Principal Security Engineer

Time zone
Full Time
Opening date
Closing date
13 Nov 2021

Our mission is to make biology easier to engineer. Ginkgo is constructing, editing, and redesigning the living world in order to answer the globe’s growing challenges in health, energy, food, materials, and more. Our bioengineers make use of an in-house automated foundry for designing and building new organisms. Today, our foundry is developing over 40 different organisms to make different products across multiple industries.

We are currently expanding our Information Security Team, and we’re seeking people who are excited about growing and improving our core security services and capabilities and helping us keep Ginkgo Bioworks secure.

In support of our mission, we are looking for a hands-on Principal Security Engineer with a proven track record conducting incident response, vulnerability management, and compliance (NIST/CMMC, SOX). You will be a direct report to our Chief Information Security Officer (CISO), working to maintain and scale our vulnerability management and compliance program by applying industry best practices wrapped around a cohesive risk management program.

Please note: This position may be located in Boston, MA or residence based.


  • Enhance and mature our vulnerability management program
  • Enhance and mature our Digital Tech compliance program from policies and procedure development to managing and monitoring third party assessments
  • Serve as an alternate team lead for Incident Response
  • Manage Information Security projects as assigned
  • Stay current on vulnerability management issues
  • Create and maintain documentation-supporting processes and tools

Desired Experience and Capabilities

  • BS or MS degree in Information Systems, Cyber Risk or related field, or an equivalent mix of education and experience
  • CISSP or industry equivalent certification, or the ability to obtain one within 12 months of hire
  • Minimum 10 years of experience in IT and cyber security; experience working in Life Sciences, a plus
  • Ability to communicate technical information to a wide variety of people in an easily understandable way
  • Proactive approach in communicating possible risks and recommendations to mitigate
  • Proven ability to drive improvement and evolve a vulnerability management program through collaborating effectively with cross-functional teams and getting buy-in from key stakeholders
  • Demonstrated track record of excellent customer service delivery, including working with developers, operations (Ops), and users to troubleshoot and resolve challenging problems in a timely manner
  • Strong architectural level of understanding of software, networks, and security operations
  • Experience in administering security program/controls in the US Government space (NIST/CMMC)
  • Strong knowledge of incident response, vulnerability management standards, industry best practices, and frameworks
  • Impeccable organizational and communication skills
  • Ability to thrive and stay calm in a fast-paced, high pressure, ever-changing cyber threat environment

We also feel that it’s important to point out the obvious here – there’s a serious lack of diversity in our industry, and that needs to change. Our goal is to help drive that change. Ginkgo is deeply committed to diversity, equity, and inclusion in all of its practices, especially when it comes to growing our team. Our culture promotes inclusion and embraces how rewarding it is to work with people from all walks of life.

We’re developing a powerful biological engineering platform, so we must remain mindful of the many ways our technology can – and will – impact people around the world. We care about how our platform is used, and having a diverse team to build it gives us the best chance that it’s something we’ll be proud of as it continues to grow. Therefore, it’s critical that we incorporate the diverse voices and visions of all those who play a role in the future of biology.

It is the policy of Ginkgo Bioworks to provide equal employment opportunities to all employees and employment applicants.

Report · Embed ·

How to apply

ATTN. Be careful! You should never send cash or cheques to a prospective employer, or provide your bank details or any other financial information. We pay great attention to vetting all jobs that appear on our site, but please get in touch if you see any roles asking for such payments or financial details from you. The employer won't know who reported this job.

Share this job

Personalised job alerts

Set up personalised e-mail alerts about similar jobs.

See a few more

Related jobs in DevOps & SysAdmin

Report this job

    The employer won't know who reported this job. Contact your local law enforcement for immediate help if someone is in danger or the victim of a scam.
    All Job Ads are subject to Jobicy's Job Posting Policies. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by Jobicy. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.

    Job Widget Code

    Place this code wherever you want the widget to appear on your page.

    <script src="//" async></script>

    Ask a Question

    Position: Principal Security Engineer.

    Login to Send Message