Cloud Security Architect

Menlo Park, CA, United States
Jun 13, 2021
Biotech Bay
Required Education
Bachelors Degree
Position Type
Full time
GRAIL is a healthcare company whose mission is to detect cancer early, when it can be cured. GRAIL is focused on alleviating the global burden of cancer by developing pioneering technology to detect and identify multiple deadly cancer types early. The company is using the power of next-generation sequencing, population-scale clinical studies, and state-of-the-art computer science and data science to enhance the scientific understanding of cancer biology, and to develop its multi-cancer early detection blood test. GRAIL is headquartered in Menlo Park, CA with locations in Washington, D.C., North Carolina, and the United Kingdom. It is supported by leading global investors and pharmaceutical, technology, and healthcare companies. For more information, please visit

Join GRAIL's existing security team to build security into our Cloud infrastructure. The Cloud Security Architect will be a key role working with both the Engineering and Security teams to ensure that we combine cloud security best practices into our infrastructure. You'll architect, design, and drive controls to meet our Confidentiality, Integrity and Availability needs. You will have a hand in both supporting the automated delivery of services as well as defining the security, alerting and compliance rules that will be applied to our cloud infrastructure.

You will:

• Perform regular reviews of cloud infrastructure for security, and cloud best practices.
• Develop threat models to identify risks, and prioritize improvements to our architecture.
• Collaborate with DevOps and Engineering to design, implement, and monitor security controls within the cloud infrastructure.
• Drive the adoption of Authentication and Authorization reference architectures for managing cloud infrastructure.
• Educate peers on applying the latest AWS & GCP technologies when developing new services, systems and applications.

Your background should include:

• 10+ years working in IT, Engineering, DevOps, DevSecOps, or Security domains.
• At least 3 years implementing services on cloud infrastructure.
• Sound knowledge of AWS with experience implementing, reviewing, and strengthening new or existing deployments specifically with technologies like IAM, GuardDuty, and WAF.
• Experience with Infrastructure-as-Code products like Terraform and CloudFormation.
• Deep understanding of security principles including encryption, authentication, etc.
• Thorough understanding of networking protocols such as TCP/UDP, SSL/TLS, IPSec, etc.

Bonus points:

• AWS Certification such as the Architect or preferably Security Speciality.
• Experience with threat modeling techniques such as RTMP, PASTA, STRIDE, etc.
• Experience with Kubernetes.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

GRAIL, Inc. and its affiliates and subsidiaries ("GRAIL") does not accept any liability for fees for resumes from recruiters or employment agencies ("Agency"), without a binding, written recruitment agreement between GRAIL and Agency describing the services and specific job openings ("Agreement"). GRAIL may consider any candidate for whom an Agency has submitted an unsolicited resume and explicitly reserves the right to hire those candidate(s) without any financial obligation to the Agency, unless an Agreement is in place. Any email or verbal contacts with any person within GRAIL is inadequate to create a binding agreement. Agencies without an Agreement are requested not to contact any hiring managers of GRAIL with recruiting inquiries or resumes. Agencies interested in partnering with GRAIL may contact GRAIL's HR Department through our Customer Service team .