Information Security Analyst

Color is a health technology company that makes population-scale healthcare programs accessible, convenient, and cost-effective for everyone.  We have raised $100 million in Series E funding, bringing our valuation to $4.6 billion and our total raised amount to $378 million. We work with governments, public health institutions, employers, and national health initiatives around the world to provide the tools for preventive health and infectious disease management, including testing, vaccinations, and other services.
What we offer: 💰 Competitive salary ✨  Comprehensive medical, dental, vision, life, and disability benefits. Including employer HSA contributions.📈  401k match 📝 Monthly lunch, phone, and wifi stipend for remote employees🏝 Generous vacation policy, paid holidays and company-wide recharge days💌  Monthly  stipend to spend on your well being🍼  Equal paid parental leave for birthing and non-birthing parents 🧬 Four complimentary clinical-grade genetic testing kits for you and your family
Apply to join Color and do the most meaningful work of your career. If you are not sure that you’re 100% qualified but are up for the challenge - we want you to apply! 

As an Information Security Analyst at Color, you will contribute to company-wide initiatives to automate, optimize, and secure Color’s infrastructure.  You will support building solutions to scale securely and directly impact Color’s overall security posture, access controls, systems, and processes. This role is an entry-level IC role, where you will partner on projects with other members of the Security Team, and  with other partners across the company. 

How You'll Contribute

• Contribute to improvements to the security of our code, infrastructure, and processes
• Contribute to maintaining and improving monitoring and alerting, vulnerability management, and incident response tooling and processes
• Help establish a positive security mindset across the org 
• Drive company-wide efforts to improve our security posture

Our Ideal Candidate Will Have

• 1-2+ years of industry experience in a related field, or completed security certification programs, or similar. 
• An understanding that security is a spectrum of risk vs cost, and that nothing is bulletproof or unbreakable.
• A belief in craft and pragmatism: solving the problem at hand with the best tools for the job, whether that's custom code, third party tools, human processes, or watchful waiting
• An excitement about collaborating with product engineers, lab scientists, academic researchers, business people, and others across Color’s organization
• An excitement for learning and modern security practices and techniques
• An ability to work in a collaborative development environment, giving/receiving feedback on code reviews and designs to help team members sharpen their thinking and practices
• Ability to execute independently on established protocols and workflows, while being proactive about seeking input from colleagues
• The desire to learn about all things security!

Projects You Might Tackle Include

• Assist in securing cloud infrastructure (monitoring & alerting, audit logs, etc.)
• Assist in penetration tests with external third-parties
• Triage, prioritize, implement, and help other engineers fix issues that arise
• Participate in coordinating, automating, and improving vulnerability management processes
• Maintain and tune logging and alerting tools
• Review and triage security disclosures from external researchers
• Support compliance efforts, eg FISMA and HIPAA

Color is an equal opportunity employer. In accordance with anti-discrimination law, it is the purpose of this policy to effectuate these principles and mandates. Color prohibits discrimination and harassment of any type and affords equal employment opportunities to employees and applicants without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Color conforms to the spirit as well as to the letter of all applicable laws and regulations.
Mandatory Vaccination Policy DisclosureCOVID-19 Vaccination Requirement: Color requires anyone working onsite or visiting Color’s offices to confirm they are fully vaccinated against COVID-19 unless a medical or religious accommodation is timely requested and approved.  Please reach out if you have questions or concerns about this policy and how it may apply to your candidacy for a role with Color.