Senior Security Analyst
Hims & Hers
Hims & Hers Health, Inc. (better known as Hims & Hers) is the leading health and wellness platform, on a mission to help the world feel great through the power of better health. We are revolutionizing telehealth for providers and their patients alike. Making personalized solutions accessible is of paramount importance to Hims & Hers and we are focused on continued innovation in this space. Hims & Hers offers nonprescription products and access to highly personalized prescription solutions for a variety of conditions related to mental health, sexual health, hair care, skincare, heart health, and more.
Hims & Hers is a public company, traded on the NYSE under the ticker symbol “HIMS”. To learn more about the brand and offerings, you can visit hims.com and forhers.com, or visit our investor site. For information on the company’s outstanding benefits, culture, and its talent-first flexible/remote work approach, see below and visit www.hims.com/careers-professionals.
About the Role:
We are seeking a Senior Security Analyst to help build our Security Operations discipline. Our team moves at a fast pace and always looking to help drive best security practices at our core. This dynamic team enables multiple areas of the business to be able to stay agile, but with always being vigilant to keep our infrastructure secure and drive innovation. This is an opportunity to directly drive change and security in our business.
- Advanced Security Monitoring and Analysis: Oversee the continuous monitoring and in-depth analysis of network traffic, system logs, and security alerts, employing cutting-edge SIEM solutions and leveraging advanced threat intelligence feeds to detect and respond to sophisticated cyber threats
- Incident Response Mastery: Develop, refine, and lead the execution of advanced incident response plans and procedures, orchestrating multifaceted incident handling activities with a focus on rapid containment, eradication, and recovery. Serve as the ultimate technical authority during high-stress security incidents
- Vulnerability Assessment and Management Expertise: Lead the identification and prioritization of vulnerabilities across our intricate technology stack, conducting comprehensive vulnerability assessments and overseeing advanced remediation efforts, including penetration testing and code review
- AWS, Azure, and GCP Security Expertise: Utilize your extensive knowledge of AWS, Azure, and GCP security best practices to assess and enhance the security of cloud environments. Implement and maintain security configurations, identity and access controls, and encryption mechanisms specific to each cloud platform. Conduct security assessments and audits to identify vulnerabilities and provide recommendations for remediation
- Pioneering Threat Intelligence Integration: Maintain an expert understanding of emerging cybersecurity threats and trends, actively integrating advanced threat intelligence into security operations to drive proactive threat detection and support the development of custom threat-hunting methodologies
- Master of Security Automation and Tooling: Spearheaded the development and deployment of highly sophisticated scripts, automation tools, and custom security solutions to optimize and streamline complex security tasks, enhance operational efficiency, and enable rapid response to evolving threats
- Prior experience with Threat Hunting and making recommendations on findings
- Experience in Red team, Blue team, Purple team, and table top exercise
- Recommend and implement security enhancements to proactively address emerging threats
- Assist in the development and enforcement of security policies, standards, and procedures
- Prior experience with industry regulations and standards, such as NIST, CIS, and GDPR
- Bachelor's degree in a relevant field or equivalent work experience
- Minimum of 5 years of experience in a security analyst role
- Strong expertise in cloud computing, with a preference for AWS
- Proficiency in Sumo Logic for creating Insights and Signals
- Experience researching through logs for security investigations
- Familiarity with security platforms such as Netskope, CrowdStrike, Tenable, Cisco Meraki, and Proofpoint, or similar products
- Certifications such as OCSP, CompTIA Security+, Pentest+, or AWS Certified Security – a plus
- Excellent problem-solving and analytical skills
- Strong communication, documentation, and teamwork abilities
- Ability to work independently and under pressure in a fast-paced environment
- Exposure to penetration testing platforms such as Burp Suite, Kali Linux, Metasploit, Nexpose
- Skilled with network security tools such as Palo Alto Firewalls, Cisco VPNs, Palo Alto IDS
- Understanding of regulatory compliance (NIST CSF, SOX, ISO)
Our Benefits (there are more but here are some highlights):
- Competitive salary & equity compensation for full-time roles
- Unlimited PTO, company holidays, and quarterly mental health days
- Comprehensive health benefits including medical, dental & vision, and parental leave
- Employee Stock Purchase Program (ESPP)
- Employee discounts on hims & hers & Apostrophe online products
- 401k benefits with employer matching contribution
- Offsite team retreats
H&H also offers a comprehensive Total Rewards package that includes equity grants of restricted stock (RSU’s) so that H&H employees own a piece of our company.
The actual amount will take into account a range of factors that are considered in making compensation decisions including but not limited to, skill sets, experience and training, licensure and certifications, and location.
Consult with your Recruiter during any potential screening to determine a more targeted range based on the job-related factors. We don’t ever want the pay range to act as a deterrent from you applying!
We are focused on building a diverse and inclusive workforce. If you’re excited about this role, but do not meet 100% of the qualifications listed above, we encourage you to apply.
Hims is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics or any other basis forbidden under federal, state, or local law. Hims considers all qualified applicants in accordance with the San Francisco Fair Chance Ordinance.