Phreesia is look for a Senior Information Security Analyst, Incident Detection and Responseto join our growing team!
The Senior Information Security Analyst, Incident Detection and Response serves as the first line of defense in identifying attacks against Phreesia’s people, critical business processes, and information assets. This position will manage and expand robust incident detection, analysis, and response capabilities to defend Phreesia’s assets.
Our Central Information Security Team are highly hands-on and you will have many opportunities to gain intimate knowledge of Phreesia’s users, customers and architecture. Your solutions will impact the health of millions of people. You will get to work withDevOps, Development and IT teams at Phreesia.
Who we want:
Are you up-to-date in the world of incident detection and response?
Are you excellent in designing technical solutions from idea to execution?
Does the idea of collaborating with passionate and curious team members, while working with modern technologies and tools excite you?
What you will do:
Working as a key member of Phreesia’s Information Security team, the Sr. Information Security Analyst wears multiple hats: Product Manager, Security Engineer, and Security Analyst.
Identify top security threats to Phreesia’s assets and reduce security monitoring and incident prevention blind-spots
Identify, automate collection of, and analyze threat information from security monitoring tools, distribution lists, and intelligence feeds
First responder and lead to investigate information security events, incidents, and breaches
Develop log sources, alerts, searches, and dashboards to identify security incidents
Provide coverage as part of 24x7 incident response rotation and respond to emergencies
Manage Security Product roadmaps to elevate Phreesia’s defenses
Conduct Incident Response table-top exercises and tests, incorporating lessons learned from incidents
Collect and publish weekly and monthly qualitative and quantitative key risk indicators (KRIs) and related key performance indicators (KPIs)
Develop and maintain response procedures and processes for security incidents that occur (ex. malware remediation)
In partnership with operational teams, configure and administer security systems and tools
What you will need:
7+ years progressive experience leading incident detection and response or security operations
Experience building and maintaining SIEM queries, SQL, alerts, and dashboards
Experience with server and network configuration and management
Highly developed prioritization, triage, and communication skills
Excellent knowledge of Information Security principles, frameworks, and technologies
Engineering, computer science, or other technical undergraduate degree
In-depth experience with SumoLogic tools a plus
Who we are:
At Phreesia, we’re committed to helping healthcare organizations succeed in a fast-changing landscape—and we need smart, passionate people to help us do it. Our innovative SaaS platform offers our clients a suite of applications to manage the intake process, giving them the tools to engage patients, improve efficiency, optimize staffing and enhance clinical care. Our solutions are in all 50 states, and we check in 70 million patients a year!
Basically, what you are doing here matters and hard work does not go unnoticed. Not only does Phreesia care about our clients - we also care about our employees. We are proud to say that we have grown 40% each year and consistently continue to do so. If you crave working with driven and engaged colleagues, a structured sales process, consistent recognition, a defined career path, and working in revamped new areas, this may be the right opportunity for you.
Benefits and Perks:
Variety of health plan options, dental/ vision coverage, and short/long-term and life insurance plans
401k (USA) or RRSP (Canada) plan
Flexible working hours
Unlimited snacks and drinks in our offices
Mobile phone stipends, monthly subway pass reimbursement and Internet reimbursement
100% paid maternity leave to our U.S. employees, as well as a generous maternity benefit to our employees in Canada.
Tuition and certification reimbursement, as well as other professional development opportunities
We strive to provide a diverse and inclusive environment and are an equal opportunity employer.
TaxJar is the leading technology solution for busy eCommerce sellers to manage sales tax and is trusted by more than 15,000 businesses.
Our core values
We do the right thing for our customers.
We're a team, built on trust.
We're proud to be remote.
We're in control of our own destiny.
TaxJar’s remote-only team of 100+ people is growing quickly. We have an immediate opening for a Security Analyst and Administrator who wants to help us make eCommerce easier for everyone.
We're looking for a detailed oriented and experienced Security Analyst that has a passion for information security and is eager to make an impact in a growing company.
On our team you will have the opportunity to help build, grow, and maintain our Information Security Program. This position reports to the Director of Information Security.
*This is a full-time remote position available to folks located in the US.
As a Security Analyst and Administrator for TaxJar you will
Own the Access Control management process for all employees using Okta as the Identity and Access Management tool
Deploy, manage, and help secure employees workstations using Jamf - MDM tool
Assist with 3rd party security reviews and assessments
Analyze, track, and monitor alerts from our Cloud SIEM (security analytics tool)
Assist with ongoing and annual Security Awareness training for employees
Test and audit security controls to ensure adherance with SOC2 and GDPR compliance frameworks
Develop a comprehensive understanding of our Security Policies, SOC2 and GDPR controls in order to manage and track commitments from partners and vendors
Performs regularly-scheduled vulnerability scans to support regulatory compliance and identification of new vulnerabilities
2 - 4 years of experience in a technology and information security related role
Experience with an Identify and Access Management (IAM) tool - Okta
Knowledge and expertise of Mobile Device Management (MDM) tools, preferably with Jamf
SOC2 compliance experience, GDPR experience is a plus
Superior attention to detail, with strong process and documentation skills
Fast learner and someone who is always eager to learn and adapt (growth mindset)
Agile, humble, trustworthy, and a team player
Excel at communicating with the team remotely (chat, video, email, etc)
You’ll be a great fit on our team if you
Only want to work remotely
Are a PRO at communicating and collaboration
Highly value working with people you like and respect
Are confident in your skills and a solid team player (We’re peers here, no egos please) but also comfortable working asynchronously
Hungry to play an impactful role and not afraid to fail
We’re a happy team and we all really love what we do. We've created a space where high-achievers can succeed, but are also safe to fail. We're profitable and focused on growing TaxJar sustainably. We're always learning how to make TaxJar the best place to work for all of us, and not just another tech startup. We’re always looking for an amazing new teammates to come share in the excitement of solving real-world problems with technology.
Excellent health, vision and dental benefits
Flexible vacation policy
$1,000 in professional development credit
Home office stipend
Equity in a profitable company
2x year all-company in person retreats (fully paid for by us of course)