Job Expired

Invitae

Company Website: https://www.invitae.com/
Remote Locations: Worldwide
Job Type: Full Time

Job Overview:

Invitae is one of the fastest-growing genetic information companies, whose mission is to bring comprehensive genetic information into mainstream medical practice to improve the quality of healthcare for billions of people.

The mission for our platform team is to create the systems upon which the rest of Invitae is built. It provides self-service tooling, automation, and application deployment technology to support Invitae’s efforts to expand genetic services

The genetic testing space is moving and expanding quickly. In support of the Invitae mission, our engineering team needs to continue to move faster but with a greater focus on safety. We take the security and privacy of our users’ healthcare information very seriously as our brand promise begins with a strong level of trust.

We are building security fundamentals directly into the DNA of the platform by managing commonly needed functionality like authentication and authorization, and making secure development and operational methodologies the default.

We are looking for security specialists who want to build this platform and help ensure security and privacy across all of our customer experiences.

At Invitae, we value diversity and provide equal employment opportunities (EEO) to all employees and applicants without regard to race, color, religion, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.

Job Responsibilities:

Solve whole classes of security issues with reusable services and libraries.
Build and extend systems and services that will securely transmit and store sensitive data.
Create shared patterns for secure services and drive adoption of these patterns.
Participate in code reviews and identify security issues.
Support and mentor engineers in secure development practices and be a security subject matter expert within the broader team.
Support compliance and certification programs by defining and implementing platform security standards.
Work with a product team to plan and implement security features.
Collaborate with colleagues on authentication, authorization, and encryption solutions.
Collaborate with product and engineering to balance security risk with product advancement.
Collaborate with engineers to design and implement product features with security in mind.
Support security features in our production environment.

Requirements:

Experience and passion for building security-focused platforms and customer-facing applications that perform at scale.
Software engineering fundamentals with front-end and back-end applications.
Experience working with multiple programming languages and switching between frameworks as necessary. We use Python, Kotlin, Scala, and Go.
Experience successfully triaging and resolving security bugs and incidents.
Demonstrated strong communication and interpersonal skills across engineering organizations.
Ability to identify security flaws in the product and fix them together with the engineering team.

Nice to have:

Has evangelized secure coding practices across organizational boundaries.
Experience threat modeling new and existing applications.
Working knowledge of secure development practices and common vulnerabilities.
Passionate about creating great developer experiences for security features and services.
Worked extensively with cloud providers such as AWS.