Staff Cybersecurity Engineer – Cloud & AI Security
Dexcom
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteSalary
💰 $156,400 - $260,600 per year
Job Level
Lead
Tech Stack
AWSAzureCloudCyber SecurityGoGoogle Cloud PlatformKubernetesLinuxPythonShell ScriptingTerraform
About the role
- Implement security architecture patterns and security improvements for GCP, AWS, and Azure.
- Integrate security checks in CI/CD (e.g., IaC scanning, secrets detection, SAST, SCA, etc.), and configure cloud security guardrails (HashiCorp Sentinel, GCP Org Policies, etc.) to block non‑compliant changes.
- Conduct security assessments on cloud workloads, applications, and DevOps stacks; document findings and drive remediation in collaboration with service owners.
- Build scalable processes using ASPM/CSPM/SCA/SAST/DAST/IAST; correlate findings from Wiz, Apiiro, Snyk, Qualys; establish alerting, risk‑based prioritization, and remediation workflows.
- Deploy and tune posture and threat monitoring for cloud infrastructure and applications; ensure logs, metrics, and traces support rapid investigation.
- Implement defenses against prompt injection, data poisoning, model exfiltration, jailbreaks, sensitive information disclosure, etc.
- Guide teams on safe GenAI adoption, aligning with InfoSec policies, compliance requirements, and industry best practices.
- Support compliance and certification activities by providing evidence during audits and internal reviews.
- Evaluate and recommend new security technologies; lead proofs‑of‑concept and production hardening, documenting standards and runbooks.
- Participate in technical governance forums as a contributor, providing product security guidance and ensuring designs meet baseline controls.
Requirements
- 5+ years total experience in cybersecurity, DevOps, IT, or engineering; 3+ years hands‑on securing public cloud environments.
- Demonstrated experience integrating security in DevOps (Terraform/IaC, GitOps, pipeline gates) and building guardrails/policy-as-code.
- Understanding of AI model/data risks, prompt hardening, guardrails, and secure patterns; exposure to Vertex AI, Azure AI, Bedrock or demonstrable self‑driven learning.
- Strong understanding of cloud security controls (identity, infrastructure, network, encryption, logging/monitoring, backup/recovery, WAF, microsegmentation) across GCP/AWS/Azure.
- Proficiency with Terraform and/or HashiCorp Sentinel; source control with GitHub.
- Familiarity with ASPM/CNAPP/CSPM tools such as Snyk, Apiiro, Wiz, Invicti.
- Automation/scripting experience (Python or Go); Linux administration, shell scripting, containers/Kubernetes, and open‑source security tools.
- Proven ability to influence without authority, partnering with DevOps/Engineering to land changes.
- Strong written and verbal communication; comfortable documenting standards, patterns, and runbooks.
Benefits
- A full and comprehensive benefits program, including medical, dental, and vision coverage, and wellness programs.
- Competitive compensation with performance incentives and opportunities for advancement within a growing, innovative company.
- Work-life balance support through flexible work arrangements and generous time-off policies.
- Access to in-house training, professional development programs, and opportunities to attend security conferences.
- The chance to work in an inclusive, diverse environment that values teamwork, collaboration, and continuous improvement.
- The opportunity to connect with the #dexcomwarriors community and contribute to a purpose-driven mission that makes a difference.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecurityDevOpscloud securityTerraformIaCGitOpsautomationscriptingLinux administrationopen-source security tools
Soft skills
influence without authoritycollaborationstrong written communicationstrong verbal communication