Exact Sciences Corporation

Information Security Engineer

Job Locations US-WI-Madison
Req No.
Regular Full-Time

Summary of Major Responsibilities

The IT Security Engineer provides technical leadership on the design, installation, operation, service, and maintenance of a variety of multi-user information security systems. This position will support the operational security function with Exact Sciences to develop, maintain, and advance the security posture of the company in order to effectively protect corporate assets. As a hands-on technical specialist, the IT Security Engineer handles the complex and detailed technical work necessary to establish security systems; including, but not limited to, security information and event management (SIEM), and various data protection solutions.

Essential Duties and Responsibilities

Include, but are not limited to, the following:

  • Provide hands-on information security technical consult services to teams of technical specialists that work on the integration of shared, centralized, and networked systems.
  • Provide technical assistance with the initial set-up, secure deployment, and proper management of systems that support information security; including, but not limited to, virus detection systems, spyware and adware detection systems, spam filtering systems, content control software systems, web site blocking systems, intuition detection systems, and intrusion prevention systems.
  • Offer technical information security consult services to distributed personnel who are responsible for one or more information security systems; these people include, but are not limited to, network administration, infrastructure administration, and application administration roles.
  • Evaluate information system bug reports, security exploit reports, and other information security notices issued by information system vendors, government agencies, universities, professional associations, and other organizations; make recommendations to internal management and technical staff to take precautionary steps, as needed.
  • Act as the primary technical support liaison to ensure current and effective anti-virus systems, intrusion detection systems (IDSs), firewalls, data loss prevention systems, and other deployed security systems within Exact Sciences.
  • Execute and collaborate with others to run vulnerability identification software packages and related tools to immediately highlight errors in systems configuration, the need for the update of software with fixes and patches, and other security related changes.
  • With management authorization, collect, securely store, and utilize software that can decrypt encrypted files, automatically guess user passwords, copy software that has been copy-protected, or otherwise circumvents information security measures in support of security incident investigations and other special-situation security-related tasks.
  • Compile, maintain, and document a collection of software that can trace the source of and otherwise investigate attacks on Exact Sciences systems.
  • Act as a technical consultant on information security incident investigations and forensic technical analyses.
  • Conduct selected tests of information security measures in accordance with specific instructions defined by the information security office.
  • Interpret information security policies, standards, and other requirements as they relate to a specific internal information system and assist with the implementation of these and other information security requirements.
  • Redesign and reengineer internal information care processes so that information is appropriately protected from a wide variety of problems; including, but not limited to, unauthorized disclosure, unauthorized use, inappropriate modification, premature deletion, and unavailability.
  • Serve in an active, support role to the security incident response team (SIRT) and participate in security incident response efforts by having an in-depth knowledge of common security exploits, vulnerabilities, and countermeasures.
  • Develop technical documentation and describe the deployment, configuration, and management of shared, networked, and multi-user information security systems.
  • Regularly attend conferences, professional association meetings, and technical symposia to remain aware of the latest information security technological developments.
  • Strong interpersonal and communication skills.
  • Ability to successfully operate in a cross-cultural and complex matrix environment and build consensus across functions.
  • Ability to take a high degree of initiative, and work with little supervision.
  • Ability to be resilient to change and adapt quickly to changing priorities.
  • Ability to work within a fast-paced, cross-functional team environment.
  • Uphold company mission and values through accountability, innovation, integrity, quality, and teamwork.
  • Support and comply with the company’s Information Technology policies and procedures.
  • Regular and reliable attendance.
  • Ability to lift up to 10 pounds for approximately 20% of a typical working day.
  • Ability to travel 5% of working time away from work location, may include overnight/weekend travel.


Minimum Qualifications

  • Bachelor’s Degree in Business Administration or related field as outlined in the essential duties; or High School Diploma/General Education Degree and 4 years of relevant experience as outlined in the essential duties in lieu of Bachelor’s Degree.
  • 4+ years of experience in an IT security engineering role.
  • 2+ years of experience in an ISO 27001, SOX, HIPAA, HITECH, CLIA, and/or CAP regulatory setting.
  • Demonstrated ability to perform the Essential Duties of the position with or without accommodation.
  • Authorization to work in the United States without sponsorship.

Preferred Qualifications

  • Experience with SIEM implementation and administration.
  • Experience in information security within a public or private cloud infrastructure environment; including, but not limited to, Azure, and AWS.
  • Completion or coursework towards an information security certification.

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to age, color, creed, disability, gender identity, national origin, protected veteran status, race, religion, sex, sexual orientation, and any other status protected by applicable local, state or federal law. Applicable portions of the Company’s affirmative action program are available to any applicant or employee for inspection upon request.



Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed