GRAIL is a healthcare company whose mission is to detect cancer early, when it can be cured. GRAIL is focused on alleviating the global burden of cancer by developing pioneering technology to detect and identify multiple deadly cancer types early. The company is using the power of next-generation sequencing, population-scale clinical studies, and state-of-the-art computer science and data science to enhance the scientific understanding of cancer biology, and to develop its multi-cancer early detection blood test. GRAIL is headquartered in Menlo Park, CA with locations in Washington, D.C., North Carolina, and the United Kingdom. GRAIL, LLC is a wholly-owned subsidiary of Illumina, Inc. (NASDAQ:ILMN). For more information, please visit www.grail.com.

Join GRAIL’s existing security team to build security into all areas of our software/product development, and ongoing operations. You will have the opportunity to collaborate with cross functional teams including IT, Clinical, Lab and Commercial Operations to continually enhance our security strategy and define project road maps. You will be in a position to assist the engineering team build new tools and automation systems to help detect cancer. 

You Will:

• Assist with the security review process, consist of our partners, vendors and product releases
• Help support remediation/implementation activities for compliance gaps
• Assist with internal and external security audits, such as ISO27001, HIPAA, SOC2, PCI, and HiTrust on a needed basis
• Represent the security team in architectural discussions, provide security review to our product releases and our external partners
• Serve as a subject matter expert to help translate compliance requirements to technical/non-technical implementation requirements
• Draft, review, and propose new/updates to security policies as needed
• Actively identify security risks and provide mitigation solutions
• Continuously identify areas for improvement, and develop strategies to reduce manual overhead

Your Background Should Include:

• BS or MS degree in Computer Science, Information Systems, or equivalent experience
• Skilled in public and private cloud security best practices. Identity and access management, penetration testing, vulnerability scanning, source code analysis, social engineering
• Strong network and security experience including switching and routing protocols, firewalls, penetration testing, network assessment, DHCP, DNS, IPV4 and IPV6, VPN, SSH protocols, SSL/TLS certificate management
• Experience with multi-cloud PaaS platforms such as AWS, GCP and Azure
• Experience with monitoring, alerting, observability and incident management tools such as Prometheus, Grafana, Blue Lava, Splunk, ELK stack, and PagerDuty
• Demonstrable knowledge of TCP/IP, Linux OS internals, SSO, certificate management, authorization, and encryption
• Excellent verbal and written communication skills




Preferred qualifications:

• Strong presentation skills
• Ability to effectively communicate with engineers and sr. leadership
• Understanding of AWS security tools and DevSecOps technical stack
• Ability to program in one or more languages: Python, Go and Bash scripting
• Security certification such as CISSP, CISA, CCIE-security, AWS-security

GRAIL is an Equal Employment Office and Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status. We will reasonably accommodate all individuals with disabilities so that they can participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Following extensive monitoring, consideration of business implications, and advice from internal and external experts, GRAIL US has made the decision to require that all U.S. employees be “Fully Vaccinated” with the COVID-19 vaccine. “Fully Vaccinated” is defined as two weeks after both doses of a two-dose vaccine (e.g. Pfizer or Moderna) or two weeks since a single-dose vaccine (e.g. Johnson & Johnson) has been administered. Absent a qualifying exemption, all GRAIL US employees are to comply with this requirement, including providing documentation of such vaccination status, as a condition of employment. Anyone unable to be vaccinated, either because of a sincerely held religious belief or a medical condition or disability that prevents them from being vaccinated, can request a reasonable accommodation for consideration by GRAIL.