InfoSec Security Analyst
Passionate about making a difference in the world of cancer genomics?
With the advent of genomic sequencing, we can finally understand our genetic makeup. We now have more data than ever before but providers don't have the infrastructure or expertise to make sense of said data. Here at Tempus, we are building the infrastructure to modernize cancer treatment. By analyzing a patient’s genetic data in the context of molecular therapies, We empower physicians to make real-time data-driven decisions in clinic based on the comprehensive computational analysis of a patient’s unique pathology. We're looking for information security analysts who are passionate about changing the status quo and bringing cancer care into the 21st century.
As an Information Security Analyst, you’ll play a critical role in fulfilling the mission of Tempus by providing secure and private cancer care for our clients and their patients.
What You'll Do:
- Support the CISO with a number of security and privacy initiatives, including:
- Working to develop various security standards and guidelines.
- Implementing the security awareness training program.
- Performing periodic security audits.
- Evaluating the impact of new technologies on Tempus’ information security program.
- Working with external vendors such as a managed security services provider (MSSP).
- Addressing InfoSec-related helpdesk tickets, conducting investigations, and mitigating incidents.
- Coordinate with TechOps and other technical stakeholders on various cloud, data, and engineering projects.
Qualifications:
Must Have:
- Understanding and experience with various security products and concepts:
- Security appliances (SAs) and web application firewalls (WAFs)
- Security incident event managers (SIEM) tools
- Data loss prevention (DLP) products and concepts
- Mobile device management (MDM) and anti-virus/malware protection
- Network packet capture techniques
- Encryption & PKI
- Identity management (IDM, IDMaaS) products
- Vulnerability management products and concepts, and basic penetration testing methods
- Familiarity with forensics tools and techniques
- Minimum of 1-2 years of directly supporting an information security management program.
- 3-5 years of prior experience in a traditional IT operational role such as network or systems engineering.
Great if you have:
- Experience with auditing, policy writing, and risk management frameworks.
- Previous experience in the healthcare sector and/or with HIPAA/HITRUST compliance.
- Professional certifications such as SSCP, CISSP, CISM or CISA.
- BS or MS in Computer Science, Information Systems or related field.