Dexcom
Staff Cybersecurity Engineer (Application Security and Pentesting)
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About Dexcom
Dexcom, Inc. is a medical technology company based in San Diego, California, founded in 1999. The company specializes in continuous glucose monitoring (CGM) systems designed to enhance diabetes management for users worldwide. With around 10,300 employees, Dexcom operates globally, including manufacturing facilities in Arizona, Malaysia, and Ireland. The company is recognized as a leader in glucose biosensing, serving millions of individuals with Type 1 and Type 2 diabetes. Dexcom's primary products include the Dexcom G6 and G7 CGM systems, which provide real-time glucose data through small under-skin sensors. These sensors transmit information wirelessly to smartphones and other devices, allowing users to manage their blood sugar levels without routine fingersticks. The company emphasizes user-friendly features, customizable alerts, and integration with insulin pumps. Dexcom also invests in broader biosensing technologies through Dexcom Ventures, aiming to simplify diabetes care and improve patient outcomes.
Security at Dexcom
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
- Dexcom's stated mission is 'Your data is our responsibility,' supported by ISO/IEC 27001:2022 certification.
- Their operational philosophy emphasizes developer enablement by 'integrating and automating SAST, SCA, and DAST technology into the SDLC' and 'promoting awareness of application security and secure coding standards.' A vendor case study from Fianu (January 2023) suggests a goal of reducing manual processes, though this source is flagged for staleness.
Security Team
The AppSec team (referred to as Product Security) has a reporting structure where regional roles 'report to the APAC IT team with a dotted line to the corporate InfoSec Product Security team.' Key leaders include Vidhya Jayabalan (Product Security) and Richard Staehler III (Enterprise IT/Product Security). As of February 2026, there are at least two active senior AppSec job postings. Total team size is not publicly available.
Key Initiatives
Dexcom's AppSec initiatives include 'shifting left' by integrating SAST/SCA/DAST into the SDLC and having security engineers 'represent InfoSec in local application/system design reviews and code reviews.' Vulnerability management involves performing 'web application penetration testing on critical applications' and integrating security tools into the SIEM. There is no public evidence of a Security Champions program or specific remediation SLAs.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.