Dexcom Employment – Modeling Security Engineer

Website Dexcom

Job Description:

As a member of the R&D Cybersecurity team, you will be responsible for reviewing new and existing applications, identifying, and ranking potential risks, providing remediation/mitigation suggestions and direction, as well as documenting your findings for review.

Job Responsibilities:

  • Work with Development Operations (DevOps) to review currently deployed applications and their supporting infrastructure for potential security risks.
  • Document any findings and recommendations for formal review.
  • Review cloud and mobile use case architecture to ensure we design confidentiality, integrity, resiliency, and privacy into our products
  • Advise DevOps team members on security best-practices
  • Attend design review meetings to identify and document any potential security risks in a cloud or mobile implementation.
  • Identify security-based controls to mitigate any potential risks identified during a security review.

Job Requirements:

  • Experience working with common network appliances such as a Web Application Firewall (WAF), SIEM, traditional Firewall, API Gateways, or Load Balancers.
  • 2+ years’ Experience creating security-based threat models for Cloud Applications
  • 2-5 years’ Experience working in a Mobile Environment (Android, iOS)
  • Experience with using a security-based risk scoring system (CVSS)
  • Strong knowledge of industry standards as they relate to Cloud and Application security management to include ISO, NIST, and Cloud Security Alliance (CSA)
  • 2-5 years’ Experience working in a Cloud Environment (GCP, Azure, AWS)
  • Experience with threat modeling and hazard-analysis frameworks such as STAMP, STRIDE etc.
  • Experience leveraging the MITRE ATT&CK™ Framework
  • Experience working with Google Cloud Provider (GCP)
  • Knowledge of OWASP top ten vulnerabilities for web applications and APIs
  • Previous Web Application development experience
  • Cloud Computing certifications such as CCSK, AWS, Azure, and GCP a plus
  • Professional Security Certifications: CISSP, CCSP, CISA, CISM, ITIL
  • Experience with a common scripting language (Python, Bash)

Job Details:

Company: Dexcom

Vacancy Type: Full Time

Job Location: United States

Application Deadline: N/A

Apply Here

 Report Job