Senior Detection Engineer

23andMe is looking for an experienced Detection Engineer to join our Security Operations Team. You will bring critical thinking skills hands-on experience with Enterprise Security design and the ability to work with and influence cross-functional teams (Engineering IT NetOps and Architecture).

Youll be leveraging your experience and expertise with enterprise security tools and industry best practices to secure our customer data and corporate assets.

Who We Are

We are a group of individuals passionate about genetic discovery. 23andMe Research Institute is a nonprofit medical research organization that enables people everywhere to access their genetic information learn about themselves and participate in the worlds largest crowdsourced research initiative. The Institute aims to be the worlds most significant contributor to scientific advancement uniting people with the common goal of improving health and deepening our understanding of DNA the code of life.

What Youll Do

• Work within the Security Operations Team to identify threats within the environment through traditional threat hunting techniques

• Work collaboratively to speed up response time and to determine the state of the potential threat / alert

• Assist the security organization to identify automation opportunities and work to implement those integrations and automation improvements within the security tooling

• Participate in an on-call rotation with additional bonus opportunities

• Leverage multiple security techniques and tools daily including but not limited to use of tools for: intrusion detection endpoint detection and response and SIEM

• Actively threat hunt within security tools and determine steps to triage and filter the true events from background noise

• Create and use threat hunting playbooks

• Create and use security operations runbooks to respond to alerts

• Design and implement new security playbooks and automation

• Define design and build threat detection methodologies; help to improve the security posture of the company

• Lead by example and share your creativity wit and experience across the team working on a variety of tasks ranging from threat detection within multiple enterprise security tools assessing threats and providing targeted responses and monitoring the corporate environment for potential risks;

• Integrate configure and maintain SIEM tools;

• Train and mentor security engineers and analysts to utilize SIEM technology;

• Manage and improve our incident response workflow implement mitigation plans in cooperation with Engineering SecOps AppSec and IT teams;

• Help teams to leverage the existing and emerging logging and monitoring solutions extract security events from the logs with filter/correlation tools evaluate misconfiguration and intrusion detection signals automate as much as possible;

• Improve our vulnerability management program: setup and integrate security scans triage and mitigate vulnerabilities communicate required actions to relevant teams;

• Implement monitor and support Product corporate IT and infrastructure security solutions including:

• Configure manage and optimize logging monitoring correlation and alerting tools and the orchestration through a security information and event management (SIEM) solution

• Data Loss Prevention (DLP) solution focusing on PII and Intellectual Property related data.

• Detect and respond: Deploy Threat Intelligence products and develop threat reports

• Assist with the design development delivery documentation training and reporting on security control mechanisms (e.g. WAF endpoint-protection/AV/EDR etc.);

• Evaluate security technologies; work closely with vendors to ensure timely delivery of products services and feature requests;

• Risk and evidence-based approach: Identify assess and prioritize security risks to Product Infrastructure Enterprise data and systems including external threats internal threats and exposure to third-party vulnerabilities;

• Other duties as assigned.

What Youll Bring

• Passion for security!

• Familiarity with how attacks are conducted against network infrastructure web applications and employees;

• Hands-on experience with SIEM EDR osquery/FleetDM and other security tools with the ability to triage alerts effectively to identify potential threats;

• Some knowledge and capability with one or more scripting and programming languages (e.g. bash Go Python etc.);

• Experience implementing threat detection through security-as-code (e.g. Terraform);

• Experience in evaluating the qualitative and quantitative effectiveness of security alerts;

• Familiarity with building product base alerting;

• Working knowledge of operating systems (e.g. MacOS Windows Linux);

• Hands-on experience with information security tools in Google Workspace Cloudflare Okta and AWS;

• Strong understanding of security concepts such as incident response cloud security monitoring network security monitoring host based analysis MITRE ATT&CK Cyber Kill Chain CIA triad and Zero Trust;

• Sound familiarity with AWS security concepts;

• Ability to communicate well and work with others;

• Ability to think critically about challenging problems to determine the most effective method to solve and address;

• A minimum of 3 years of experience with managing large scale enterprise security infrastructure including security solution design and hands-on engineering;

• B.S./M.S. in computer science engineering information systems IT Information Security or a related technical field.

About Us

23andMe headquartered in California is a leading consumer genetics and research company. The companys mission is to help people access understand and benefit from the human genome. 23andMe has pioneered direct access to genetic information as the only company with multiple FDA authorizations for genetic health risk reports. The company has created the worlds largest crowdsourced platform for genetic research with 80 percent of its customers electing to participate. 23andMe research participants consent to research conducted by 23andMe which is overseen by an independent third-party Institutional Review Board (IRB) regulated under the Common Rule (45 CFR part 46). More information is available at 23andMe we value a diverse inclusive workforce and we provide equal employment opportunity for all applicants and employees. All qualified applicants for employment will be considered without regard to an individuals race color sex gender identity gender expression religion age national origin or ancestry citizenship physical or mental disability medical condition family care status marital status domestic partner status sexual orientation genetic information military or veteran status or any other basis protected by federal state or local laws. If you are unable to submit your application because of incompatible assistive technology or a disability please contact us at 23andMe will reasonably accommodate qualified individuals with disabilities to the extent required by applicable law.

Please note: 23andMe does not accept agency resumes and we are not responsible for any fees related to unsolicited resumes. Thank you.

Pay Transparency

23andMe takes a market-based approach to pay and amounts will vary depending on your geographic location. The salary range reflected here is for a candidate based in the San Francisco Bay Area. The successful candidates starting pay will be determined based on job-related skills experience qualifications work location and market conditions. These ranges may be modified in the future.
San Francisco Bay Area Base Pay Range
$175000$200000 USD