Senior Information Security Analyst

Remote

Posted on 8/1/2023

INACTIVE

501-1,000 employees

Blood test cancer detection biotech company

Company Overview

Freenome's mission is to empower everyone to prevent, detect, and treat disease by developing high-quality diagnostic tests. The developing next-generation blood tests powered by their multiomics platform to discover the body’s earliest warning signs of cancer, and develop accessible tests to detect cancer in its earliest, most treatable stages.

AI & Machine Learning

Data & Analytics

Company Stage

Private

Total Funding

$1.1B

Founded

2014

Headquarters

South San Francisco, California

Growth & Insights

Headcount

6 month growth

↑ 2%

1 year growth

↑ 11%

2 year growth

↑ 60%

Locations

San Bruno, CA, USA

Experience Level

Entry

Junior

Mid

Senior

Expert

Desired Skills

AWS

Google Cloud Platform

Management

Microsoft Azure

Communications

CategoriesNew

IT & Security

Requirements

Bachelor's or Master’s degree in Information Security, computer science, business, or a related field, or equivalent in experience and expertise
At least 3 years' hands-on experience in SIEM tools implementing, operating, maintaining, and incident management in mission critical environments
Excellent Google Cloud Platform knowledge
Industry Certifications such as CISSP, CCSP, CCAK, CCSK, CISM, GCIH, GCIA, GSEC (Cloud security certification preferred)
Hands-on experience in vulnerability assessment, red- and blue-teaming, IDS/IPS, SIEM and endpoint protection
You enjoy working with a team and alone as the situation dictates
Well organized with good time management with strong attention to detail
Excellent analytical, interpersonal and communication skills both oral and written

Responsibilities

Engineer, implement, and administer the SIEM platform, open-source or commercial
Analyze, design, build, tune, and support SIEM use cases across various business functions and security operational needs
Create, modify, and tune the SIEM rules to adjust the specifications of alerts and incidents
Develop log ingestion, aggregation, and retention strategies to meet policy, related standards, and operational requirements
Assist with onboarding new data sources into our SIEM, analyze the data for anomalies and trends, and build dashboards highlighting the key trends of the data
Analyze and investigate security events from various sources
Triage and validate security alerts and escalate incidents, as required. Ensure that incidents are correctly reported, documented, investigated and concluded in accordance with operational policies and procedures
Manage security events as part of security operations, responding to urgent alerts, which may include off-hours investigation activities
Troubleshoot system misconfigurations and recommend best practices for remediation
Provide high quality written and verbal status reports, briefings, recommendations, and findings as required
Maintain and support the operational integrity of SIEM/SOC toolsets
Helping to develop the SOC (Security Operation Center) roadmap by delivering SOC capabilities to the business and championing new ideas and initiatives to help improve new and existing capabilities
Ensure all relevant technical standards and policy documentation is reviewed and maintained throughout SOC technical capabilities
Maintain situational awareness of emerging cyber trends by reviewing open-source reports for recent vulnerabilities and other threats that have the potential to impact the services and incorporate this understanding into day-to-day security monitoring
Excellent knowledge of Endpoint protection
Good understanding of vulnerability assessment and management
Update SIEM/SOC documentation, processes and procedures and ensure currency, as required
Provide ideas and feedback to improve the overall SOC capabilities and maturity
Perform all other Information Security related duties as assigned and contribute to the success of the Information Security Team

Desired Qualifications

Proven experience with CASB and Cloud based logging and SIEM solutions
Understand threat analysis models like MITRE ATT&CK Framework
Knowledge and expertise in a myriad of Information Security Solutions across cloud and IT security
Experience with a variety of operating systems, Cloud Data Platforms (GCP, AWS, Azure) and Cloud Computing (SaaS, PaaS, IaaS)
Monitoring non-traditional IT services such as SaaS and cloud services
Experience leveraging a development language to automate workflows, analysis, or integrations
Ability to convey and explain complex technical information to non-technical staff
A systematic problem-solving approach, coupled with effective communication skills and a sense of ownership and drive
Working knowledge of creating and presenting awareness training content
Genomics or bioinformatics background

Why join Freenome?

Freenome is a high-growth biotech company developing tests to detect cancer using a standard blood draw. To do this, Freenome uses a multiomics platform that combines tumor and non-tumor signals with machine learning to find cancer in its earliest, most-treatable stages.

Cancer is relentless. This is why Freenome is building the clinical, economic, and operational evidence to drive cancer screening and save lives. Our first screening test is for colorectal cancer (CRC) and advanced adenomas, and it’s just the beginning.

Founded in 2014, Freenome has ~500 employees and more than $1.1B in funding from key investors, such as the American Cancer Society, Andreessen Horowitz, Anthem Blue Cross, Bain Capital, Colorectal Cancer Alliance, DCVC, Fidelity, Google Ventures, Kaiser Permanente, Novartis, Perceptive Advisors, RA Capital, Roche, Sands Capital, T. Rowe Price, and Verily.

At Freenome, we aim to impact patients by empowering everyone to prevent, detect, and treat their disease. This, together with our high-performing culture of respect and cross-collaboration, is what motivates us to make every day count.

Become a Freenomer

Do you have what it takes to be a Freenomer? A “Freenomer” is a determined, mission-driven, results-oriented employee fueled by the opportunity to change the landscape of cancer and make a positive impact on patients’ lives. Freenomers bring their diverse experience, expertise, and personal perspective to solve problems and push to achieve what’s possible, one breakthrough at a time.

About this opportunity:

As a Senior Information Security Analyst, you will help identify and reduce security risks in our office network and GCP cloud environment by implementing, maintaining, and monitoring security related events and incidents. This role investigates, analyzes, and responds to cyber incidents within the Freenome’s local and cloud network, or enclave. You will provide your expertise regarding collecting evidence and do forensic analysis. You will act as an Information Security representative with your peers across all lines of business and central teams.

The role reports to the Director, Information Security.

What you’ll do:

Engineer, implement, and administer the SIEM platform, open-source or commercial
Analyze, design, build, tune, and support SIEM use cases across various business functions and security operational needs
Create, modify, and tune the SIEM rules to adjust the specifications of alerts and incidents
Develop log ingestion, aggregation, and retention strategies to meet policy, related standards, and operational requirements
Assist with onboarding new data sources into our SIEM, analyze the data for anomalies and trends, and build dashboards highlighting the key trends of the data
Analyze and investigate security events from various sources
Triage and validate security alerts and escalate incidents, as required. Ensure that incidents are correctly reported, documented, investigated and concluded in accordance with operational policies and procedures
Manage security events as part of security operations, responding to urgent alerts, which may include off-hours investigation activities
Troubleshoot system misconfigurations and recommend best practices for remediation
Provide high quality written and verbal status reports, briefings, recommendations, and findings as required
Maintain and support the operational integrity of SIEM/SOC toolsets
Helping to develop the SOC (Security Operation Center) roadmap by delivering SOC capabilities to the business and championing new ideas and initiatives to help improve new and existing capabilities
Ensure all relevant technical standards and policy documentation is reviewed and maintained throughout SOC technical capabilities
Maintain situational awareness of emerging cyber trends by reviewing open-source reports for recent vulnerabilities and other threats that have the potential to impact the services and incorporate this understanding into day-to-day security monitoring
Excellent knowledge of Endpoint protection
Good understanding of vulnerability assessment and management
Update SIEM/SOC documentation, processes and procedures and ensure currency, as required
Provide ideas and feedback to improve the overall SOC capabilities and maturity
Perform all other Information Security related duties as assigned and contribute to the success of the Information Security Team

Must haves:

Bachelor’s or Master’s degree in Information Security, computer science, business, or a related field, or equivalent in experience and expertise
At least 3 years’ hands-on experience in SIEM tools implementing, operating, maintaining, and incident management in mission critical environments
Excellent Google Cloud Platform knowledge
Industry Certifications such as CISSP, CCSP, CCAK, CCSK, CISM, GCIH, GCIA, GSEC (Cloud security certification preferred)
Hands-on experience in vulnerability assessment, red- and blue-teaming, IDS/IPS, SIEM and endpoint protection
You enjoy working with a team and alone as the situation dictates
Well organized with good time management with strong attention to detail
Excellent analytical, interpersonal and communication skills both oral and written

Nice to haves:

Proven experience with CASB and Cloud based logging and SIEM solutions
Understand threat analysis models like MITRE ATT&CK Framework
Knowledge and expertise in a myriad of Information Security Solutions across cloud and IT security
Experience with a variety of operating systems, Cloud Data Platforms (GCP, AWS, Azure) and Cloud Computing (SaaS, PaaS, IaaS)
Monitoring non-traditional IT services such as SaaS and cloud services
Experience leveraging a development language to automate workflows, analysis, or integrations
Ability to convey and explain complex technical information to non-technical staff
A systematic problem-solving approach, coupled with effective communication skills and a sense of ownership and drive
Working knowledge of creating and presenting awareness training content
Genomics or bioinformatics background

Benefits and additional information:

The US target range of our base salary for new hires is $102,000 - $155,000. You will also be eligible to receive pre-IPO equity, cash bonuses, and a full range of medical, financial, and other benefits depending on the position offered. Please note that individual total compensation for this position will be determined at the Company’s sole discretion and may vary based on several factors, including but not limited to, location, skill level, years and depth of relevant experience, and education. We invite you to check out our career page @ https://careers.freenome.com/ for additional company information.

Freenome is proud to be an equal-opportunity employer, and we value diversity. Freenome does not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law.

Applicants have rights under Federal Employment Laws.

#LI-Remote