Sr Manager Cybersecurity Engineering

About Dexcom

Founded in 1999, Dexcom, Inc. (NASDAQ: DXCM), develops and markets Continuous Glucose Monitoring (CGM) systems for ambulatory use by people with diabetes and by healthcare providers for the treatment of people with diabetes. The company is the leader in transforming diabetes care and management by providing CGM technology to help patients and healthcare professionals better manage diabetes. Since the company’s inception, Dexcom has focused on better outcomes for patients, caregivers, and clinicians by delivering solutions that are best in class - while empowering the community to take control of diabetes. Dexcom reported full-year 2022 revenues of $2.9B, a growth of 18% over 2021. Headquartered in San Diego, California, with additional offices in the Americas, Europe, and Asia Pacific, the company employs over 8,000 people worldwide.

About Dexcom:

Founded in 1999, Dexcom, Inc. provides continuous glucose monitoring technology to help patients and their clinicians better manage diabetes. Since our inception, we have focused on better outcomes for patients, caregivers, and clinicians by delivering solutions for people with diabetes - while empowering our community to take control of diabetes.

Meet the team:

The Dexcom IT Information Security team is seeking a Senior Manager to lead the Enterprise Product Cybersecurity (ProdSec) team which has responsibility for securing cloud, DevOps, and software development technologies across the enterprise environment. The position will manage a global team responsible for product security standards, technology, and tools. The leader will represent product security interests in system architecture discussions and influence partners to adopt security best practices and integrate security into their technology stacks.

The ProdSec team partners with IT DevOps to define cloud security architecture and secure multi-cloud environments (including GCP, AWS, etc.) using a combination of native cloud capabilities and third-party tools. The team works closely with the various IT Applications and development teams to secure the IT software development stack, establish application security and coding standards, and manage SAST, DAST, and web app pen testing. Finally, the ProdSec team codifies security checks into CI/CD build pipelines using Terraform and Hashicorp Sentinel Policy as Code.

Where you come in:

• You will establish a unified vision for enterprise product security, establish a program and technology roadmap, and then deliver business-enabling product security services.
• You will own product security technology, application security tools, and the security of cloud platforms with a goal of preventing significant security incidents.
• You will establish and document product security processes/knowledge and define, report, and improve the KPIs for measuring product security effectiveness.
• Your team establishes security architecture and best practices for securing public cloud platforms (GCP, AWS, Azure) and DevOps technology stacks (Kubernetes, containers, serverless).
• Your team establishes security architecture and best practices for secure software development, secure coding best practices, SAST, DAST and web app testing.
• Your team manages security assessments on enterprise applications and application integrations, cloud platforms, and DevOps tools/technologies.
• Your team manages security policy using Hashicorp Terraform and Sentinel “policy as code.”
• You will influence partners and increase adoption of product security standards, tools, and capabilities.
• You enjoy staying current with trends and technology in the product security domain.

What makes you successful:

• You have a BS/MS in computer science/engineering, information technology, or technical field, or equivalent work experience.
• You have 10+ years of experience in the cybersecurity, IT, or engineering fields; 6+ years in product security, cloud security, or DevSecOps or role; 4+ years leadership experience.
• You bring a demonstrated record of accomplishment of delivering results using Agile Scrum, DevOps and GitOps methodologies and toolsets.
• You have experience building effective partnerships and managing security functions that require stakeholder engagement and support to be successful.
• You have hands-on experience with product security tools/technologies – such as Terraform/TFC, GitHub, Hashicorp Sentinel, Wiz, Splunk, Apigee, Snyk, SonarCloud, K8s, and containers.
• You bring hands-on knowledge of security controls in public cloud environments (GCP, AWS and Azure) including IAM, service control policies, network security, secrets management, digital certificates, encryption, threat detection and response, security logging/monitoring, etc.
• You have hands-on experience with AppSec tools and methodologies, secure development control frameworks and coding best practices, SAST/DAST tools, and web app pen testing.

What you’ll get:

• A front row seat to life changing CGM technology. Learn about our brave #dexcomwarriors community.
• A full and comprehensive benefits program.
• Growth opportunities on a global scale.
• Access to career development through in-house learning programs and/or qualified tuition reimbursement.
• An exciting and innovative, industry-leading organization committed to our employees, customers, and the communities we serve.

Travel Required:

• This position provides flexibility to work either from the San Diego, CA office or remotely. If remote, requires 5-10% travel, primarily to San Diego, CA.

Experience and Education Requirements:

• Typically requires a Bachelor's degree with 13+ years of industry experience.
• 5-8 years of previous people management experience.

Please note: The information contained herein is not intended to be an all-inclusive list of the duties and responsibilities of the job, nor are they intended to be an all-inclusive list of the skills and abilities required to do the job. Management may, at its discretion, assign or reassign duties and responsibilities to this job at any time. The duties and responsibilities in this job description may be subject to change at any time due to reasonable accommodation or other reasons. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions. 

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Dexcom’s AAP may be viewed upon request by contacting Talent Acquisition at talentacquisition@dexcom.com. 

If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact Dexcom Talent Acquisition at talentacquisition@dexcom.com. 

View the OFCCP's Pay Transparency Non Discrimination Provision at this link. 

Meritain, an Aetna Company, creates and publishes the Machine-Readable Files on behalf of Dexcom. To link to the Machine-Readable Files, please click on the URL provided:  https://health1.meritain.com/app/public/#/one/insurerCode=MERITAIN_I&brandCode=MERITAINOVER/machine-readable-transparency-in-coverage?reportingEntityType=TPA_19874&lock=true

To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Dexcom. Only authorized staffing and recruiting agencies may use this site or to submit profiles, applications or resumes on specific requisitions. Dexcom does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to the Talent Acquisition team, Dexcom employees or any other company location. Dexcom is not responsible for any fees related to unsolicited resumes/applications.
 

Salary:

$172,400.00 - $287,300.00