Senior Information Security Analyst II - Remote
Company: Freenome
Location: Washington
Posted on: June 24, 2025
|
|
|
Job Description:
Freenome is a high-growth biotech company developing tests to
detect cancer using a standard blood draw. To do this, Freenome
uses a multiomics platform that combines tumor and non-tumor
signals with machine learning to find cancer in its earliest,
most-treatable stages. Cancer is relentless. This is why Freenome
is building the clinical, economic, and operational evidence to
drive cancer screening and save lives. Our first screening test is
for colorectal cancer (CRC) and advanced adenomas, and it’s just
the beginning. Founded in 2014, Freenome has ~400 employees and
continues to grow to match the scope of our ambitions to provide
access to better screening and earlier cancer detection. At
Freenome, we aim to impact patients by empowering everyone to
prevent, detect, and treat their disease. This, together with our
high-performing culture of respect and cross-collaboration, is what
motivates us to make every day count. Become a Freenomer Do you
have what it takes to be a Freenomer? A “Freenomer” is a
determined, mission-driven, results-oriented employee fueled by the
opportunity to change the landscape of cancer and make a positive
impact on patients’ lives. Freenomers bring their diverse
experience, expertise, and personal perspective to solve problems
and push to achieve what’s possible, one breakthrough at a time.
About this opportunity: At Freenome, the Senior Information
Security Analyst plays a key role in protecting the organizations
information assets by implementing, maintaining and monitoring
security related events and incidents. This role investigates,
analyzes, and responds to cyber incidents within the Freenomes
local and cloud networks, or enclaves and will provide expertise
regarding collecting evidence and do forensic analysis. This role
will also define and implement security controls, ensuring
compliance with relevant regulations and standards, and providing
expertise in securing cloud of office environments. This position
requires a blend of technical security skills, compliance
knowledge, and a proactive approach to identifying and mitigating
risks. This position will report directly to the Director of
Information Security. This role will be a Remote role. What you’ll
do: Security Operations: Implement, maintain, monitor and improve
security systems (e.g., SIEM, IDS/IPS) to detect, alert and respond
to security incidents. Conduct security investigations and perform
root cause analysis. Ensure that incidents are correctly reported,
documented, investigated and concluded in accordance with
operational policies and procedures. Manage security events as part
of security operations, responding to urgent alerts, which may
include off-hours investigation activities. Manage and maintain
security infrastructure (e.g., cloud firewalls, VPNs). Perform
vulnerability assessments and penetration testing. Excellent
knowledge of Endpoint protection. Provide technical security
expertise and guidance to other teams. Evaluate and recommend new
security technologies and solutions. Provide ideas and feedback to
improve the overall SOC capabilities and maturity. Perform all
other Information Security related duties as assigned and
contribute to the success of the Information Security Team.
Compliance: Participate in internal and external security audits.
Perform regular asset, account and access reviews. Assist in the
development, maintenance, and implementation of security policies,
standards, and procedures. Ensure compliance with relevant
regulations and standards (e.g., HITRUST, NIST 800-53r5 and SOC 2
Type 2). Track and remediate compliance findings. Cloud Security:
Design, implement, and maintain security controls for cloud
environments. Collaborate with IT to ensure the security of Cloud
services, including virtual machines, storage, networking, and
databases. Conduct security assessments of cloud configurations and
deployments. Develop and maintain cloud security best practices and
guidelines. Stay up-to-date on security best practices and emerging
threats Must haves: Bachelors degree in Information Security, or a
related field. 8 years of experience working in Information
Security. Current CISSP certification. Strong understanding of
security principles, technologies, and best practices. At least 3
years hands-on experience in SIEM tools implementing, operating,
maintaining, and incident management in mission critical
environments. Experience with vulnerability management and
penetration testing. Familiarity with relevant regulations and
standards (HITRUST, NIST 800-53r5, SOC 2 Type 2). Strong analytical
and problem-solving skills. Ability to work independently and as
part of a team. Nice to haves: Other Security certifications (e.g.,
CCSP, CCAK, CCSK, CISM, GCIH, GCIA, GSEC, Azure Security Engineer
Associate, GCP Cloud Security Engineer). Experience with scripting
languages (e.g., Python, PowerShell, Bash). In-depth knowledge of
Microsoft Azure security services and best practices. Experience
with security automation and orchestration. Experience with
Governance, Risk, and Compliance (GRC) tools. Can-Do attitude.
Knowledge and expertise in a myriad of Information Security
Solutions across cloud and IT security. Excellent analytical,
interpersonal and communication skills both oral and written. An
unwavering personal integrity and work ethic. A systematic
problem-solving approach, coupled with effective communication
skills and a sense of ownership and drive. Benefits and additional
information: The US target range of our base salary for new hires
is $131,325 - $201,000. You will also be eligible to receive
pre-IPO equity, cash bonuses, and a full range of medical,
financial, and other benefits depending on the position offered.
Please note that individual total compensation for this position
will be determined at the Company’s sole discretion and may vary
based on several factors, including but not limited to, location,
skill level, years and depth of relevant experience, and education.
Freenome is proud to be an equal-opportunity employer, and we value
diversity. Freenome does not discriminate on the basis of race,
color, religion, marital status, age, national origin, ancestry,
physical or mental disability, medical condition, pregnancy,
genetic information, gender, sexual orientation, gender identity or
expression, veteran status, or any other status protected under
federal, state, or local law.
Keywords: Freenome, Franconia , Senior Information Security Analyst II - Remote, IT / Software / Systems , Washington, Virginia
