Lead Security Engineer

Summary

Join Natera's security team as a Lead Application Security Engineer, a highly visible, hands-on role focused on application security. You will lead application security initiatives, develop and enforce security policies, conduct security assessments, and collaborate with development teams. This position requires expertise in SAST, DAST, penetration testing, and vulnerability management. The ideal candidate will have 10+ years of experience in application security and a strong understanding of relevant compliance standards. Natera offers competitive benefits, including comprehensive medical, dental, vision, life, and disability plans, as well as free testing for employees and their families. The role is remote in the USA, with a salary range of $172,400 - $215,450 USD.

Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field
• 10+ years of experience in application security or a related role
• Strong knowledge of security principles, vulnerabilities, and remediation techniques
• Experience with SAST and DAST tools such as OWASP ZAP, Burp Suite, Checkmarx, Veracode, or similar
• Proficiency in programming languages such as Java, C#, Python, or JavaScript
• Familiarity with web application security standards (e.g., OWASP Top Ten)
• Understanding of compliance standards such as SOC2, FDA Cybersecurity Guidelines, NIST, and how they apply to application security
• Excellent analytical and problem-solving skills
• Strong communication skills and the ability to work collaboratively in a team environment

Responsibilities

• Lead, build, and maintain the application security initiatives, including security architecture, security testing, vulnerability management, and security champion program
• Develop and enforce product security policies, reference architectures, procedures, and standards in compliance with SOC2, FDA Cybersecurity Guidelines, NIST, HIPAA, and other relevant regulations
• Conduct security assessments, including SAST, DAST, pen test, to identify vulnerabilities in applications
• Expert hands on experiences in WAF, API Security in complex enterprise environments
• Collaborate with development teams to integrate security practices into the secure software development lifecycle (SDLC)
• Lead the product security strategies and activities, ensuring alignment with business objectives
• Perform penetration testing and simulate attacks to identify potential security weaknesses
• Monitor and respond to security incidents, providing timely analysis and resolution
• Stay up-to-date with the latest security trends, vulnerabilities, and technologies
• Provide training and guidance to developers on secure coding practices
• Participate in the design and architecture of secure applications and systems
• Assist in compliance efforts and audits related to application security, including preparation of necessary documentation
• Interact with senior-level leaders and key stakeholders to coordinate activities across organizational lines and maintain robust and scalable enterprise business solutions
• Keep track of new regulations, industry best practices, and implement continuous improvement on an ongoing basis
• Collaborate with Information Security, Engineering and product teams to create, maintain and deliver an overall compliance/certifications roadmap
• Collaborate with Technical Program Management and Engineering, and help drive the development of standardized processes and procedures to assure product security requirements are accounted for in New Product Introduction (NPI), New Feature Introduction (NFI), and acquisition activities

Preferred Qualifications

• Relevant security certifications (e.g., CISSP, CEH, OSCP) are a plus
• Strong analytical abilities to make data-based and strategic value-driven business decisions, including the ability to make reasoned decisions in the face of uncertainty or imperfect data
• Strong technical background and communication skills are highly preferred

Benefits

• Comprehensive medical, dental, vision, life and disability plans for eligible employees and their dependents
• Natera employees and their immediate families receive free testing in addition to fertility care benefits
• Pregnancy and baby bonding leave
• 401k benefits
• Commuter benefits
• Generous employee referral program