Cyber Security Engineer (ADX-331-20)

COMPANY SUMMARY:

In October 2020, Invitae Corporation (NYSE: NVTA) combined with ArcherDX, a genomic analysis company specializing in cancer diagnostics and monitoring, to create a leading comprehensive medical and cancer genetics company. As a combined company, Invitae, is bringing world-class genetic testing and diagnostics into mainstream medicine to improve healthcare for billions of people. Our goal is to aggregate the world’s genetic tests into a single service with higher quality and accuracy, faster turnaround time and actionable results. Learn more at invitae.com and archerdx.com.

POSITION SUMMARY:

We are looking for a smart, passionate, and experienced Cyber Security Engineer with a broad range of experience working in dynamic enterprise environments. The position will have a special focus on ensuring that Archer’s flagship cloud-based genomics product is secure from threat by working with the teams responsible for a variety of process and infrastructure initiatives, including platform maintenance and product enhancements by guiding the teams in application of regulatory and industry guidance relating to cyber security, as well as working with the appropriate product owners to help assess, categorize, score (CVSS), and mitigate vulnerabilities.

RESPONSIBILITIES:

Job performance will involve a variety of activities including:

• Prioritize, lead, and perform advanced threat analysis for network, web applications, business application, and cloud infrastructure 
• Guide the team in the development of technical frameworks, tools and execution of Threat Modeling
• Assist with red team assessments and adversary emulation engagements to support the organizations risk management program
• Assist with “Purple teaming” exercises in collaboration with the Security Operations team 
• Collaborate with 3rd parties including consulting firms and security researchers on coordinating assessments, validating vulnerability reports/findings and influencing remediation
• Assist team with creating and maintaining cyber security content within ArcherDX processes and procedures 
• You will employ cybersecurity best practices, risk management techniques, and vulnerability assessments
• Work closely with the Information Security team and Software Development teams in securing product software and network assets
• Provide technical reviews of deliverables, results and internal documentation
• Evaluate remediation suggestions and provide consultative support with implementation of remediation steps, standards, and best practices where needed 

EXPERIENCE:

• 2-8 years’ experience in an IT or security function, with at least 1 year of hands-on experience in cyber security risk assessment (threat modeling, applying CSF, etc.) 
• You have a proficiency with enterprise operating systems, including Linux and Windows
• You have practical experience with encryption, IAM systems, VPN and authentication technologies
• Experience with one or more of the following Compliance frameworks (FedRAMP, PCI, SOCII, HIPAA)
• Experience with threat modeling tools – e.g. MS TMT, Threat Dragon
• Experience with cloud & container technologies
• Prefer security certifications – e.g. CISSP, CISM, NCFS

EDUCATION:

• BS (or equivalent) in cyber security, information security, IT, EE, Network Engineering Computer Science or related field