We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
CareDx jobs

Sr Info Security Engineer

CareDx
401(k)
United States, Pennsylvania, West Chester
901 South Bolmar Street (Show on map)
Apr 17, 2025

CareDx, Inc. is a leading precision medicine solutions company focused on the discovery, development, and commercialization of clinically differentiated, high-value healthcare solutions for transplant patients and caregivers. CareDx offers products, testing services, and digital healthcare solutions along the pre- and post-transplant patient journey, and is the leading provider of genomics-based information for transplant patients.

Responsibilities:

  • Support business initiatives by enhancing and supporting information security requirements, standards and principles.
  • Drive various security, trust and compliance projects end-to-end, from design phase to project closure.
  • Analyze security controls and compliance requirements for various frameworks such as SOC2, HIPAA, HITRUST, ISO27001, PCI, FedRAMP and Privacy Impact Assessments.
  • Conduct regular system tests and ensure continuous monitoring of network, system, and application security.
  • Review and analyze access, network, and system logs and alerts in a hybrid-cloud environment for inappropriate or unauthorized activity.
  • Track, analyze and mitigate Advanced Persistent Threats (APT), phishing and social engineering other security related threats.
  • Promptly respond to all security incidents and provide thorough post-event analysis creating/utilizing associated runbooks and incident response plans.
  • Identify and determine root causes of security violations. Verify and document the corrective actions to ensure application, data, and infrastructure security.
  • Interact with internal and external auditors as needed to ensure regulatory and policy compliance.
  • Provide technical guidance and recommendations to lines of business about the risks and control measures associated with new and emerging technologies.
  • Maintain and create analytical reports for information security KPIs
  • Keep up to date on emerging security threats, technologies, and systems

Qualifications:

  • Bachelor's degree in related field preferred.
  • While we are open to applicants from various regions, candidates located in San Francisco, CA are strongly preferred to ensure seamless collaboration with the team.
  • Relevant technical security certifications such as CISSP, GCIH or CEH.
  • 5 or more years of experience in the field of Information Security, Audit and/or Compliance.
  • 3 or more years of Security information and event management correlation (SIEM) experience.
  • 3 or more years of information security tools administration.
  • 3 or more years of hands-on securing cloud (AWS, Azure or GCP) environments.
  • Demonstrated by means of experience or product technical certification to support in-depth knowledge for:
  • Network and web related protocols
  • CrowdStrike or SentinelOne
  • Web Application Firewalls (WAFs)
  • Security Controls for Cloud Environments (Microsoft Azure, Amazon Web Services)
  • SAML, OAuth tools such as Okta and Azure
  • Rapid 7 IDR/InsightVM, LogRhythm, Splunk or Similar SIEM.
  • Intermediate to Advanced Knowledge of Microsoft PowerShell
  • Web app security using various DAST, SAST, IAST and SCA tools
  • Various CI/CD integrations for DevSecOps practices
  • Strong knowledge of NIST 800-53, HIPAA and one or more additional security frameworks from the following list is also essential for this role
  • ISO 27001 / SOC 2
  • CIS Critical Controls
  • Familiarity with programming languages such as .NET, Java and Python
  • Very strong on having technical documentation
  • Must have the ability to effectively communicate to all levels of individuals clearly at their level

Additional Details:

Every individual at CareDx has a direct impact on our collective mission to improve the lives of organ transplant patients worldwide. We believe in taking great care of our people, so they take even greater care of our patients.

Our competitive Total Rewards package includes:

  • Competitive base salary and incentive compensation
  • Health and welfare benefits including a gym reimbursement program
  • 401(k) savings plan match
  • Employee Stock Purchase Plan
  • Pre-tax commuter benefits
  • And more!

In addition, we have a Living Donor Employee Recovery Policy that allows up to 30 days of paid leave annually to a full-time employee who makes the selfless act of donating an organ or bone marrow.

With products that are making a difference in the lives of transplant patients today and a promising pipeline for the future, it's an exciting time to be part of the CareDx team. Join us in partnering with transplant patients to transform our future together.

CareDx, Inc. is an Equal Opportunity Employer and participates in the E-Verify program.

By proceeding with our application and submitting your information, you acknowledge that you have read our U.S. Personnel Privacy Notice and consent to receive email communication from CareDx.

******** We do not accept resumes from headhunters, placement agencies, or other suppliers that have not signed a formal agreement with us.

#LI-Remote

Applied = 0
MORE JOBS LIKE THIS

(web-77f7f6d758-rjjks)