Senior Manager, Cybersecurity Operations

| Austin
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Location: San Francisco, CA or Remote throughout US

Invitae is dedicated to bringing comprehensive genetic information into mainstream medicine to improve healthcare for billions of people. Our team is driven to make a difference for the patients we serve. We are leading the transformation of the genetics industry, by making genetic testing affordable and accessible for everyone to guide health decisions across all stages of life. 

Our Security Operations Team is building secure defenses against persistent threats both internal and external, and acts as the last line of defense against malicious actors to ensure all sensitive data at Invitae is protected and secured from unauthorized access.

What you’ll do:

  • Leading and managing all security operations for the organization, including in house security engineers and MSSP resources providing 24x7 SOC as a Service
  • Managing the Incident Response lifecycle and developing improvements to increase program maturity and reduce overall time for threat containment
  • Managing a diverse team of security analysts and engineers distributed globally
  • Establishing a threat intelligence strategy and incorporating it into the existing security operations solution stack
  • Defining and implementing incident response playbooks related to emerging threats and attack techniques  
  • Acting as incident response lead for security incidents and assisting with forensic investigation/analysis, advanced incident handling, intelligence gathering, forensic research, and formal incident investigation
  • Coordinating with outside law enforcement and incident response firms when required 
  • Developing training programs for skills enrichment related to incident response, forensic analysis and the use of threat intelligence to empower proactive threat hunting
  • Working closely with the CISO to develop and implement strategies for corporate-wide security initiatives to reduce operational risk
  • Working closely with Legal, Privacy and Security Governance & Compliance to design and implement data protection solutions to align with Privacy and Information Security policies, especially for cloud hosted and highly regulated data environments
  • Providing oversight and guidance for periodic security assessments to ensure compliance with information security policies and established security controls
  • Developing metrics and security operations dashboards to measure progress for security initiatives and communicate team accomplishments and the effectiveness of security controls and processes
  • Establishing the security operations roadmap to drive maturity improvements for incident response and operational excellence in the information security program
  • Conducting regular red team/blue team training exercises
  • Implement attack simulation solutions to identify endpoint, server and networking topology issues identified in the MITRE Attack Framework 
  • Driving and managing the vulnerability assessment and asset management lifecycle
  • Working closely with the Application Security team to establish a regular cadence for internal and external penetration testing for all products and cloud-hosted applications
  • Ensuring applications, networks, systems and cloud services are planned, designed, developed, implemented, and monitored in accordance with the Information Security Policy and associated HITRUST, HIPAA, PCI and SOX security controls
  • Developing and implementing monitoring capabilities for on premise and AWS hosted infrastructure for both corporate and customer environments
  • Implementing and maintaining the centralized logging infrastructure to support SIEM correlation, alerting and reporting
  • Guiding the Security Operations Center to develop new data feeds and services for continuous monitoring and detection capabilities, including the writing of data parsers, installation of data connectors and log collectors, and tuning and aggregating multiple security alerting sources
  • Assisting in the development and automation of threat management, vulnerability management, and incident management processes
  • Working closely with cross functional teams to embed security monitoring, logging, and auditing capabilities into all corporate and cloud operations

 What you bring:

  • Minimum 7+ years of experience in Information Security with an emphasis on leading security personnel to secure applications, networks and systems
  • At least one security related certification, such as CISSP, GIAC, CompTIA Security+, required.  CISSP strongly preferred.
  • Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment
  • Detailed understanding of Microsoft Active Directory, Identity and Auth services, DNS, DHCP and email infrastructure design and security
  • Deep understanding of VPN, PKI, IPAM and MFA technologies
  • Demonstrated proficiency in system hardening techniques for Microsoft Windows, Linux and Mac OSX
  • Hands-on technical proficiency with IDS/IPS and SIEM tools.  Splunk and Graylog expertise highly preferred.
  • Proven ability to manage priorities & deadlines and to work independently in a highly dynamic and diverse environment with multiple concurrent projects happening simultaneously
  • Demonstrated experience in investigating security issues related to Internet, server, desktop, laptop, tablet and other mobile device security issues; OS patching, hardening and anti-virus

Preferred: 

  • Experience in DevOps environments and maintaining security in CI/CD processes
  • Deep understanding of GSuite and Okta highly desirable
  • Demonstrated ability to facilitate automation and integration through scripting in Powershell, Python, Perl, etc, highly preferred.
  • Knowledge of technical security control environments and compliance frameworks such as CSA CCM, ISO 270001 and SOC 2, etc.  Experience supporting HITRUST and HIPAA is highly desirable.
  • Solid understanding of AWS architecture and services
  • Hands-on experience with incident response as a senior or lead analyst or manager

At Invitae, you’ll work alongside some of the world’s experts in genetics and healthcare at the forefront of genetic medicine. Our teams thrive in our dynamic organization, which has been designed to empower them to make the biggest impact they can for our patients.  We give our employees the ability to explore interests and capabilities broadly within the organization. We prize freedom with accountability and offer significant flexibility. We also provide excellent benefits and competitive compensation in a fast-growing organization. 

At Invitae, we’re changing healthcare to change lives. Join us. 

At Invitae, we value diversity and provide equal employment opportunities (EEO) to all employees and applicants without regard to race, color, religion, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.

#L1-HS1

#LI-Remote

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
    • C#Languages
    • C++Languages
    • JavaLanguages
    • JavascriptLanguages
    • PHPLanguages
    • PythonLanguages
    • SqlLanguages

Location

Situated in Austin's Central Business District, one block West of the Texas State Capitol.

What are Invitae Perks + Benefits

Invitae Benefits Overview

At Invitae, our employees are the key to our continued success. Our culture is one of our most important strengths. A set of commitments we make to each other and to our customers to build a world-class organization in service of our mission. That is why Invitae proudly offers comprehensive perks and benefits program with choice and flexibility in mind.

Culture
Friends outside of work
Eat lunch together
Intracompany committees
Daily sync
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Unconscious bias training
Diversity manifesto
Someone's primary function is managing the company’s diversity and inclusion initiatives
Mean gender pay gap below 10%
Diversity Employee Resource Groups
Hiring Practices that Promote Diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Pet Insurance
Wellness Programs
Team workouts
Mental Health Benefits
Retirement & Stock Options Benefits
401(K)
Company Equity
Employee Stock Purchase Plan
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Adoption Assistance
Return-to-work program post parental leave
Vacation & Time Off Benefits
Unlimited Vacation Policy
Sabbatical
Paid Holidays
Paid Sick Days
Perks & Discounts
Beer on Tap
Casual Dress
Commuter Benefits
Company Outings
Free Daily Meals
Game Room
Stocked Kitchen
Some Meals Provided
Happy Hours
Parking
Pet Friendly
Recreational Clubs
Home Office Stipend for Remote Employees
Professional Development Benefits
Job Training & Conferences
Diversity Program
Lunch and learns
Cross functional training encouraged
Promote from within
Mentorship program
More Jobs at Invitae84 open jobs
All Jobs
Data + Analytics
Design + UX
Dev + Engineer
HR + Recruiting
Marketing
Operations
Product
Project Mgmt
Sales
Data + Analytics
new
Remote
Developer
new
Austin
Project Mgmt
new
Remote
HR + Recruiting
new
Remote
Developer
new
Austin
Project Mgmt
new
Austin
Developer
new
Remote
Developer
new
Remote
Data + Analytics
new
Remote
Project Mgmt
new
Austin
Data + Analytics
new
Remote
Product
new
Austin
Design + UX
new
Austin
Data + Analytics
new
Austin
Product
new
Remote
Operations
new
Remote
Data + Analytics
new
Remote
Data + Analytics
new
Austin
Data + Analytics
new
Remote
Data + Analytics
new
Austin
Data + Analytics
new
Remote
Developer
new
Remote
Operations
new
Remote
Developer
new
Austin
Project Mgmt
new
Remote
Product
new
Austin
Developer
new
Remote
Developer
new
Remote
Developer
new
Remote
Developer
new
Austin
Developer
new
Remote
Data + Analytics
new
Remote
Developer
new
Austin
Developer
new
Remote
Marketing
new
Remote
Data + Analytics
new
Remote
Data + Analytics
new
Remote
Data + Analytics
new
Remote
Developer
new
Austin
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Invitae's full profileSee more Invitae jobs