DevOps & Security Operations (DevSecOps) Manager
Menlo Park, CA or Union City, CA
Applications have closed
BillionToOne
We are a team at the forefront of disease detection focused on moving Prenatal Screening and Liquid Biopsy forward.BillionToOne is a next-generation molecular diagnostics company dedicated to developing powerful and accurate diagnostic tests that are accessible to all. Our innovative QCT molecular counting technology significantly enhances the resolution of disease detection using cell-free DNA by over a thousandfold. This groundbreaking technology is integral to our product offerings, including one of our flagship products, Unity Complete™, the only non-invasive prenatal screen capable of assessing fetal risk for both common recessive conditions and aneuploidies from a single maternal blood sample. Leveraging the same molecular counting technology, we've expanded our impact into oncology in 2023 with a pioneering liquid biopsy test, Northstar, that combines treatment selection with monitoring. To date, over 500,000 patients have benefited from our innovative and precise diagnostic tests, and our Annual Recurring Revenue (ARR) has grown from $0 to $125 million in the last ~4 years.
BillionToOne has successfully raised close to $400 million in funding, with a notable $130 million Series D round completed in June 2024, resulting in a company valuation of over $1 billion. This funding has come from prestigious global institutional investors, including Hummingbird, Adams Street Partners, Neuberger Berman, Baillie Gifford, and Premji Invest. BillionToOne has recently been recognized by Forbes as one of America's Best Startup Employers for 2024, highlighting the company's exceptional work environment and commitment to innovation.
Our team has grown significantly and we now proudly employ over 400 highly skilled individuals. Despite substantial growth, we have successfully maintained the unique culture that has defined BillionToOne from inception, continuing to cultivate a team that is not only diverse and passionate but also innovative. Headquartered in Menlo Park, California, with an additional facility in Union City, California, BillionToOne remains at the forefront of significant advances in molecular diagnostics, evidenced by the recent announcement of clinical outcomes data for its Unity Fetal Risk Screen and new advancements in cancer diagnostics. For more detailed information about BillionToOne and its groundbreaking work, please visit our website at www.billiontoone.com.
We are seeking an experienced DevOps & Security Operations (DevSecOps) Manager to join our healthcare organization, which focuses on managing and protecting sensitive patient data. The successful candidate will be responsible for ensuring secure, efficient, and scalable infrastructure, with a strong emphasis on cloud security, compliance, and system integrity. You will lead efforts in automating infrastructure, enhancing security practices, and ensuring adherence to HIPAA and other healthcare regulations across all systems and operations.
Key Responsibilities:
- Cloud Security: Strengthen the security of our AWS environments by implementing best practices, HIPAA-compliant controls, and healthcare-focused security frameworks to safeguard Protected Health Information (PHI).
- DevOps Security: Seamlessly integrate security into the development lifecycle to ensure secure software delivery in compliance with HIPAA standards and ensuring that all PHI is protected.
- Secure System Integrations: Design and implement strategies for secure communication and data exchange between internal systems and external healthcare partners, ensuring all connections meet regulatory compliance standards.
- Logging & Threat Detection: Develop and manage comprehensive logging systems to detect and respond to security threats proactively, ensuring full audit trails for all systems handling PHI.
- Incident Response: Create and maintain HIPAA-compliant incident response plans to minimize downtime and quickly recover from any security breaches involving patient data.
- Infrastructure Automation: Use Infrastructure as Code (IaC) tools, such as Terraform, to automate infrastructure provisioning, ensuring consistent, secure, and compliant environments. Maintain version-controlled configurations to guarantee auditability.
- Cost Management: Monitor cloud expenses regularly, detect trends or unexpected costs, and provide cost-saving recommendations to ensure efficient resource utilization while maintaining compliance.
Day-to-Day Responsibilities:
- AWS Management: Oversee user administration, security groups, and provisioning of AWS instances in a HIPAA-compliant manner. Ensure AWS security compliance by continuously monitoring and addressing any vulnerabilities or misconfigurations.
- Logging & Monitoring: Define and lead the logging strategy and systems, ensuring all logs related to PHI are compliant with HIPAA retention and access control policies.
- Penetration Testing & Vulnerability Management: Manage regular penetration test cycles, and lead internal and external vulnerability monitoring for systems handling PHI.
- SOC 2 & HIPAA Compliance: Lead the DevSecOps controls for SOC 2 and HIPAA compliance programs, ensuring all operational and security controls meet regulatory requirements and audit standards.
- Manage our suite of security applications and tools.
Qualifications:
- Proven experience managing AWS environments with a focus on security, compliance, and healthcare standards (HIPAA).
- Hands-on expertise in DevSecOps practices, including integrating security into CI/CD pipelines.
- Proficient with Infrastructure as Code (IaC) tools such as Terraform.
- Knowledge of HIPAA and SOC 2 compliance, with experience supporting security audits and maintaining documentation.
- Experience in logging, monitoring, and threat detection tools like Cloudflare, Sentry, and SIEM platforms.
- Strong understanding of vulnerability management, incident response, and endpoint protection.
- Excellent problem-solving and communication skills, with the ability to work in a fast-paced healthcare environment.
- This role offers an exciting opportunity to ensure that our healthcare organization’s infrastructure is secure, efficient, and fully compliant with all regulatory standards while managing sensitive patient data effectively.
Benefits And Perks:
- Working with a team of ‘rockstars’ who bring out the best in everyone
- Open, transparent culture that includes weekly Town Hall meetings
- The ability to indirectly or directly change the lives of hundreds of thousand patients
- Multiple medical benefit options; employee premiums paid 100% of select plans, dependents covered at 80%
- Extremely generous Family Bonding Leave for new parents (16 weeks, paid at 100%)
- Retirement savings program including a 4% Company match
- Free daily on-site lunches provided from top eateries
- Latest and greatest hardware (laptop, lab equipment, facilities)
- A variety of perks on campus (state of the art gym, restaurant)
- Free on-site EV charging (compatible with all EVs, including Tesla)
At BillionToOne, we are proud to offer a combination of (1) competitive base pay, (2) the opportunity for professional growth, and (3) industry leading company benefits (free healthcare options, 401k match, very generous fully paid parental leave etc.).
BillionToOne is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation AWS CI/CD Cloud Cloudflare Compliance DevOps DevSecOps HIPAA Incident response Monitoring Pentesting SIEM SOC SOC 2 Strategy Terraform Threat detection Vulnerabilities Vulnerability management
Perks/benefits: 401(k) matching Competitive pay Fitness / gym Gear Health care Lunch / meals Medical leave Parental leave Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.