Senior Application Security Engineer

San Carlos

Apply now

We believe that everyone benefits from their biological information. It is our mission to empower every person to improve their life through DNA. With our high-quality, trusted partners and state-of-the-art lab, we have created the first platform of personalized products and services powered by genetics. From inherited cancer screening to custom fitness and nutrition plans, the world of DNA learning is becoming more accessible and more valuable than ever.

So far we have raised over $300 million from investors like Illumina (the world’s leader in genetic sequencing equipment), Warburg Pincus, Sutter Hill Ventures,  Kleiner Perkins Caufied & Byers and Draper Fisher Jurvetson Venture. Our app store and marketplace include partners such as National Geographic, Admera Health, Vinome and many others, with whom we have partnered to develop applications which interpret your genome.

Our big vision comes with big responsibility. That’s why we’re building a team of experts in the field of genetics, engineering, design, business development, and beyond to help bring actionable insights to our customers. We’re looking for the best and brightest minds who are passionate about our mission and are excited to work with a truly diverse team.

The Helix Security team is seeking passionate InfoSec and AppSec engineers who want to develop solutions to important security challenges to protect consumer DNA data, work with our engineering, DevOps, IT, and science teams, and create solutions for secure partner collaborations. Bring your deep security experience into a new and innovative field with incredible potential. If you like the idea of working with some of the most important consumer health data, secure a platform and the eco-system being built around it, perform cutting-edge security research, think out of the box to advance internet security as a whole, and enjoy working with incredibly passionate colleagues in a startup environment, then this is the ideal opportunity for you.

Helix’s engineering culture emphasizes:

  • Curiosity - we are all passionate about the possibilities enabled by having access to your own genome
  • Responsibility - we have an obligation to people and our partners to operate with highly credible research guided by well-respected advisors, with clear and effective communication about our products
  • Agility - flexibility and a desire to be nimble, smart, and effective are important to the Helix culture
  • Experience - we’re building a team with amazing track records of achievement in multidisciplinary environment

As an Application Security Engineer, you will:

  • Perform assessment of Helix applications to identify and prioritize risks, driving prioritization and remediation across engineering and science teams
  • Be the expert on vulnerabilities and attack vectors that have the potential to impact Helix’s platform, our partners, and our users
  • Perform security code reviews, application vulnerability testing, and penetration testing, and train engineering team on best practices in application security
  • Identify and implement products and tools to ensure security of our applications, collaborating with engineering, operations, and IT to harden our environment
  • Keep current with latest security developments and leverage your information security experience in the new field of bioinformatics and big data genetics infrastructure

Required background:

  • A passion for improving people’s lives through access to better information about their DNA
  • 5+ years experience in information security including web application assessment, penetration testing, and vulnerability research
  • Have a hacker mindset, curious to break and tinker with technology
  • Very strong logic and problem-solving skills
  • Very familiar with web application security (OWASP, XSS, SQLi, Top 10, etc.) and authentication protocols like OAuth, SAML, LDAP, AD, etc.
  • Understanding of browser security model, mobile security, network security, and cryptography
  • Very experienced with source code reviews, code analysis tools
  • Demonstrated proficiency in JavaScript, Python, Perl, as well as programming experience with Java, C, C++
  • Familiar with threat models for large, distributed systems and cloud-based infrastructure (AWS, Google Cloud, or Azure)
  • Excellent communication skills to document and explain security vulnerabilities and technical risks to a technical audience
  • Diverse domain expertise such as e-commerce, financial, wireless, and healthcare security implementations and techniques
  • Affinity for an engineering culture that emphasizes Agile, DevOps, and continuous delivery
  • BS+ in Computer Science or equivalent experience required; coursework in cryptography, genetics/bioinformatics a plus

What Helix can offer you:

  • Competitive compensation, including meaningful equity
  • Great benefits, including medical, dental and vision
  • 401k with employer matching
  • 12 weeks paternity and maternity leave
  • Generous vacation policy
  • Commuter benefits
  • Gym subsidies