Sr. Security Analyst

We are seeking an outstanding information security engineer focused on detection and threat response who wants to challenge themselves, identify threats to the business and help protect 23andMe and customer data.

Who We Are

Since 2006, 23andMe’s mission has been to help people access, understand, and benefit from the human genome. We are a group of passionate individuals pushing the boundaries of what’s possible to help turn genetic insight into better health and personal understanding.

What You'll Do

• Be a key member of the Enterprise Security team
• Engage with the Red Team to actively assess systems, applications, and environments within 23andMe to proactively identify opportunities to improve our security posture.
• Coordinate with IT on vulnerability management and patch cycles to ensure that the company is managing risk appropriately and addressing issues that arise quickly and efficiently.  
• Work within the Enterprise Security team and with IT peers to identify threats within the environment through traditional threat hunting techniques.  Identify opportunities to improve playbooks, runbooks and create automation.  Work collaboratively to speed up response time and to determine the state of the potential threat / alert..
• Assist the security organization to identify automation opportunities and work to implement those integrations and automation improvements within the security tooling.
• Participate in an on-call rotation
• Address multiple technical challenges across multiple security tools
• Actively threat hunt within security tools and determine steps to triage and filter the true events from background noise
• Create and use threat hunting playbooks
• Create and use security operations runbooks to respond to alerts
• Work with vulnerability management platforms to create reporting and then partner with IT to ensure timely patching and remediation of identified vulnerabilities
• Design and implement new security playbooks and automation
• Define, design, and build threat detection methodologies; help to improve the security posture of the company. 
• Work among the greater IT and information security teams to build integrations, solve challenging problems, and help to automate our response to targeted threats. 
• Lead by example and share your creativity, wit and experience across the team. Enjoy a collaborative environment with small project teams working on a variety of tasks ranging from threat detection within multiple enterprise security tools, assessing threats and providing targeted responses and monitoring the corporate environment for potential risks.
• Participate in incident response activities, as needed
• Leverage multiple security tools daily, including but not limited to: intrusion detection, endpoint detection and response, and SIEM.
• Other duties as assigned

What You'll Bring

• Passion for security!
• Some knowledge and capability with one or more scripting and programming languages (e.g. bash, go, Python, etc.)
• Working knowledge of operating systems (e.g. Windows, MacOS, Linux)
• Some hands-on experience with information security tools
• Understanding of security concepts
• General familiarity with AWS security concepts
• Demonstrated skills around offensive or defensive security technologies
• Ability to communicate well and work with others
• Ability to think critically about challenging problems to determine the most effective method to solve and address
• Familiarity with how attacks are conducted against network infrastructure, web applications and employees

About Us

23andMe, headquartered in Sunnyvale, CA, is a leading consumer genetics and research company. Founded in 2006, the company’s mission is to help people access, understand, and benefit from the human genome. 23andMe has pioneered direct access to genetic information as the only company with multiple FDA authorizations for genetic health risk reports. The company has created the world’s largest crowdsourced platform for genetic research, with 80 percent of its customers electing to participate. The platform also powers the 23andMe Therapeutics group, currently pursuing drug discovery programs rooted in human genetics across a spectrum of disease areas, including oncology, respiratory, and cardiovascular diseases, in addition to other therapeutic areas. More information is available at www.23andMe.com.

At 23andMe, we value a diverse, inclusive workforce and we provide equal employment opportunity for all applicants and employees. All qualified applicants for employment will be considered without regard to an individual’s race, color, sex, gender identity, gender expression, religion, age, national origin or ancestry, citizenship, physical or mental disability, medical condition, family care status, marital status, domestic partner status, sexual orientation, genetic information, military or veteran status, or any other basis protected by federal, state or local laws.  If you are unable to submit your application because of incompatible assistive technology or a disability, please contact us at [email protected]. 23andMe will reasonably accommodate qualified individuals with disabilities to the extent required by applicable law.

Please note: 23andMe does not accept agency resumes and we are not responsible for any fees related to unsolicited resumes. Thank you.

Pay Transparency23andMe takes a market-based approach to pay, and amounts will vary depending on your geographic location. The salary range reflected here is for a candidate based in the San Francisco Bay Area.  The successful candidate’s starting pay will be determined based on job-related skills, experience, qualifications, work location, and market conditions. These ranges may be modified in the future.San Francisco Bay Area Base Pay Range$90,000—$134,000 USD