Security Analyst (Remote)
Toronto, Ontario
BenchSci
BenchSci is a world leader in AI solutions for preclinical R&D. Using proprietary technology, we help decode the complexity of biomedical research.BenchSci's vision is to help scientists bring novel medicine to patients 50% faster by 2025. We empower scientists to run more successful experiments with the world's most advanced, biomedical artificial intelligence software platform. Backed by F-Prime, Inovia, Golden Ventures, and Google's AI fund, Gradient Ventures, we provide an indispensable tool for scientists that accelerates research at 16 top 20 pharmaceutical companies and over 4,300 leading academic centers. We're a certified Great Place to Work®, and top-ranked company on Glassdoor.
We are looking for a Security Analyst to join our Governance, Risk, and Compliance Team. You will report to the Director, Governance, Risk, Compliance and Privacy.
The Governance Risk and Compliance team ensures that BenchSci is operating effectively and protecting our interests. As we have grown and added tools and vendors, our risk level has increased. The security analyst ensures that BenchSci maintains a strong security posture and that we continue to follow our compliance requirements as we continue to expand and ramp up our offerings.
As a security analyst at BenchSci, you will provide assurance to us that the processes we have developed follow industry best practices and are monitored. You will respond to requests around client and industry certification audits as well as, investigate alerts generated by monitoring tools and/ or threats surfaced through NIST or other industry sources.
Your role at BenchSci is collaborative as you work across the organization to help investigate potential issues that may arise and help asses new vendors, partners, and tools. Understanding the risk associated with potential issues means that you will also draft security and compliance briefs.
You Will:
- Conduct vendor assessments to ensure that they are following best practices.
- Review external and internal threats that may be triggered through the security monitoring tools deployed for endpoints and applications.
- Work with vendors to assess vulnerabilities and agree on an approach for remediation on endpoints.
- Maintain a security information and event management (SIEM) platform along with our infrastructure team.
- Be the escalation contact for support teams to ensure the resolution of issues/requests are completed.
- Identify areas of automation, and service improvement around our security posture and provide inputs to capability roadmaps to ensure ongoing improvement and enhancement of services
- Provide subject matter expertise for users, in their usage of our and our vendor products.
- Support legal and compliance requirements for logging and other related collaboration services.
- Collaborate with our infrastructure security and IT teams to maintain security levels and standards.
You Have:
- 5 or more years supporting collaboration services for a small to a mid-size organization (150-1000 users)
- Expertise in Google Suite, and Google Cloud Platform services and tools, including configurations, policies, access, and security.
- Knowledge of the following specific technologies including:
- Data Archiving and Journaling Technologies
- SIEM retention policies.
- Email security (SPF, DKIM, DMARC and blacklists/spam lists) to ensure our emails are making it to our customers.
- DLP tools
- Understand the link between our needs, end-user experience and IT operations.
- Experience working through third-party audits, specifically SOC2 Type 2, or ISO27001
- Understanding of Privacy Concepts in Canada or Worldwide (CASL, PIPEDA, CCPA, GDPR, etc.)
Our Culture:At BenchSci, we’re committed to cultivating an inspiring, inclusive, and equitable work environment for high performing, ego-free, self-starting individuals with a growth mindset, who enjoy the challenge of solving hard problems. We recognize that everyone here is a person first and an employee second. We want people to feel cared for and supported to bring the best versions of themselves to work and help the company achieve its mission. We believe culture is critical to success and invest accordingly. We live and promote our FASTT values of Focused, Advancement with Speed, Tenacity, and Transparency. We work hard to maintain an engaging, supportive environment where everyone can do their best work. To learn more, read our culture deck.
Diversity, Equity and Inclusion:We're committed to creating an inclusive environment where people from all backgrounds can thrive. We believe that improving diversity, equity and inclusion is our collective responsibility, and this belief guides our DEI journey. To learn more, read about our DEI initiatives.
Accessibility Accommodations:BenchSci provides accessibility accommodations during the recruitment process. Should you require any accommodation, we will work with you to meet your needs.
BenchSci is a remote first organization. At this moment, we are welcoming applicants from Canada, the US and the UK for this position.
#LI-Remote
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Artificial Intelligence Audits Automation CCPA Cloud Compliance GCP GDPR Governance ISO 27001 Monitoring NIST Privacy SIEM SOC 2 Vulnerabilities
Perks/benefits: Career development Competitive pay Equity Flex vacation Health care Parental leave Startup environment Transparency Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Engineer jobs
- Open Senior Cyber Security Specialist jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs