Security Analyst
About Henry Meds:Tens of millions of Americans are unable to manage their chronic conditions with commercial medications. Using specialized compounded formulas tailored to individual patient needs, Henry helps people who have been left behind by the commercial market, all while remaining easy, accessible, and affordable. Our customers get access to the care they need, and save thousands of dollars on out-of-pocket healthcare expenses per year!
Enjoy the casual culture, remote-first workplace, and generous PTO/benefits!
Apply today to make a direct, daily impact in one of the fastest-growing startups in the country - we are excited to meet you!
Position Overview:
We seek a highly skilled Security Analyst to join our team and contribute to maintaining and enhancing our organization's security infrastructure. The ideal candidate will have hands-on experience with implementing security tools such as Datadog or SIEM solutions, endpoint security, and experience working within a GCP (Google Cloud Platform) environment. This role requires a deep understanding of security best practices, along with the ability to collaborate effectively within the organization.
Duties and Responsibilities:
- Implement and maintain security tools, focusing on Datadog, GCP, and DNS security.
- Leverage an email security platform to investigate, identify, and mitigate against email-related threats.
- Utilize our Mobile Device Management (MDM) platform to enhance endpoint security measures and ensure compliance with HIPAA regulations.
- Manage security within a GCP environment, including configuration and monitoring and IAM/PAM.
- Conduct security investigations, analyze security incidents, and implement effective response strategies.
- Evaluate security products and technologies for suitability within the organization's environment.
- Conduct comprehensive security assessments, including internal network and application penetration testing to identify vulnerabilities and recommend mitigation strategies.
- Facilitate questionnaires and other compliance assessments as required.
- Experience working within a HIPAA-compliant environment is preferred.
You will likely have:
- 4+ years of proven experience implementing and managing endpoint, email, DLP, IDP, DNS, SIEM, ZTNA/SASE, and cloud security tools.
- Experience with vulnerability scanning and pentesting tools.
- Hands-on experience with security within GCP or other cloud environments.
- Strong understanding of security implementation best practices and regulatory standards.
- Ability to conduct thorough security investigations and run effective response plan playbooks.
- Excellent communication and collaboration skills, with the ability to work effectively across teams and work with end users.
- Familiarity with risk assessment and mitigation techniques.
- Previous experience working in a regulatory environment, preferably within HIPAA compliance standards.
Nice to have of the role:
- Incident response experience
- Ability to perform vulnerability scans and pentests.
- Application security experience and integrating it into CI/CD pipeline.
- Red team experience or a strong desire to learn and perform red team work.
- Comptia Security+, Comptia CySA+, Offensive Security Certified Professional (OSCP), Google Cloud Professional Cloud Security Engineer, or similar certifications.
Company Offers:
- Platinum PPO Healthcare + Vision & Dental (Henry covers 99% for employees and 50% for their qualified dependents).
- 401(k) with matching contributions beginning your first day.
- Unlimited PTO.
- Fully remote position with occasional travel.
- Impactful, rewarding work as part of a fast-growing brand helping thousands of people every day.
Equal Opportunity Statement:
Henry Meds is committed to promoting an inclusive work environment free of discrimination and harassment. We value a diverse and balanced team where everyone can belong.
Applicants must be authorized to work for ANY employer in the U.S. We cannot sponsor or take over sponsorship of an employment Visa at this time.
Salary Range: 95-120K
This salary represents Henry Med's good faith and reasonable estimate of the possible compensation for this role at the time of posting, and Henry Meds may ultimately pay more or less than the posted salary. The final salary for this position will be determined by Henry Meds sole discretion, consistent with applicable law, and based on a variety of factors, including but not limited to the employee’s work experience, skills, and qualifications for the role, as well as the needs of Henry Meds business and other operational considerations.