Cybersecurity Analyst / Senior Cybersecurity Analyst at Gossamer Bio

San Diego, California, United States -

Full Time

Start Date

Immediate

Expiry Date

09 Mar, 26

Salary

160000.0

Posted On

09 Dec, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity, Incident Response, Security Operations, Risk Assessment, Compliance, Security Audits, Vulnerability Management, Privacy Regulations, Cloud Security, Security Tools, Technical Writing, Project Management, Analytical Skills, Interpersonal Skills, Mentoring, Automation

Industry

Biotechnology Research

Description

SUMMARY: The Cybersecurity Analyst will be responsible for supporting the development, implementation, and maintenance of the company’s cybersecurity and information security programs. This role works closely with IT, Legal, Compliance, and Commercial teams to identify risks and mitigating controls or processes, respond to and investigate security incidents, and ensure that Essential Duties and Responsibilities Monitor, analyze, and respond to security alerts and incidents in coordination with IT teams and external partners Proactively identify and mitigate threats using advanced cybersecurity tools, threat intelligence feeds, and analytics Operate and optimize security technologies (SIEM, EDR, firewalls) and implement enterprise-wide security controls and secure configurations Conduct comprehensive security assessments and audits of IT systems, networks, and third-party vendors to identify vulnerabilities and compliance gaps Ensure adherence to applicable privacy and security regulations (e.g., GDPR, HIPAA, CCPA, 21 CFR Part 11, FDA, EMA, GxP) Maintain and enhance incident response and business continuity plans to strengthen organizational resilience Identify and recommend automation opportunities to improve cybersecurity response, remediation efficiency, and overall program maturity Support documentation and reporting for security controls, risk mitigation plans, and audit responses Design and deliver KPIs, dashboards, and metrics to measure security performance and risk posture Assist in developing and delivering security awareness training and education programs for employees Stay current on emerging threats, industry trends, and best practices in cybersecurity and privacy JOB QUALIFICATIONS Education, Certifications, Experience Bachelor’s degree in Information Security, Computer Science, Life Sciences, Legal Studies, or a related field 4+ years’ experience in cybersecurity roles Leadership in incident response and security operations Familiarity with privacy laws and cybersecurity frameworks Experience in regulated industries (biotech, pharma, healthcare, or medical devices) Preferred: Certifications such as CISSP, CISA, CIPP/US, CIPM, or Security+ Experience working in small or mid-sized companies, especially in high-growth environments Proficiency with security tools (SIEM, EDR/XDR, DLP, SASE/CASB, vulnerability scanners, etc.) Understanding of third-party risk management in a biotech context General familiarity with GenAI and process automation Knowledge, Skills and Abilities Working knowledge of privacy regulations: GDPR, HIPAA, CCPA, CPRA, and other global data protection laws Understanding of biotech/life sciences regulatory landscape (e.g., 21 CFR Part 11, GxP systems) Familiarity with cloud security principles (e.g., AWS, Azure, or GCP environments) Awareness of threats and vulnerabilities in life sciences IT environments Knowledge of industry frameworks (e.g., NIST CSF, ISO/IEC 27701 for privacy) Security monitoring and incident response Risk assessment and mitigation planning Technical writing and policy documentation Vendor security and cybersecurity due diligence Project management and cross-functional collaboration Proficiency with cybersecurity tools and frameworks (e.g., NIST, ISO 27001, CIS Controls) Strong communication and interpersonal skills Strong analytical/problem-solving abilities Ability to mentor junior analysts Ability to translate complex security and privacy requirements into practical controls and solutions Ability to handle sensitive data and information with discretion and professionalism Ability to manage multiple tasks and priorities in a fast-paced environment Ability to work independently and take initiative while collaborating with cross-functional teams Ability to interpret and apply regulatory requirements to evolving business models and technologies Ability to communicate technical concepts to non-technical stakeholders Ability to thrive in a startup-like environment with a hands-on and proactive mindset Gossamer Bio is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants and complies with all applicable national, state and local laws governing nondiscrimination in employment. The expected salary range for this position is listed below. Actual pay will be determined based on experience, qualifications, and other job-related factors permitted by law. This position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. This position also qualifies for the benefits as listed below. Gossamer Bio offers highly competitive benefit plans and programs, including medical, dental and vision insurance, 401(k) and 401(k) matching , long-term incentive plan, disability plan, vacation pay, sick time, holiday pay, and work, personal and family time off in accordance with the terms of the applicable plans. For additional general information on Company benefits, please visit https://www.gossamerbio.com/work-at-gossamerbio/ Pay Range $115,000—$160,000 USD California Consumer Privacy Act (CCPA) Notice for California Residents: This notice is to notify you that personal data about you has been collected by Gossamer Bio (“Controller”), which is located at 3115 Merryfield Row, Suite 120, San Diego CA 92121 and can be contacted by emailing privacy@gossamerbio.com, because Controller wishes to evaluate your candidacy for employment at Controller. Your personal data was either obtained from publicly available sources (e.g. LinkedIn) or provided to Controller by someone who referred you for potential employment. Controller’s Privacy team can be contacted at privacy@gossamerbio.com. Your personal data will be processed for the purposes of managing Controller’s recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under Art. 6(1)(f) of Regulation (EU) 2016/679 (General Data Protection Regulation) and the California Consumer Privacy Act (CCPA) as necessary for the purposes of the legitimate interests pursued by the Controller, which are the solicitation, evaluation, and selection of applicants for employment. Your personal data has been shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by Controller to help manage its recruitment and hiring process on Controller’s behalf. Your personal data will be retained by Controller as long as Controller determines it is necessary to evaluate your application for employment. Under the GDPR and CCPA, you have the right to request access to your personal data, to request that your personal data be rectified or erased, and to request that processing of your personal data be restricted. You also have to right to data portability. In addition, you may lodge a complaint with a supervisory authority.

Responsibilities

The Cybersecurity Analyst will support the development, implementation, and maintenance of the company's cybersecurity programs. This includes monitoring security alerts, conducting assessments, and ensuring compliance with regulations.