• Bachelor's or Master’s degree in Information Security, computer science, business, or a related field, or equivalent in experience and expertise
• At least 3 years' hands-on experience in SIEM tools implementing, operating, maintaining, and incident management in mission critical environments
• Excellent Google Cloud Platform knowledge
• Industry Certifications such as CISSP, CCSP, CCAK, CCSK, CISM, GCIH, GCIA, GSEC (Cloud security certification preferred)
• Hands-on experience in vulnerability assessment, red- and blue-teaming, IDS/IPS, SIEM and endpoint protection
• You enjoy working with a team and alone as the situation dictates
• Well organized with good time management with strong attention to detail
• Excellent analytical, interpersonal and communication skills both oral and written

Desirable

• As an Information Security Analyst, you will help identify and reduce security risks in our office network and GCP cloud environment by implementing, maintaining, and monitoring security related events and incidents
• This role investigates, analyzes, and responds to cyber incidents within the Freenome's local and cloud network, or enclave
• You will provide your expertise regarding collecting evidence and do forensic analysis
• You will act as an Information Security representative with your peers across all lines of business and central teams
• The role reports to the Director, Information Security
• Engineer, implement, and administer the SIEM platform, open-source or commercial
• Analyze, design, build, tune, and support SIEM use cases across various business functions and security operational needs
• Create, modify, and tune the SIEM rules to adjust the specifications of alerts and incidents
• Develop log ingestion, aggregation, and retention strategies to meet policy, related standards, and operational requirements
• Assist with onboarding new data sources into our SIEM, analyze the data for anomalies and trends, and build dashboards highlighting the key trends of the data
• Analyze and investigate security events from various sources
• Triage and validate security alerts and escalate incidents, as required. Ensure that incidents are correctly reported, documented, investigated and concluded in accordance with operational policies and procedures
• Manage security events as part of security operations, responding to urgent alerts, which may include off-hours investigation activities
• Troubleshoot system misconfigurations and recommend best practices for remediation
• Provide high quality written and verbal status reports, briefings, recommendations, and findings as required
• Maintain and support the operational integrity of SIEM/SOC toolsets
• Helping to develop the SOC (Security Operation Center) roadmap by delivering SOC capabilities to the business and championing new ideas and initiatives to help improve new and existing capabilities
• Ensure all relevant technical standards and policy documentation is reviewed and maintained throughout SOC technical capabilities
• Maintain situational awareness of emerging cyber trends by reviewing open-source reports for recent vulnerabilities and other threats that have the potential to impact the services and incorporate this understanding into day-to-day security monitoring
• Excellent knowledge of Endpoint protection
• Good understanding of vulnerability assessment and management
• Update SIEM/SOC documentation, processes and procedures and ensure currency, as required
• Provide ideas and feedback to improve the overall SOC capabilities and maturity
• Perform all other Information Security related duties as assigned and contribute to the success of the Information Security Team