Information Security Analyst (Remote)

Why join Freenome?

Freenome is a high-growth biotech company on a mission since 2014 to create tools that empower everyone to prevent, detect, and treat their disease. 

To achieve this mission, Freenome is developing next-generation blood tests to detect cancer in its earliest, most treatable stages using our multiomics platform and machine learning techniques. Our first blood test will detect early-stage colorectal cancer and advanced adenomas.

To fight the war on cancer, Freenome has raised more than $1.1B from leading investors including a16z, GV (formerly Google Ventures), T. Rowe Price, BainCapital, Perceptive Advisors, RA Capital Management, Roche, Kaiser Permanente Ventures, and the American Cancer Society’s BrightEdge Ventures. 

Are you ready for the fight? A ‘Freenomer’ is a mission-driven employee who is fueled by the opportunity to make a positive impact on patients' lives, who thrive in a culture of respect and cross collaboration, and whose work makes a significant impact on the company and their career. Freenomers are determined, patient-centric, and outcomes-driven. We build teams around divergent expertise, allowing us to solve problems and ascertain opportunities in unique ways. We are dedicated to advancing healthcare, one breakthrough at a time.

About this opportunity:

As an Information Security Analyst, you will help identify and reduce security risks in our office network and GCP cloud environment by implementing, maintaining and monitoring security related events and incidents. You will provide your expertise regarding collecting evidence and do forensic analysis. You will act as an Information Security representative with your peers across all lines of business and central teams.

What you’ll do:

• Engineer, implement, and administer the SIEM platform, open-source or commercial.
• Analyze, design, build, tune, and support SIEM use cases across various business functions and security operational needs.
• Create, modify, and tune the SIEM rules to adjust the specifications of alerts and incidents.
• Develop log ingestion, aggregation, and retention strategies to meet policy, related standards, and operational requirements.
• Assist with onboarding new data sources into our SIEM, analyze the data for anomalies and trends, and build dashboards highlighting the key trends of the data.
• Analyze and investigate security events from various sources.
• Triage and validate security alerts and escalate incidents, as required. Ensure that incidents are correctly reported and documented in accordance with operational policies and procedures.
• Manage security events as part of security operations, responding to urgent alerts, which may include off-hours investigation activities.
• Troubleshoot system misconfigurations and recommend best practices for remediation.
• Provide high quality written and verbal status reports, briefings, recommendations, and findings as required.
• Maintain and support the operational integrity of SIEM/SOC toolsets.
• Helping to develop the SOC (Security Operation Center) roadmap by delivering SOC capabilities to the business and championing new ideas and initiatives to help improve new and existing capabilities.
• Ensure all relevant technical standards and policy documentation is reviewed and maintained throughout SOC technical capabilities.
• Maintain situational awareness of emerging cyber trends by reviewing open-source reports for recent vulnerabilities and other threats that have the potential to impact the services and incorporate this understanding into day-to-day security monitoring.
• Excellent knowledge of Endpoint protection.
• Good understanding of vulnerability assessment and management.
• Update SIEM/SOC documentation, processes and procedures and ensure currency, as required.
• Provide ideas and feedback to improve the overall SOC capabilities and maturity.
• Perform all other Information Security related duties as assigned and contribute to the success of the Information Security Team.

Must haves: 

• Bachelor's degree in Information Security, computer science, business, or a related field, or equivalent in experience and expertise.
• Excellent Google Cloud Platform knowledge.
• At least 3 years' hands-on experience in SIEM tools implementing, operating and incident management in mission critical environments. 
• Industry Certifications such as CISSP, CCSP, CCAK, CCSK, CISM, GCIH, GCIA, GSEC (Cloud security certification preferred).

Nice to haves: 

• Proven experience with CASB and Cloud based logging and SIEM solutions.
• Understand threat analysis models like MITRE ATT&CK Framework.
• Knowledge and expertise in a myriad of Information Security Solutions across cloud and IT security.
• Experience with a variety of operating systems, Cloud Data Platforms (GCP, AWS, Azure) and Cloud Computing (SaaS, PaaS, IaaS).
• Monitoring non-traditional IT services such as SaaS and cloud services.
• Experience leveraging a development language to automate workflows, analysis, or integrations.
• Excellent analytical, interpersonal and communication skills both oral and written.
• Strong attention to detail.
• Self-directed / self-motivated.
• Result oriented with a hands-on mindset.
• Can-Do attitude.
• Ability to convey and explain complex technical information to non-technical staff.

Benefits and additional information:

The US target range of our base salary for new hires is $110,500 - $150,000. You will also be eligible to receive pre-IPO equity, cash bonuses, and a full range of medical, financial, and other benefits dependent on the position offered.  Please note that individual total compensation for this position will be determined at the Company’s sole discretion and may vary based on several factors, including but not limited to, location, skill level, years and depth of relevant experience, and education. We invite you to check out our career page @ https://careers.freenome.com/ for additional company information.  

Freenome is proud to be an equal opportunity employer and we value diversity. Freenome does not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law.

Applicants have rights under Federal Employment Laws.  

• Family & Medical Leave Act (FMLA)
• Equal Employment Opportunity (EEO)
• Employee Polygraph Protection Act (EPPA)

#LI-Remote