Cybersecurity Analyst Senior Cybersecurity Analyst at Gossamer Bio

SUMMARY:The Cybersecurity Analyst will be responsible for supporting the development implementation and maintenance of the companys cybersecurity and information security programs. This role works closely with IT Legal Compliance and Commercial teams to identify risks and mitigating controls or processes respond to and investigate security incidents and ensure thatEssential Duties and ResponsibilitiesMonitor analyze and respond to security alerts and incidents in coordination with IT teams and external partnersProactively identify and mitigate threats using advanced cybersecurity tools threat intelligence feeds and analyticsOperate and optimize security technologies (SIEM EDR firewalls) and implement enterprise-wide security controls and secure configurationsConduct comprehensive security assessments and audits of IT systems networks and third-party vendors to identify vulnerabilities and compliance gapsEnsure adherence to applicable privacy and security regulations (e.g. GDPR HIPAA CCPA 21 CFR Part 11 FDA EMA GxP)Maintain and enhance incident response and business continuity plans to strengthen organizational resilienceIdentify and recommend automation opportunities to improve cybersecurity response remediation efficiency and overall program maturitySupport documentation and reporting for security controls risk mitigation plans and audit responsesDesign and deliver KPIs dashboards and metrics to measure security performance and risk postureAssist in developing and delivering security awareness training and education programs for employeesStay current on emerging threats industry trends and best practices in cybersecurity and privacyJOB QUALIFICATIONSEducation Certifications ExperienceBachelors degree in Information Security Computer Science Life Sciences Legal Studies or a related field4 years experience in cybersecurity rolesLeadership in incident response and security operationsFamiliarity with privacy laws and cybersecurity frameworksExperience in regulated industries (biotech pharma healthcare or medical devices)Preferred:Certifications such as CISSP CISA CIPP/US CIPM or SecurityExperience working in small or mid-sized companies especially in high-growth environmentsProficiency with security tools (SIEM EDR/XDR DLP SASE/CASB vulnerability scanners etc.)Understanding of third-party risk management in a biotech contextGeneral familiarity with GenAI and process automationKnowledge Skills and AbilitiesWorking knowledge of privacy regulations: GDPR HIPAA CCPA CPRA and other global data protection lawsUnderstanding of biotech/life sciences regulatory landscape (e.g. 21 CFR Part 11 GxP systems)Familiarity with cloud security principles (e.g. AWS Azure or GCP environments)Awareness of threats and vulnerabilities in life sciences IT environmentsKnowledge of industry frameworks (e.g. NIST CSF ISO/IEC 27701 for privacy)Security monitoring and incident responseRisk assessment and mitigation planningTechnical writing and policy documentationVendor security and cybersecurity due diligenceProject management and cross-functional collaborationProficiency with cybersecurity tools and frameworks (e.g. NIST ISO 27001 CIS Controls)Strong communication and interpersonal skillsStrong analytical/problem-solving abilitiesAbility to mentor junior analystsAbility to translate complex security and privacy requirements into practical controls and solutionsAbility to handle sensitive data and information with discretion and professionalismAbility to manage multiple tasks and priorities in a fast-paced environmentAbility to work independently and take initiative while collaborating with cross-functional teamsAbility to interpret and apply regulatory requirements to evolving business models and technologiesAbility to communicate technical concepts to non-technical stakeholdersAbility to thrive in a startup-like environment with a hands-on and proactive mindsetGossamer Bio is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants and complies with all applicable national state and local laws governing nondiscrimination in employment.The expected salary range for this position is listed below. Actual pay will be determined based on experience qualifications and other job-related factors permitted by law. This position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. This position also qualifies for the benefits as listed below.Gossamer Bio offers highly competitive benefit plans and programs including medical dental and vision insurance 401(k) and 401(k) matching long-term incentive plan disability plan vacation pay sick time holiday pay and work personal and family time off in accordance with the terms of the applicable plans. For additional general information on Company benefits please visit Range$115000$160000 USDCalifornia Consumer Privacy Act (CCPA) Notice for California Residents:This notice is to notify you that personal data about you has been collected by Gossamer Bio (Controller) which is located at 3115 Merryfield Row Suite 120 San Diego CA 92121 and can be contacted by emailing because Controller wishes to evaluate your candidacy for employment at Controller.Your personal data was either obtained from publicly available sources (e.g. LinkedIn) or provided to Controller by someone who referred you for potential employment. Controllers Privacy team can be contacted at . Your personal data will be processed for the purposes of managing Controllers recruitment related activities which include setting up and conducting interviews and tests for applicants evaluating and assessing the results thereto and as is otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under Art. 6(1)(f) of Regulation (EU) 2016/679 (General Data Protection Regulation) and the California Consumer Privacy Act (CCPA) as necessary for the purposes of the legitimate interests pursued by the Controller which are the solicitation evaluation and selection of applicants for employment.Your personal data has been shared with Greenhouse Software Inc. a cloud services provider located in the United States of America and engaged by Controller to help manage its recruitment and hiring process on Controllers behalf. Your personal data will be retained by Controller as long as Controller determines it is necessary to evaluate your application for employment. Under the GDPR and CCPA you have the right to request access to your personal data to request that your personal data be rectified or erased and to request that processing of your personal data be restricted. You also have to right to data addition you may lodge a complaint with a supervisory authority.Required Experience:Senior IC Key Skills ArcGIS,Intelligence Community Experience,GIS,Python,Computer Networking,Data Collection,Intelligence Experience,R,Relational Databases,Analysis Skills,Data Management,Application Development Employment Type : Full Time Experience: years Vacancy: 1