Security Analyst

Summary

Join Henry Meds as a Security Analyst and contribute to maintaining and enhancing our organization's security infrastructure. This role requires hands-on experience with security tools like Datadog and SIEM solutions, endpoint security, and working within a GCP environment. You will implement and maintain security tools, investigate and mitigate threats, manage security within GCP, conduct security assessments, and collaborate effectively with the team. The ideal candidate possesses 4+ years of experience in implementing and managing various security tools and a strong understanding of security best practices and regulatory standards. Enjoy a casual culture, remote-first workplace, and generous PTO/benefits, including platinum PPO healthcare, 401k matching, unlimited PTO, and a fully remote position.

Requirements

• 4+ years of proven experience implementing and managing endpoint, email, DLP, IDP, DNS, SIEM, ZTNA/SASE, and cloud security tools
• Experience with vulnerability scanning and pentesting tools
• Hands-on experience with security within GCP or other cloud environments
• Strong understanding of security implementation best practices and regulatory standards
• Ability to conduct thorough security investigations and run effective response plan playbooks
• Excellent communication and collaboration skills, with the ability to work effectively across teams and work with end users
• Familiarity with risk assessment and mitigation techniques
• Previous experience working in a regulatory environment, preferably within HIPAA compliance standards

Responsibilities

• Implement and maintain security tools, focusing on Datadog, GCP, and DNS security
• Leverage an email security platform to investigate, identify, and mitigate against email-related threats
• Utilize our Mobile Device Management (MDM) platform to enhance endpoint security measures and ensure compliance with HIPAA regulations
• Manage security within a GCP environment, including configuration and monitoring and IAM/PAM
• Conduct security investigations, analyze security incidents, and implement effective response strategies
• Evaluate security products and technologies for suitability within the organization's environment
• Conduct comprehensive security assessments, including internal network and application penetration testing to identify vulnerabilities and recommend mitigation strategies
• Facilitate questionnaires and other compliance assessments as required

Preferred Qualifications

• Incident response experience
• Ability to perform vulnerability scans and pentests
• Application security experience and integrating it into CI/CD pipeline
• Red team experience or a strong desire to learn and perform red team work
• Comptia Security+, Comptia CySA+, Offensive Security Certified Professional (OSCP), Google Cloud Professional Cloud Security Engineer, or similar certifications

Benefits

• Platinum PPO Healthcare + Vision & Dental (Henry covers 99% for employees and 50% for their qualified dependents)
• 401(k) with matching contributions beginning your first day
• Unlimited PTO
• Fully remote position with occasional travel
• Impactful, rewarding work as part of a fast-growing brand helping thousands of people every day