Security Engineer (Automation) - AncestryDNA

  • 1300 W Traverse Pkwy, Lehi, UT 84043, USA
  • Full-time

Job Description

Ancestry is seeking a passionate and talented Security Engineer to join our world-class Information Security Engineering team. This is a technical (Software Development) role that will work with a variety of security tools and technologies protecting enterprise and production environments.

This role is responsible for helping to secure Ancestry’s systems, network infrastructure, endpoints, services, and data in a cloud environment. The security engineer will be considered a subject matter expert and will play a key role in assisting with our build-out and migration to the Amazon AWS cloud environment.

What you will do

  • Ensure enterprise security within AWS for a world-class web application and organization
  • Evaluate the effectiveness of existing security controls in meeting a defense in depth security model
  • Recommend, develop, deploy, maintain and support security controls that meet defense in depth goals and improve efficiency and capabilities through automation and machine learning
  • Collaborate with a team of other security professionals
  • Work with outside teams and handle incoming requests, implement security controls, respond to issues, troubleshoot reported problems and identify solutions
  • Continually improve security through a dynamic, iterative process
  • Create and maintain engineering documentation to meet compliance requirements
  • Provide tier-3 engineering support to a team of security analysts
  • Monitor and analyze output from existing endpoint protection solutions and tools



  • Bachelor’s Degree in Computer Science, Engineering, or related technical field required.
  • 2 years of development experience in several of these programming languages: Java, JS, Python, Node.js, Ruby, SQL, PHP, HTML, ObjectiveC
  • Minimum 2 years of experience as a Security Engineer, withing an Enterprise oganization with a technical emphasis in several layers of the OSI stack, including:

             - -Experience in network layer technologies (WAN/LAN/Firewall/IDS)

             - Experience in IT Infrastructure such as OS (Linux preferred), DB, and/or applications

             - Experience in programming

             - Experience in cloud technologies (AWS, Azure, etc.)

             - Experience with compliance standards (PCI, HIPAA, SOX, etc.)

             - Experience with security incident response

  • Experience with web application security controls such as web application firewalls, OWASP best practices, etc.
  • Experience with coding in Terraform (Infrastructure as code)
  • Experience developing designs, processes and procedures
  • Ability to work both independently and manage relationships and expectations with little supervision
  • Ability to work and collaborate within a team environment
  • Ability to work closely with and collaborate with other security professionals to develop incident response plans and procedures
  • Ability to operate effectively and efficiently in a high-demand environment
  • Excellent communications skills, capable of working with cross-functional technical and business teams and varying levels of management, in a professional manner
  • The desire to find efficiencies and automate detection and analysis
  • Knowledge of the latest attack trends, tools, and the threat landscape
  • Experience supporting industry accepted endpoint solutions (e.g. Symantec AV, McAfee ePO, Tripwire etc.)
  • Experience with scripting languages (developing, debugging and maintaining).


Preferred Qualifications

Proven ability to troubleshoot a variety of problems across a complex global network

Knowledge of identity management technologies such as: LDAP, SAML, OIDC, AD, SSH, RDP, multi-factor authentication, single-sign-on, etc.

Experience with security tools for GRC, incident response, vulnerability management

Experience with deployment technologies such as Chef, Ansible, etc.

Experience with code management technologies such as GibHub, Stash, etc,

Experience with setting up VPNs, configuring route tables, managing firewall rules, etc.

Self-motivated to learn and evangelize security awareness or best practices to an organization

Experience or knowledge of SSH Key Lifecycle Management and tools

Thorough knowledge of basic security concepts, such as authentication, authorization, and auditing

Proficiency in documenting Use Cases, Requirements, Test Cases, and Workflow Diagrams in a technical environment


Additional Information

We’re a cutting-edge tech company with a very human mission—to help every person discover, preserve, and share the story of what led to them. Combining the rich information in family trees and historical records with the genetic details revealed in DNA, we create unique experiences that give people a new understanding of their lives, because connecting all the pieces of our family story can give us the deepest sense of who we are.

For more information on what we do and why you would want to work at Ancestry, visit our careers

Ancestry is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at Ancestry via-email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Ancestry. No fee will be paid in the event the candidate is hired by Ancestry as a result of the referral or through other means . 

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.