Staff Cybersecurity Engineer - Application Security

Staff Cybersecurity Engineer - Application Security

Founded in 1999, Dexcom, Inc. (NASDAQ: DXCM), develops and markets Continuous Glucose Monitoring (CGM) systems for ambulatory use by people with diabetes and by healthcare providers for the treatment of people with diabetes. The company is the leader in transforming diabetes care and management by providing CGM technology to help patients and healthcare professionals better manage diabetes. Since the company’s inception, Dexcom has focused on better outcomes for patients, caregivers, and clinicians by delivering solutions that are best in class - while empowering the community to take control of diabetes. Dexcom reported full-year 2022 revenues of $2.9B, a growth of 18% over 2021. Headquartered in San Diego, California, with additional offices in the Americas, Europe, and Asia Pacific, the company employs over 8,000 people worldwide.

Meet the team:

The Dexcom Enterprise Information Security team is seeking a Staff Cybersecurity Engineer - Application Security (AppSec) to serve as a technical lead of application security for the APAC region. The position will involve leading application security capabilities and collaborating with relevant teams to ensure the security of IT applications within the specified region. The engineer will contribute to the implementation and automation of security measures within the software development lifecycle (SDLC) and deploy security controls and tools to secure the IT application environment.

The position will report within the APAC IT team with a dotted line to the corporate InfoSec Product Security team and will advocate for InfoSec interests across the local applications, infrastructure, and compliance teams to secure the IT department’s rapidly growing application stack within the APAC region. The position offers opportunity for career development as the Information Security program continues to expand globally.

Where you come in:

You will conduct security reviews of SaaS apps, web apps, and microservices for the APAC region.

You will represent InfoSec in local application/system design reviews and code reviews.

You will manage AppSec technology and integrate and automate security testing tools into the SDLC.

You will integrate and automate SAST, SCA, and DAST technology into the SDLC.

You will establish and promote awareness of application security and secure coding standards.

You will integrate application security tools into the SIEM and develop correlations.

You will provide consulting and influence other teams to mature application security in APAC.

You will serve as a local security expert and provide technical leadership to other staff members.

What makes you successful:

Your BS/MS in computer science/engineering, IT, or technical field, or equivalent experience.

Your CISSP, GIAC, or other security certifications are highly desired but not necessary.

Your 5+ years of experience in the cybersecurity, IT, or engineering fields

Your 2+ years in a senior application security engineer role.

Your strong understanding of AppSec technology such as OWASP, IAM, OAuth, API Gateways, secrets management, WAF, SAST, DAST, open-source security tools, code reviews, etc.

Your strong understanding of security controls and compliance of SaaS platforms.

Your proficiency in development technology such as CI/CD, GitHub, microservices, APIs, REST, etc.

Your understanding of web app technologies such as HTML, PHP, Java, and/or Drupal.

Your ability to work within an Agile/Scrum framework and to manage work in Jira.

Your proficiency in communicating technical concepts both verbally and in written documentation.

Your demonstrated success in influencing peers/partners without direct authority.

A full and comprehensive benefits program.

Growth opportunities on a global scale.

Access to career development through in-house learning programs and/or qualified tuition reimbursement.

An exciting and innovative, industry-leading organization committed to our employees, customers, and the communities we serve.

#LI-Hybrid

To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Dexcom. Only authorized staffing and recruiting agencies may use this site or to submit profiles, applications or resumes on specific requisitions. Dexcom does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to the Talent Acquisition team, Dexcom employees or any other company location. Dexcom is not responsible for any fees related to unsolicited resumes/applications.

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.