Information Security & Compliance Engineer
CareDx, Inc. is a leading precision medicine solutions company focused on the discovery, development, and commercialization of clinically differentiated, high-value healthcare solutions for transplant patients and caregivers. CareDx offers products, testing services, and digital healthcare solutions along the pre- and post-transplant patient journey, and is the leading provider of genomics-based information for transplant patients.
We are seeking a skilled and detail-oriented Security and Compliance Engineer to join our cybersecurity team. The ideal candidate will have at least 3 years of experience in cybersecurity and will be responsible for implementing and maintaining security measures, monitoring threats, and responding to security incidents. Additionally, this role will cover compliance work such as SOC 2, vendor (supply chain) assessment, and project coordination. This position is crucial in protecting sensitive healthcare data and ensuring compliance with industry regulations.
Responsibilities:
- Security Tool Implementation:
- Deploy and manage security tools, including SIEM, EDR, firewalls, IDPS, and WAF.
- Ensure security tools are properly configured and maintained.
- Security Monitoring and Threat Detection:
- Monitor security alerts and events to identify potential threats.
- Maintain and tune security monitoring systems to ensure optimal performance.
- Incident Response:
- Participate in incident response activities, including investigating and analyzing security incidents.
- Document and report security incidents, and assist in remediation efforts.
- Regulatory Compliance:
- Support compliance efforts with HIPAA, HITECH, SOC 2, and other relevant regulations.
- Conduct security assessments and audits to ensure compliance with regulatory standards.
- Vendor and Supply Chain Assessment:
- Conduct assessments of vendors and supply chain partners to ensure their security practices meet our standards.
- Develop and maintain a vendor risk management program.
- Project Coordination:
- Coordinate security and compliance projects, ensuring they are completed on time and within scope.
- Collaborate with cross-functional teams to support project requirements and deliverables.
- Cloud Security:
- Secure cloud environments (AWS, Azure, GCP) by implementing best practices and security controls.
- Monitor and manage cloud security configurations.
- Continuous Learning and Development:
- Stay updated on the latest cybersecurity trends, threats, and technologies.
- Participate in training and professional development opportunities.
Qualifications:
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- 5 years of experience with minimum 3 years within cybersecurity or related fields.
- Proficient with security tools such as SIEM, EDR, Firewall, IDPS, and WAF.
- Knowledge of HIPAA, SOC 2, and other healthcare-related regulations.
- Strong analytical and problem-solving skills.
- Eagerness to learn and develop new skills.
- Good communication skills and the ability to work collaboratively with the team.
- Relevant certifications such as CompTIA Security+, CEH, or equivalent
- Familiarity with programming languages such as .NET, Java and Python
- Excellent problem-solving and analytical skills.
- Strong technical skills and the ability to work collaboratively with cross-functional teams.
- Strong work ethic and integrity.
Additional Details:
Every individual at CareDx has a direct impact on our collective mission to improve the lives of organ transplant patients worldwide. We believe in taking great care of our people, so they take even greater care of our patients.
Our competitive Total Rewards package includes:
- Competitive base salary and incentive compensation
- Health and welfare benefits including a gym reimbursement program
- 401(k) savings plan match
- Employee Stock Purchase Plan
- Pre-tax commuter benefits
- And more!
In addition, we have a Living Donor Employee Recovery Policy that allows up to 30 days of paid leave annually to a full-time employee who makes the selfless act of donating an organ or bone marrow.
With products that are making a difference in the lives of transplant patients today and a promising pipeline for the future, it’s an exciting time to be part of the CareDx team. Join us in partnering with transplant patients to transform our future together.
CareDx, Inc. is an Equal Opportunity Employer and participates in the E-Verify program.
By proceeding with our application and submitting your information, you acknowledge that you have read our U.S. Personnel Privacy Noticeand consent to receive email communication from CareDx.
******** We do not accept resumes from headhunters, placement agencies, or other suppliers that have not signed a formal agreement with us.
#LI-Hybrid #LI-In Office