Natera

Director, Security Engineering

3+ months agoUnited States

Successful applicants for this position must be fully vaccinated against COVID-19 as a condition of employment. Vaccine verification will be required.

JOB TITLE: Director, Security Engineering

Position Summary:

Director, Security Engineering builds our security and privacy team in engineering that will work closely with many other functions to ensure we build secure and compliant software solutions. You will be responsible for the overall Security and Privacy in the Engineering organization.

As a senior leader in the IS&T organization, you will lead a team and partner closely with Natera's Chief Compliance Officer (CCO), Data Protection Officer (DPO) and Information Security Officer (ISO) to develop, maintain and execute security and privacy policies into the Engineering development and infrastructure spaces. This will be executed in close alignment with Natera's overall Information Security and Privacy policies, processes and frameworks of the CCO, DPO and ISO.

Responsibilities:

  • As a change agent, seeking opportunities to challenge the status quo to build and manage a security and privacy function in engineering that journey to best-in-class
  • Be part of the company security and compliance leadership teams to define strategic plans for security and privacy.
  • Work closely with our corporate compliance and privacy team to develop and execute privacy and compliance policies and processes for the software development organization.
  • Work closely with and under guidance of our ISO, DPO and IT security team to develop and manage processes, policies and guidelines to ensure secure software development.
  • Develop or license applications and tooling that are used every day by Engineering and Security to make their jobs easier and embed security into Natera's software development lifecycle (SDLC).
  • Partner with leaders and staff across the Engineering, IT, Compliance and Risk organizations to ensure that security and privacy projects are completed to specification and maintainable.
  • Develop and promote a 'security-by-design mindset' across the engineering organization and partner with engineering to ingrain it into day to day software development processes.
  • Work with the software operations team to ensure implementation of security risk detection tooling in CI and delivery pipelines.
  • Build and own procedures for security and privacy incident management for the developed software solutions.
  • Perform needed risk and impact assessments (I.e. PIAs, DPIAs, FMEAs, etc)
  • Work closely with the ISO's and DPO's team to update and maintain the corporate Dataflow and Data Repository documentation to ensure its relevance and accuracy.
  • Participate in all 3rd party and government regulators compliance assessments.
  • Participate as part of Natera's extended Compliance, Information Security and Privacy teams including regular Incident reviews and collaboration/architecture meetings.
  • Attract top talent and develop team to ensure high functioning organization while adhering to budgetary constraints
Qualifications:
  • Bachelor's degree in IT, Computer Science, or similar, or equivalent experience
  • 8+ years of leadership experience.
  • 10+ years of security engineering experience.
  • 5+ years of privacy experience in a complex healthcare organization
  • 3+ years of experience creating and implementing strategic security plans and roadmaps.
  • 3+ years of experience with technical requirements, design, testing, and implementation of security tools and technologies.
Knowledge, Skills and Abilities:
  • Excellent verbal, written, and interpersonal communication skills.
  • Effective in building partnerships with senior technical, functional and business leaders to forward short-term and longer term security initiatives.
  • Ability to build modern agile security processes (ie DevSecOps) that ensure security and privacy pragmatically
  • Familiarity with any of the technologies used in our stack is a strong plus - Java, APIs, Python,MyAQL, Kafka, Redis, Snowflake, AWS, GCP, Terraform and Kubernetes.
  • Practical and current knowledge of IT security risk profiles and mitigation strategies, patterns and technical solutions.
  • Deep technical knowledge of the current threat landscape in relevant environments (web, cloud platforms, on-premise).
  • Deep familiarity with relevant security frameworks and regulations such as HIPAA, GDPR, CCPA, SOC-2 Type 2, HITRUST, NIST Cybersecurity Framework, AWS Well-Architected.
  • Industry Security and Privacy certifications are a plus (like CISSP, CISM, CIPT, CEH, CCSK).

OUR OPPORTUNITY

Driven by the passion for elevating the science and utility of genetic testing, Natera is committed to helping families identify and manage genetic diseases. Natera is a rapidly-growing diagnostics company with proprietary bioinformatics and molecular technology for analyzing DNA. Our complex technology has been proven clinically and commercially in the prenatal testing space and we are actively researching its applications in the liquid biopsy space for developing products with oncology applications.

The Natera team consists of highly dedicated statisticians, geneticists, doctors, laboratory scientists, business professionals, software engineers and many other professionals from world-class institutions, who care deeply for our work and each other. When you join Natera, you'll work hard and grow quickly. Working alongside the elite of the industry, you'll be stretched and challenged, and take pride in being part of a company that is changing the landscape of genetic disease management.

WHAT WE OFFER

Competitive Benefits - Employee benefits include comprehensive medical, dental, vision, life and disability plans for eligible employees and their dependents. Additionally, Natera employees and their immediate families receive free testing in addition to fertility care benefits. Other benefits include pregnancy and baby bonding leave, 401k benefits, commuter benefits and much more. We also offer a generous employee referral program!

For more information, visit www.natera.com.

Natera is proud to be an Equal Opportunity Employer. We are committed to ensuring a diverse and inclusive workplace environment, and welcome people of different backgrounds, experiences, abilities and perspectives. Inclusive collaboration benefits our employees, our community and our patients, and is critical to our mission of changing the management of disease worldwide.

All qualified applicants are encouraged to apply, and will be considered without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, age, veteran status, disability or any other legally protected status. We also consider qualified applicants regardless of criminal histories, consistent with applicable laws.

POSITION LOCATION: NOTE THAT THIS POSITION IS REMOTE AND CAN WORK FROM ANYWHERE IN THE US

#LI-Remote

Job ID: Natera-6686