Exelixis, Inc.
Senior Staff Engineer - Cybersecurity Operations
Exelixis, Inc., Alameda, California, United States, 94501
Senior Staff Engineer - Cybersecurity Operations
Overview
Join our highly skilled, rapidly growing cybersecurity team as a Senior Staff Engineer. You will lead threat detection, incident response, and continuous monitoring to protect critical assets, and partner with product owners to secure and harden applications, systems, and processes.
Essential Duties and Responsibilities
Oversee the end‑to‑end threat management process, from initial detection and analysis to containment, eradication, and recovery.
Lead and coordinate incident response efforts with different groups, ensuring timely and effective resolution of cybersecurity incidents.
Develop and maintain incident response plans and playbooks to guide the team during cybersecurity events.
Regularly assess the effectiveness of detection mechanisms and make necessary adjustments to improve accuracy and coverage, including threat hunting exercises.
Create and refine correlation rules within the SIEM to identify complex attack patterns and reduce false positives.
Incorporate threat intelligence feeds into the team’s detection capabilities to stay updated on the latest threats and attack techniques.
Utilize machine learning and behavioral analytics to identify anomalies and potential threats that traditional signature‑based tools might miss.
Regularly review and fine‑tune the configurations of current cybersecurity tools such as SIEM, EDR, and IDS/IPS.
Conduct and analyze phishing simulations to assess and improve the organization’s resilience against phishing attacks.
Work with various log sources and data feeds to enhance the visibility and detection capabilities of the team.
Responsible for creating and maintaining playbooks to standardize and automate threat response procedures, including developing automated workflows to streamline incident response.
Stay current with the latest threat landscape and emerging trends in cybersecurity to proactively identify and mitigate potential cybersecurity risks.
Contribute to the overall information cybersecurity strategy.
Education and Experience
Bachelor’s degree in a related discipline and 9+ years of related experience; or an equivalent combination of education and experience.
CISSP, CISM, CEH, OSCP, GIAC or similar cybersecurity certification required.
Knowledge, Skills, and Abilities
Proficiency with SOC tools and technologies such as SIEM (e.g., Splunk, QRadar), EDR (e.g., CrowdStrike, Cortex), and IDS/IPS (e.g., Snort, Suricata).
Strong scripting skills (e.g., Python, PowerShell) to automate tasks and enhance detection capabilities.
Ability to configure and fine‑tune cybersecurity tools, integrate log sources and data feeds, and create high‑fidelity alerts.
Knowledge of machine learning and behavioral analytics to identify anomalies and potential threats.
Proficiency in developing and refining correlation rules within SIEM to detect complex attack patterns, leveraging the MITRE ATT&CK framework.
Strong analytical skills to correlate events, make informed decisions, and present findings to senior management.
Excellent communication skills to collaborate with cross‑functional teams and translate data‑driven insights into clear narratives.
Resourceful, proactive, and continuously learning, with an ability to mentor and lead other cybersecurity team members.
Comprehensive knowledge of DNS, network protocols, firewalls, VPNs, web application firewalls, email security, IPS/IDS, DLP, cryptography, application whitelisting, and endpoint protection.
Working Conditions Environment: primarily working indoors in an office environment.
Compensation and Benefits The base pay range for this position is $150,000 – $213,000 annually. Exelixis offers a comprehensive benefits package including 401(k) with company contributions, medical/dental/vision coverage, life insurance, flexible spending accounts, a discretionary annual bonus program, and long‑term incentive programs.
Equal Opportunity Employer We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.
#J-18808-Ljbffr
Essential Duties and Responsibilities
Oversee the end‑to‑end threat management process, from initial detection and analysis to containment, eradication, and recovery.
Lead and coordinate incident response efforts with different groups, ensuring timely and effective resolution of cybersecurity incidents.
Develop and maintain incident response plans and playbooks to guide the team during cybersecurity events.
Regularly assess the effectiveness of detection mechanisms and make necessary adjustments to improve accuracy and coverage, including threat hunting exercises.
Create and refine correlation rules within the SIEM to identify complex attack patterns and reduce false positives.
Incorporate threat intelligence feeds into the team’s detection capabilities to stay updated on the latest threats and attack techniques.
Utilize machine learning and behavioral analytics to identify anomalies and potential threats that traditional signature‑based tools might miss.
Regularly review and fine‑tune the configurations of current cybersecurity tools such as SIEM, EDR, and IDS/IPS.
Conduct and analyze phishing simulations to assess and improve the organization’s resilience against phishing attacks.
Work with various log sources and data feeds to enhance the visibility and detection capabilities of the team.
Responsible for creating and maintaining playbooks to standardize and automate threat response procedures, including developing automated workflows to streamline incident response.
Stay current with the latest threat landscape and emerging trends in cybersecurity to proactively identify and mitigate potential cybersecurity risks.
Contribute to the overall information cybersecurity strategy.
Education and Experience
Bachelor’s degree in a related discipline and 9+ years of related experience; or an equivalent combination of education and experience.
CISSP, CISM, CEH, OSCP, GIAC or similar cybersecurity certification required.
Knowledge, Skills, and Abilities
Proficiency with SOC tools and technologies such as SIEM (e.g., Splunk, QRadar), EDR (e.g., CrowdStrike, Cortex), and IDS/IPS (e.g., Snort, Suricata).
Strong scripting skills (e.g., Python, PowerShell) to automate tasks and enhance detection capabilities.
Ability to configure and fine‑tune cybersecurity tools, integrate log sources and data feeds, and create high‑fidelity alerts.
Knowledge of machine learning and behavioral analytics to identify anomalies and potential threats.
Proficiency in developing and refining correlation rules within SIEM to detect complex attack patterns, leveraging the MITRE ATT&CK framework.
Strong analytical skills to correlate events, make informed decisions, and present findings to senior management.
Excellent communication skills to collaborate with cross‑functional teams and translate data‑driven insights into clear narratives.
Resourceful, proactive, and continuously learning, with an ability to mentor and lead other cybersecurity team members.
Comprehensive knowledge of DNS, network protocols, firewalls, VPNs, web application firewalls, email security, IPS/IDS, DLP, cryptography, application whitelisting, and endpoint protection.
Working Conditions Environment: primarily working indoors in an office environment.
Compensation and Benefits The base pay range for this position is $150,000 – $213,000 annually. Exelixis offers a comprehensive benefits package including 401(k) with company contributions, medical/dental/vision coverage, life insurance, flexible spending accounts, a discretionary annual bonus program, and long‑term incentive programs.
Equal Opportunity Employer We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.
#J-18808-Ljbffr