Information Security Analyst (Remote)

Why join Freenome?

Freenome is a high-growth biotech company developing tests to detect cancer using a standard blood draw. To do this, Freenome uses a multiomics platform that combines tumor and non-tumor signals with machine learning to find cancer in its earliest, most-treatable stages.

Cancer is relentless. This is why Freenome is building the clinical, economic, and operational evidence to drive cancer screening and save lives. Our first screening test is for colorectal cancer (CRC) and advanced adenomas, and it’s just the beginning.

Founded in 2014, Freenome has ~500 employees and more than $1.1B in funding from key investors, such as the American Cancer Society, Andreessen Horowitz, Anthem Blue Cross, Bain Capital, Colorectal Cancer Alliance, DCVC, Fidelity, Google Ventures, Kaiser Permanente, Novartis, Perceptive Advisors, RA Capital, Roche, Sands Capital, T. Rowe Price, and Verily.

At Freenome, we aim to impact patients by empowering everyone to prevent, detect, and treat their disease. This, together with our high-performing culture of respect and cross-collaboration, is what motivates us to make every day count.

Become a Freenomer

Do you have what it takes to be a Freenomer? A “Freenomer” is a determined, mission-driven, results-oriented employee fueled by the opportunity to change the landscape of cancer and make a positive impact on patients’ lives. Freenomers bring their diverse experience, expertise, and personal perspective to solve problems and push to achieve what’s possible, one breakthrough at a time.

About this opportunity:

As an Information Security Analyst, you will help identify and reduce security risks in our office network and GCP cloud environment by implementing, maintaining, and monitoring security related events and incidents. This role investigates, analyzes, and responds to cyber incidents within the Freenome's local and cloud network, or enclave. You will provide your expertise regarding collecting evidence and do forensic analysis. You will act as an Information Security representative with your peers across all lines of business and central teams.

The role reports to the Director, Information Security.

What you’ll do:

• Develop log ingestion, aggregation, and retention strategies to meet policy, related standards, and operational requirements
• Troubleshoot system misconfigurations and recommend best practices for remediation
• Provide high quality written and verbal status reports, briefings, recommendations, and findings as required
• Analyze and investigate security events from various sources
• Ensure all relevant technical standards and policy documentation is reviewed and maintained throughout SOC technical capabilities
• Update SIEM/SOC documentation, processes and procedures and ensure currency, as required
• Excellent knowledge of Endpoint protection
• Engineer, implement, and administer the SIEM platform, open-source or commercial
• Manage security events as part of security operations, responding to urgent alerts, which may include off-hours investigation activities
• Create, modify, and tune the SIEM rules to adjust the specifications of alerts and incidents
• Triage and validate security alerts and escalate incidents, as required. Ensure that incidents are correctly reported, documented, investigated and concluded in accordance with operational policies and procedures
• Provide ideas and feedback to improve the overall SOC capabilities and maturity
• Analyze, design, build, tune, and support SIEM use cases across various business functions and security operational needs
• Maintain situational awareness of emerging cyber trends by reviewing open-source reports for recent vulnerabilities and other threats that have the potential to impact the services and incorporate this understanding into day-to-day security monitoring
• Maintain and support the operational integrity of SIEM/SOC toolsets
• Perform all other Information Security related duties as assigned and contribute to the success of the Information Security Team
• Good understanding of vulnerability assessment and management
• Assist with onboarding new data sources into our SIEM, analyze the data for anomalies and trends, and build dashboards highlighting the key trends of the data
• Helping to develop the SOC (Security Operation Center) roadmap by delivering SOC capabilities to the business and championing new ideas and initiatives to help improve new and existing capabilities

Must haves:

• Bachelor's degree in Information Security, computer science, business, or a related field, or equivalent in experience and expertise
• Excellent Google Cloud Platform knowledge
• Industry Certifications such as CISSP, CCSP, CCAK, CCSK, CISM, GCIH, GCIA, GSEC (Cloud security certification preferred)
• Well organized with good time management with strong attention to detail
• Hands-on experience in vulnerability assessment, red- and blue-teaming, IDS/IPS, SIEM and endpoint protection
• You enjoy working with a team and alone as the situation dictates
• Excellent analytical, interpersonal and communication skills both oral and written
• At least 3 years' hands-on experience in SIEM tools implementing, operating, maintaining, and incident management in mission critical environments

Nice to haves:

• Knowledge and expertise in a myriad of Information Security Solutions across cloud and IT security
• Understand threat analysis models like MITRE ATT&CK Framework
• A systematic problem-solving approach, coupled with effective communication skills and a sense of ownership and drive
• Working knowledge of creating and presenting awareness training content
• Ability to convey and explain complex technical information to non-technical staff
• Monitoring non-traditional IT services such as SaaS and cloud services
• Genomics or bioinformatics background
• Experience leveraging a development language to automate workflows, analysis, or integrations
• Proven experience with CASB and Cloud based logging and SIEM solutions
• Experience with a variety of operating systems, Cloud Data Platforms (GCP, AWS, Azure) and Cloud Computing (SaaS, PaaS, IaaS)

Benefits and additional information:

The US target range of our base salary for new hires is $102,000 - $155,000. You will also be eligible to receive pre-IPO equity, cash bonuses, and a full range of medical, financial, and other benefits depending on the position offered. Please note that individual total compensation for this position will be determined at the Company’s sole discretion and may vary based on several factors, including but not limited to, location, skill level, years and depth of relevant experience, and education. We invite you to check out our career page @ https://careers.freenome.com/ for additional company information.

Freenome is proud to be an equal-opportunity employer, and we value diversity. Freenome does not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law.

Applicants have rights under Federal Employment Laws.

• Employee Polygraph Protection Act (EPPA)
• Equal Employment Opportunity (EEO)
• Family & Medical Leave Act (FMLA)

#LI-Remote