Key skills
PythonAILLMAgenticAWSAzureGCPTerraformGitHubCI/CDOWASPPenetration Testing
About this role
DNAnexus is the enterprise platform for precision health, on a mission to accelerate the development of personalized treatments. The Security Engineer will be crucial in enhancing the security of the DNAnexus platform by addressing security concerns in the codebase, code pipelines, and cloud environments, while collaborating with various teams to improve resilience and reliability.
Responsibilities:
- You will help design, build, and tune security tooling that improves security of code and CI/CD pipelines while maintaining code deployment velocity
- You will help design, implement, and maintain scalable security controls for our cloud environments without impacting deployment speeds and platform stability
- You will help define, implement, and enforce our AI security policies and procedures
- You will aid our Product Managers in developing secure and resilient product designs by addressing risks you’ve identified through threat modeling
- You will help maintain our vulnerability management, bug bounty, and penetration testing programs
- Most importantly, you’ll develop close, collaborative relationships with other technical experts in our Product, Platform Engineering, Software Engineering, IT, and Detection & Response functions
Requirements:
- A Bachelors of Science in computer science, cyber security, electrical engineering or a related field
- You have a working proficiency with Python and are able to talk through examples of scripts you've written to solve problems
- You are familiar with cloud-native infrastructure on AWS, Azure, GCP, or OCI
- You are comfortable with GitHub, the CLI, IDEs, and understand the process of writing and deploying software
- Familiarity with the CVE system and common application security risks like the OWASP Top 10
- Strong fundamentals in software development, networking, and IT
- Experience with Terraform or other Infrastructure as Code is a plus
- Familiarity with AI LLM models, MCPs, and agentic workflows, as well as the ability to mitigate the associated risks they introduce
- Familiarity with Agentic AI to accelerate security workflows and business outcomes