Exelixis logo

Staff Engineer - DevSecOps

Exelixis
June 26, 2026
Remote friendly (Alameda, CA)
United States
IT
Job Purpose:
Protect the organization’s digital infrastructure, data, and systems from internal and external cybersecurity threats by implementing, managing, and continuously improving security practices, tools, and operations, with a focus on cloud applications and infrastructure.

Responsibilities:
- Improve security posture by identifying weaknesses/vulnerabilities and implementing remediation.
- Partner with technology teams on initiatives to strengthen systems and operations.
- Investigate and respond to security events/incidents; contain threats, document findings, and escalate as needed.
- Monitor and analyze security logs and events from multiple sources.
- Track the threat landscape and emerging cybersecurity solutions to mitigate risks.
- Provide cyber expertise to internal staff, vendors, and partners.
- Follow industry best practices and procedures in a SOX and FDA regulated environment.

Qualifications:
- Bachelor’s degree in related discipline + 7 years related experience; or Master’s degree + 5 years; or equivalent education/experience.
- Certifications (preferred): CISSP, CISM, CEH, OSCP, GIAC, or similar.

Experience:
- Operate/implement cybersecurity tools.
- Design/implement/manage cloud security controls (IAM, VPC, Zero Trust, IaC, IAAS, Security Groups, KMS, SDLC, CI/CD, network security).
- Investigations and incident response.
- IT security/infrastructure administration in enterprise environments (technical lead preferred).
- Regulated industries experience (GxP/SOX preferred).
- Preferred: AWS Certified Security – Specialty.

Skills/Abilities:
- Strong IT infrastructure knowledge; advanced CLI/scripting (Python, PowerShell).
- Advanced AWS; advanced IaC/SDLC/CI/CD.
- Strong analytical, communication, and problem-solving skills; ability to handle confidential data and ambiguity.
- Architect secure cloud infrastructure across AWS and Azure; integrate SAST/SCA/DAST/dependency scanning into GitHub pipelines.

Benefits (as stated):
- 401(k) with company contributions; medical/dental/vision; life/disability; flexible spending accounts; discretionary annual bonus (or sales incentive for field sales); stock purchase; paid vacation/holidays; sick days.
- On-call availability for critical escalations; occasional travel (5%).