Dexcom Corporation is looking to improve human health by developing solutions for serious health conditions, including diabetes, and is seeking a Staff Cybersecurity Engineer to implement and operationalize security controls across cloud platforms and the software delivery lifecycle.
Requirements
- 5+ years total experience in cybersecurity, DevOps, IT, or engineering; 3+ years hands‑on securing public cloud environments.
- Demonstrated experience integrating security in DevOps (Terraform/IaC, GitOps, pipeline gates) and building guardrails/policy-as-code.
- Understanding of AI model/data risks, prompt hardening, guardrails, and secure patterns; exposure to Vertex AI, Azure AI, Bedrock or demonstrable self‑driven learning.
- Strong understanding of cloud security controls (identity, infrastructure, network, encryption, logging/monitoring, backup/recovery, WAF, microsegmentation) across GCP/AWS/Azure.
- Proficiency with Terraform and/or HashiCorp Sentinel; source control with GitHub.
- Familiarity with ASPM/CNAPP/CSPM tools such as Snyk, Apiiro, Wiz, Invicti.
- Automation/scripting experience (Python or Go); Linux administration, shell scripting, containers/Kubernetes, and open‑source security tools.
Responsibilities
- Implement security architecture patterns and security improvements for GCP, AWS, and Azure.
- Integrate security checks in CI/CD (e.g., IaC scanning, secrets detection, SAST, SCA, etc.), and configure cloud security guardrails (HashiCorp Sentinel, GCP Org Policies, etc.) to block non‑compliant changes.
- Conduct security assessments on cloud workloads, applications, and DevOps stacks; document findings and drive remediation in collaboration with service owners.
- Build scalable processes using ASPM/CSPM/SCA/SAST/DAST/IAST; correlate findings from Wiz, Apiiro, Snyk, Qualys; establish alerting, risk‑based prioritization, and remediation workflows.
- Deploy and tune posture and threat monitoring for cloud infrastructure and applications; ensure logs, metrics, and traces support rapid investigation.
- Implement defenses against prompt injection, data poisoning, model exfiltration, jailbreaks, sensitive information disclosure, etc.
- Guide teams on safe GenAI adoption, aligning with InfoSec policies, compliance requirements, and industry best practices.
Other
- Typically requires a Bachelor’s degree in a technical discipline, and a minimum of 8-12 years related experience or Master’s degree and 5-7 years equivalent industry experience or a PhD and 2-4 years of experience.
- BS/MS in Cybersecurity, Computer Science/Engineering, Information Technology, or related technical field (or equivalent experience).
- Strong written and verbal communication; comfortable documenting standards, patterns, and runbooks.
- Proven ability to influence without authority, partnering with DevOps/Engineering to land changes.
- Travel required: 0-5%
