Senior Information Security Analyst - Verana Health None Bookmark Share Print 171 0 0

Listing Description

Verana Health, a digital health company that delivers quality drug lifecycle and medical practice insights from an exclusive real-world data network, recently secured a $150 million Series E led by Johnson & Johnson Innovation – JJDC, Inc. (JJDC) and Novo Growth, the growth-stage investment arm of Novo Holdings. 


Existing Verana Health investors GV (formerly Google Ventures), Casdin Capital, and Brook Byers also joined the round, as well as notable new investors, including the Merck Global Health Innovation Fund, THVC, and Breyer Capital.


Our team is reinventing how medical research happens with data and technology. This is a company built by and for people who are looking to get out of their comfort zone and try new things, who want to learn and grow quickly, and who seek to be part of a mission-driven team committed to improving patient lives. Our headquarters are located in San Francisco and we have additional offices in Knoxville, TN and New York City with employees working remotely in AZ, CA, CO, CT, FL, GA, IL, LA, MA, NC, NJ, NY, OH, OR, PA, TN, TX, UT , VA, WA, WI. All employees are required to have permanent residency in one of these states. Candidates who are willing to relocate are also encouraged to apply. 


We cannot currently sponsor H1-B or OPT visas at this time.


Job Title: Senior Information Security Analyst


We are seeking a Senior Information Security Analyst who will share responsibility for foundational services and tools to meet compliance requirements, while ensuring data security for partner, patient and provider data, as well as data accessibility controls infrastructure. This role is a remote position and will report to the Senior Manager, Security. There is a tremendous opportunity to learn and grow, while being an integral part of Verana’s mission. 


The Senior information Security Analyst will perform work in a cloud environment using various tools and platforms for security operations and application security.  


Job Duties and Responsibilities:



  • The individual will be working in core areas in security related to vendor security, customer security, security audits, security engineering and architecture, and AWS security.

  • Work with internal teams in implementing security policies and procedures

  • Develop and maintain relevant risk metrics for all relevant stakeholders

  • Assessing the risks associated with proposed projects and vendors, and implementing resolutions

  • Analyze various security logs and related security events to determine risk and develop the necessary action plans

  • Provide vulnerability assessments and provide remediation plans and monitor vulnerabilities generated by the Vulnerability management software

  • Ensure Verana’s information security systems are configured and operating according to Verana’s policies and standards

  • Monitors and assists in approving authentication and access controls in AWS cloud, including provisioning, changes, and de-provisioning of user and system accounts, security/access roles, and access permissions to information assets

  • Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance

  • Ensure that vendors and other stakeholders  can view and secure their data in our environment

  • Coordinate the implementation of corrective actions where necessary, including checking database and system logs to ensure audit compliance

  • Assist in client security audits and questionnaires

  • Monitor and ensure security control effectiveness (eg working with other teams to patch systems or/and Firewall changes)

  • Own our 3rd party Vendor risk management program

  • Prepare and document standard security protocols

  • Testing security solutions using industry standard analysis criteria

  • Provide reports to management on key metrics pertaining to security-related issues

  • Helping plan the organization’s information security strategy

  • Educating staff members on information security through training and awareness

  • Collaborate with the IT and DevOps teams to enhance data security, continually reevaluating based on data security best practices


 


Basic Requirements:



  • A Bachelor's degree in computer science, information systems or other related fields. Equivalent years of experience and education will be considered. 

  • 3+ years of experience with technologies such as Vulnerability Management, Identity Management, Data Protection, Security Information and Event Management (SIEM), Anti-Virus, Data Loss Prevention, Endpoint Detection and Response, and Privileged Access Management

  • 3+ years of IT based experience working in a security role, focusing on information security analysis

  • Knowledge of  the following tools and platforms; AWS Cloud, Tenable, Splunk, Zscaler, Vulcan and Datadog

  • Thorough understanding of the latest security principles, techniques, and protocols

  • Experience in monitoring  and maintaining robust security systems

  • Exhibits strong background in analyzing trends, news and changes in threat and compliance environment with respect to organizational risk; to advise a management and related team members

  • Experience with HITRUST, SOC2  certification process or other security and compliance framework such as HIPAA, NIST etc is preferred

  • Strong focus in developing and executing plans for compliance and mitigation of risk; performing risk and compliance self-assessments, while engaging and coordinating third-party risk and compliance assessments

  • Ability to work independently and collaboratively, in a fast-paced, start-up environment 

  • Relevant experience in monitoring, and supporting large scale solutions

  • Demonstrable experience coordinating multiple issues, in high pressure situations

  • Experience with AWS’s cloud solution environment

  • Excellent verbal and written communication and skills


 


Benefits:


Verana Health values our employees well-being and happiness. We provide fully covered health, vision and dental for employees, flexible vacation plans, learning and development allowances, a generous parental leave policy, 401K and commuter benefits. 


Final note:


You do not need to match every listed expectation to apply for this position. Here at Verana, we know that diverse perspectives foster the innovation we need to be successful, and we are committed to building a team that encompasses a variety of backgrounds, experiences, and skills.


#LI-BS1


#BI-Remote


#LI-Remote


 


 


Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765