5 years equivalent industry experience or a PhD and 0-2 years experience.

What you’ll get:

• A front row seat to life changing CGM technology. Learn about our brave #dexcomwarriors community.

• A full and comprehensive benefits program.

• Growth opportunities on a global scale.

• Access to career development through in-house learning programs and/or qualified tuition reimbursement.

• An exciting and innovative, industry-leading organization committed to our employees, customers, and the communities we serve.

Travel Required:

• 5-15%

Remote Workplace:

• Your location will be a home office; you are not required to live within commuting distance of your assigned Dexcom site (typically 75 miles/120km). If you reside within commuting distance of a Dexcom site (typically 75 miles/120km) a hybrid working environment may be available. Ask about our Flex workplace option.

Please note: The information contained herein is not intended to be an all-inclusive list of the duties and responsibilities of the job, nor are they intended to be an all-inclusive list of the skills and abilities required to do the job. Management may, at its discretion, assign or reassign duties and responsibilities to this job at any time. The duties and responsibilities in this job description may be subject to change at any time due to reasonable accommodation or other reasons. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions. 

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Dexcom’s AAP may be viewed upon request by contacting Talent Acquisition at talentacquisition@dexcom.com. 

If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact Dexcom Talent Acquisition at talentacquisition@dexcom.com. 

View the OFCCP's Pay Transparency Non Discrimination Provision at this link. 

Meritain, an Aetna Company, creates and publishes the Machine-Readable Files on behalf of Dexcom. To link to the Machine-Readable Files, please click on the URL provided:  https://health1.meritain.com/app/public/#/one/insurerCode=MERITAIN_I&brandCode=MERITAINOVER/machine-readable-transparency-in-coverage?reportingEntityType=TPA_19874&lock=true

To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Dexcom. Only authorized staffing and recruiting agencies may use this site or to submit profiles, applications or resumes on specific requisitions. Dexcom does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to the Talent Acquisition team, Dexcom employees or any other company location. Dexcom is not responsible for any fees related to unsolicited resumes/applications.
 

Salary: