Senior Staff Engineer - DevSecOps

Posted 6 Days Ago
Be an Early Applicant
Alameda, CA, USA
In-Office
155K-221K Annually
Senior level
Biotech
The Role
Lead design and implementation of cloud security architectures, investigate and remediate security incidents, integrate security tooling into CI/CD pipelines, assess vulnerabilities, collaborate cross-functionally, and ensure regulatory compliance (SOX, FDA) while improving organizational security posture.
Summary Generated by Built In

SUMMARY/JOB PURPOSE (Basic purpose of the job):

Protect the organization’s digital infrastructure, data, and systems from internal and external cybersecurity threats by implementing, managing, and continuously improving security practices, tools, and operations with a focus on cloud applications and infrastructure.

ESSENTIAL DUTIES/RESPONSIBILITIES:

  • Design and implement robust security architectures for cloud environments following best practices, industry standards, and regulatory requirements.
  • Lead cross-functional collaboration on technology initiatives to strengthen security across systems and operations, ensuring alignment with organizational objectives and industry best practices.
  • Lead the investigation and resolution of complex security events and incidents, including malware outbreaks, unauthorized access attempts, and significant security breaches. Develop and implement response strategies, coordinate cross-functional teams, and ensure lessons learned are integrated into security policies and controls.
  • Analyze security logs and events from various sources to proactively develop and implement security measures that address current and emerging threats.
  • Provide updates to leaders on latest threat landscape, emerging trends, and propose cybersecurity solutions to proactively identify and mitigate potential security risks.
  • Enhance the organization’s security posture by assessing vulnerabilities and recommending solutions to address identified weaknesses.
  • Collaborate with internal teams, vendors, and partners to provide guidance and expertise on security best practices and incident response.
  • Ensure compliance with industry standards and organizational policies, including SOX and FDA regulatory requirements, by following established procedures and controls.

SUPERVISORY RESPONSIBILITIES:

  • No supervisory responsibilities.

EDUCATION/EXPERIENCE/KNOWLEDGE & SKILLS:

Education:

  • Bachelor’s degree in related discipline and 9 years of related experience; or
  • Master’s degree in related discipline and 7 years of related experience; or
  • Equivalent combination of education and experience
  • CISSP, CISM, CEH, OSCP, GIAC or similar cybersecurity certification preferred

Experience:

  • Experience with operation and implementation of cybersecurity tools.
  • Experience in designing, implementing, and managing security controls within cloud platforms, such as IAM, VPC, Zero Trust principles, IaC, IAAS, Security Groups, Key Management Services, SDLC, Ci/Cd pipelines and Network Security.
  • Experience in IT Security or related infrastructure administration role in an enterprise environment. Technical lead or management experience preferred.
  • Experience in investigations and response to cyber events and incidents.
  • Experience in enhancing organizational security awareness and resilience.
  • Experience with cloud, system, and application security.
  • Experience administering IT systems.
  • Experience working in Agile environments and using ticketing systems (e.g., JIRA, JSM).
  • Experience in regulated industries (e.g., biotech, pharma) with knowledge of GxP and SOX compliance preferred.

Knowledge, Skills and Abilities:

  • Strong knowledge of general IT applications and infrastructure.
  • Advanced knowledge of CLI and scripting language experience (Python, PowerShell, etc..)
  • Advanced knowledge of AWS
  • Advanced knowledge of IAC, SDLC, Ci/Cd pipelines
  • Advanced knowledge of cybersecurity technologies and concepts.
  • Strong analytical, problem solving, organizational, and communication skills.
  • Ability to work effectively with customers to solve business challenges while balancing the need for confidentiality, integrity, and availability.
  • Ability to multitask and work collaboratively.
  • Ability to work with ambiguity.
  • Ability to work with confidential data.
  • Ability to continuously learn and improve.
  • Ability to work with minimal guidance, to adapt to frequent priority changes, and response to ad-hoc requests
  • Architect secure cloud infrastructure using guardrails and golden paths using IaC patterns across AWS and Azure.
  • Integrate SAST, SCA, DAST, and dependency scanning into GitHub pipelines and provide help and support

Work Environment/Physical Demands:

Our office is a modern, open space that fosters collaboration and creativity. Teams work closely together, sharing ideas and solutions in a supportive atmosphere. We provide all necessary equipment, including dual monitors and ergonomic chairs, to ensure a comfortable workspace.

  • Occasional travel (5%).
  • On-call availability for critical escalations.

#LI-EZ1

Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets. The base pay range for this position is $154,500 - $220,500 annually. The base pay range may take into account the candidate’s geographic region, which will adjust the pay depending on the specific work location. The base pay offered will take into account the candidate’s geographic region, job-related knowledge, skills, experience and internal equity, among other factors.

In addition to the base salary, as part of our Total Rewards program, Exelixis offers comprehensive employee benefits package, including a 401k plan with generous company contributions, group medical, dental and vision coverage, life and disability insurance, and flexible spending accounts. Employees are also eligible for a discretionary annual bonus program, or if field sales staff, a sales-based incentive plan. Exelixis also offers employees the opportunity to purchase company stock, and receive long-term incentives, 15 accrued vacation days in their first year, 17 paid holidays including a company-wide winter shutdown in December, and up to 10 sick days throughout the calendar year.

If you have a disability and need an accommodation in relation to the application and/or recruitment process, please email us at: [email protected].


WORKING CONDITIONS:

Our office is a modern space that fosters collaboration and creativity. Teams work closely together, sharing ideas and solutions in a supportive atmosphere. We provide all necessary equipment, including dual monitors and ergonomic chairs, to ensure a comfortable workspace.


DISCLAIMER: 
The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification.  It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to the job.


We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.

Skills Required

  • Bachelor's degree with 9 years related experience, Master's with 7 years, or equivalent combination of education and experience
  • Experience operating and implementing cybersecurity tools
  • Designing, implementing, and managing security controls within cloud platforms (IAM, VPC, Zero Trust, Security Groups, KMS)
  • Experience with Infrastructure as Code (IaC), IaaS, SDLC, and CI/CD pipelines
  • Experience investigating and responding to cyber events and incidents
  • Experience with cloud, system, and application security (AWS/Azure)
  • Advanced CLI and scripting experience (Python, PowerShell)
  • Experience administering IT systems and working in enterprise IT security or infrastructure administration roles
  • Experience working in Agile environments and using ticketing systems (e.g., JIRA, JSM)
  • Integrate SAST, SCA, DAST, and dependency scanning into GitHub pipelines and provide support
  • Experience in regulated industries with knowledge of GxP and SOX compliance
  • CISSP, CISM, CEH, OSCP, GIAC or similar cybersecurity certification

Exelixis Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Exelixis and has not been reviewed or approved by Exelixis.

  • Retirement Support Retirement plans are highlighted as a strength, featuring a 401(k) with generous company contributions and immediate vesting. This emphasis signals strong long‑term financial support within the total rewards package.
  • Healthcare Strength Healthcare coverage is positioned as comprehensive, with multiple medical plan options (HDHP with HSA, EPO, and Kaiser HMO in CA) and employer HSA contributions in 2026. Posted plan documents and contribution details indicate structured support for managing care and costs.
  • Parental & Family Support Family support is robust, including fully paid parental leave, caregiver leave, and expanded fertility benefits. Additional elements such as grandparent leave and backup care broaden assistance across life stages.

Exelixis Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Alameda, CA
1,555 Employees
Year Founded: 1994

What We Do

Every Exelixis employee is united in an ambitious cause: to launch innovative medicines that give patients and their families hope for the future. In this pursuit, we know our employees are our most valuable asset. After operating in the challenging biotech sector for more than 25 years, we have a proven track record of resiliency in the face of adversity. The success of our lead product has provided a solid commercial foundation allowing us to reinvigorate our research efforts, and grow our team in areas such as Drug Discovery, Clinical Development and Commercial. As we expand our global partnerships and further reinvest in R&D to help us discover the next breakthrough for difficult-to-treat cancers, we’re seeking to add talented, dedicated employees to power our mission. Cancer is our cause. Make it yours, too. Please see our Community Guidelines: bit.ly/2XXw9w3 For more information about Exelixis, please visit www.exelixis.com, follow @ExelixisInc on Twitter or like Exelixis, Inc. on Facebook.

Similar Jobs

ZS Logo ZS

Enterprise Architect

Artificial Intelligence • Healthtech • Professional Services • Analytics • Consulting
Hybrid
10 Locations
15000 Employees
215K-228K Annually

ZS Logo ZS

Consultant

Artificial Intelligence • Healthtech • Professional Services • Analytics • Consulting
Hybrid
7 Locations
15000 Employees
160K-177K Annually

ZS Logo ZS

Strategic Alliances Specialist

Artificial Intelligence • Healthtech • Professional Services • Analytics • Consulting
Hybrid
3 Locations
15000 Employees
145K-158K Annually

ZS Logo ZS

Account Executive

Artificial Intelligence • Healthtech • Professional Services • Analytics • Consulting
Hybrid
2 Locations
15000 Employees
145K-158K Annually

Similar Companies Hiring

Formation Bio Thumbnail
Artificial Intelligence • Big Data • Healthtech • Biotech • Pharmaceutical
New York, NY
150 Employees
SOPHiA GENETICS Thumbnail
Software • Healthtech • Biotech • Big Data • Artificial Intelligence
Boston, MA
450 Employees
Pfizer Thumbnail
Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
New York, NY
121990 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account