Senior Security Engineer, Identity & Access Management

At 10x Genomics, accelerating our understanding of biology is more than a mission for us. It’s a commitment. This is the century of biology, and the breakthroughs we make now have the potential to change the world. We enable scientists to advance their research, allowing them to address scientific questions they didn’t even know they could ask.

Our tools have enabled fundamental discoveries across multiple application areas, including cancer, immunology, and neuroscience. Our teams are empowered and encouraged to follow their passions, pursue new ideas, and perform at their best in an inclusive and dynamic environment. We know that behind every scientific breakthrough, there is a deep infrastructure of talented individuals driving the life sciences industry and making it possible for scientists, engineers, clinicians, computational biologists, and more to make new strides.

We’re dedicated to finding the best person for every aspect of our work because the innovations and discoveries that we enable together will lead to better technologies, better treatments, and a better future. Find out how you can make a 10x difference.

About the role

Our team is seeking a skilled and motivated Senior Security Engineer (IAM Identity Engineer) to own and enhance identity and access management systems, with a primary focus on maturing our Okta implementation and hardening our AWS Identity and Access Management configuration. The ideal candidate will have deep knowledge of the Okta platform, a proven history of configuring SCIM,  in addition to extensive multi-cloud experience. We know that security is hard and that’s why protecting our customers is our highest priority. If you are a self-starter who is passionate about security and is excited to work in a highly collaborative environment alongside a diverse team of experts every day, join us at 10x Genomics. 

As a Senior Security Engineer, you will be the technical subject matter expert for our identity solutions and cloud configurations. You will be responsible for performing design reviews, technical security assessments, and access reviews to highlight overly permissive policies and to help engineering teams reduce risk and  improve the overall security of our products. You will be a security leader within the company, gaining a solid understanding of our products and systems, and ensuring that security is built-in. This position requires both deep and broad technical knowledge across a range of disciplines, and the ability to work hands-on across a wide variety of software designs and technology stacks.

What you will be doing

• Serve as a primary technical security resource on all IAM issues and projects 
• Lead, implement, and expand our zero trust architecture
• Mature our Okta implementation by configuring SSO, SCIM, and other automated-provisioning processes
• Review and update cloud-based IAM policies to make sure access policies are least privileged, properly scoped, and governed by version control (Terraform + GitHub)
• Architect, configure, and audit role-based access control to ensure appropriate and secure user access
• Collaborate with other teams in pPerforming design reviews and technical security assessments to identify risks, ensure access rights are properly aligned, and help other teams improve the overall security of our products.
• Design and implement security best practices and standards across varied engineering teams and environments.
• Conduct threat modeling, identify & drive risk decisions, and influence technical designs and architectures.
• Advocate for security culture and educate colleagues across all parts of 10x.

Minimum Requirements:

• 3 years of hands-on technical experience configuring federated identity providers, using SAML, OIDC, and SCIM
• 3 years of hands-on technical experience configuring cloud identity and access management services including strong understanding of AWS IAM policies, roles, and trust relationships
• Experience with Terraform, GitHub or similar for cloud infrastructure management.
• Experience in web security (SSL/TLS, OAuth, SAML, etc.)
• Experience with cloud and web application security standards (CIS benchmarks, OWASP ASVS, SANS 25, etc.)

Preferred skills and experience:

• A degree in Computer Science, Computer Engineering, Software Engineering, Cybersecurity, Information Security, or a related technical field.
• In-depth technical and foundational knowledge of software engineering, computer systems, security engineering, authentication, and/or applied cryptography.
• Experience with regulatory requirements, and aligning security standards, frameworks, and corporate policy with overall business and technology strategy.
• Experience securing operating systems, networks, and low-level infrastructure. 
• Experience with attacker tactics, techniques, and procedures, and corresponding mitigation methods.
• Excellent written and verbal communications skills.

#LI-RW1

#LI-Hybrid

#LI-Remote

Below is the base pay range for this full time position.  The actual base pay will depend on several factors unique to each candidate, including one’s skills, qualifications, and experience.  At 10x, base pay is also just one component of the Company’s total compensation package.  This role is also eligible for 10x’s equity grants, its comprehensive health and retirement benefit programs, and its annual bonus program or sales incentive program.  Your 10x recruiter can share more about the Company’s total compensation package during the hiring process.

Pay Range$150,000—$225,000 USD

About 10x Genomics

At 10x Genomics, accelerating our understanding of biology is more than a mission for us. It is a commitment. This is the century of biology, and the breakthroughs we make now have the potential to change the world.

We enable scientists to advance their research, allowing them to address scientific questions they did not even know they could ask. Our tools have enabled fundamental discoveries across biology including cancer, immunology, and neuroscience.

Our teams are empowered and encouraged to follow their passions, pursue new ideas, and perform at their best in an inclusive and dynamic environment. We know that behind every scientific breakthrough, there is a deep infrastructure of talented people driving the life sciences industry and making it possible for scientists and clinicians to make new strides. We are dedicated to finding the very best person for every aspect of our work because the innovations and discoveries that we enable together will lead to better technologies, better treatments, and a better future. Find out how you can make a 10x difference. 

Individuals seeking employment at 10x Genomics are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation, or any other characteristic protected by applicable law.

10x does not accept unsolicited applicants submitted by third-party recruiters or agencies. Any resume or application submitted to 10x without a vendor agreement in place will be considered unsolicited and property of 10x, and 10x will not pay a placement fee.