Senior Manager, Cybersecurity Operations

Seattle, Washington, United States

Full Time Senior-level / Expert
Invitae logo
Invitae
Apply now Apply later

Posted 1 week ago

Location: San Francisco, CA or Remote throughout US

Invitae is dedicated to bringing comprehensive genetic information into mainstream medicine to improve healthcare for billions of people. Our team is driven to make a difference for the patients we serve. We are leading the transformation of the genetics industry, by making genetic testing affordable and accessible for everyone to guide health decisions across all stages of life. 

Our Security Operations Team is building secure defenses against persistent threats both internal and external, and acts as the last line of defense against malicious actors to ensure all sensitive data at Invitae is protected and secured from unauthorized access.

What you’ll do:

  • Leading and managing all security operations for the organization, including in house security engineers and MSSP resources providing 24x7 SOC as a Service
  • Managing the Incident Response lifecycle and developing improvements to increase program maturity and reduce overall time for threat containment
  • Managing a diverse team of security analysts and engineers distributed globally
  • Establishing a threat intelligence strategy and incorporating it into the existing security operations solution stack
  • Defining and implementing incident response playbooks related to emerging threats and attack techniques  
  • Acting as incident response lead for security incidents and assisting with forensic investigation/analysis, advanced incident handling, intelligence gathering, forensic research, and formal incident investigation
  • Coordinating with outside law enforcement and incident response firms when required 
  • Developing training programs for skills enrichment related to incident response, forensic analysis and the use of threat intelligence to empower proactive threat hunting
  • Working closely with the CISO to develop and implement strategies for corporate-wide security initiatives to reduce operational risk
  • Working closely with Legal, Privacy and Security Governance & Compliance to design and implement data protection solutions to align with Privacy and Information Security policies, especially for cloud hosted and highly regulated data environments
  • Providing oversight and guidance for periodic security assessments to ensure compliance with information security policies and established security controls
  • Developing metrics and security operations dashboards to measure progress for security initiatives and communicate team accomplishments and the effectiveness of security controls and processes
  • Establishing the security operations roadmap to drive maturity improvements for incident response and operational excellence in the information security program
  • Conducting regular red team/blue team training exercises
  • Implement attack simulation solutions to identify endpoint, server and networking topology issues identified in the MITRE Attack Framework 
  • Driving and managing the vulnerability assessment and asset management lifecycle
  • Working closely with the Application Security team to establish a regular cadence for internal and external penetration testing for all products and cloud-hosted applications
  • Ensuring applications, networks, systems and cloud services are planned, designed, developed, implemented, and monitored in accordance with the Information Security Policy and associated HITRUST, HIPAA, PCI and SOX security controls
  • Developing and implementing monitoring capabilities for on premise and AWS hosted infrastructure for both corporate and customer environments
  • Implementing and maintaining the centralized logging infrastructure to support SIEM correlation, alerting and reporting
  • Guiding the Security Operations Center to develop new data feeds and services for continuous monitoring and detection capabilities, including the writing of data parsers, installation of data connectors and log collectors, and tuning and aggregating multiple security alerting sources
  • Assisting in the development and automation of threat management, vulnerability management, and incident management processes
  • Working closely with cross functional teams to embed security monitoring, logging, and auditing capabilities into all corporate and cloud operations

 What you bring:

  • Minimum 7+ years of experience in Information Security with an emphasis on leading security personnel to secure applications, networks and systems
  • At least one security related certification, such as CISSP, GIAC, CompTIA Security+, required.  CISSP strongly preferred.
  • Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment
  • Detailed understanding of Microsoft Active Directory, Identity and Auth services, DNS, DHCP and email infrastructure design and security
  • Deep understanding of VPN, PKI, IPAM and MFA technologies
  • Demonstrated proficiency in system hardening techniques for Microsoft Windows, Linux and Mac OSX
  • Hands-on technical proficiency with IDS/IPS and SIEM tools.  Splunk and Graylog expertise highly preferred.
  • Proven ability to manage priorities & deadlines and to work independently in a highly dynamic and diverse environment with multiple concurrent projects happening simultaneously
  • Demonstrated experience in investigating security issues related to Internet, server, desktop, laptop, tablet and other mobile device security issues; OS patching, hardening and anti-virus

Preferred: 

  • Experience in DevOps environments and maintaining security in CI/CD processes
  • Deep understanding of GSuite and Okta highly desirable
  • Demonstrated ability to facilitate automation and integration through scripting in Powershell, Python, Perl, etc, highly preferred.
  • Knowledge of technical security control environments and compliance frameworks such as CSA CCM, ISO 270001 and SOC 2, etc.  Experience supporting HITRUST and HIPAA is highly desirable.
  • Solid understanding of AWS architecture and services
  • Hands-on experience with incident response as a senior or lead analyst or manager

At Invitae, you’ll work alongside some of the world’s experts in genetics and healthcare at the forefront of genetic medicine. Our teams thrive in our dynamic organization, which has been designed to empower them to make the biggest impact they can for our patients.  We give our employees the ability to explore interests and capabilities broadly within the organization. We prize freedom with accountability and offer significant flexibility. We also provide excellent benefits and competitive compensation in a fast-growing organization. 

At Invitae, we’re changing healthcare to change lives. Join us. 

At Invitae, we value diversity and provide equal employment opportunities (EEO) to all employees and applicants without regard to race, color, religion, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.

#L1-HS1

#LI-Remote

Job tags: Active Directory Architecture Auditing Automation AWS Blue team CISSP Compliance DevOps DNS GIAC HIPAA HITRUST IDS Incident response IPS Linux PCI Penetration testing Perl PKI PowerShell Python Red team Security assessments SIEM SOC 2 Splunk Strategy Threat intelligence Vulnerability management Windows
Job region(s): North America
Job stats:  0  0  0
  • Share this job via
  • or

More Information Security position highlights