Corporate IT
South San Francisco, California, United States

IT Security Analyst

At Lyell, our vision is to develop curative cell-based immunotherapies for solid tumor cancers. We have innovative science originating from our founder’s world class labs and a unique and disruptive approach to research and development. Our company is first and foremost focused on understanding the science. We are a learning organization, dependent on deep collaborative relationships between all of our colleagues, partners and founders. Our culture is based on Science, Respect, Collaboration and Courage and it reflects who we are and the environment we are creating.
This role ensures that Information Technology Security at Lyell is innovative and improving. We are looking for someone to get us to best-in-class security and work on a future-ready security program to scale with the company's growth. The role is responsible for the ongoing monitoring, review and improvements to the organizations Information Technology security roadmap and will have strong experience in MFA, device trust, policies and strategy. This role will lead the security oversight of our SaaS based IT ecosystem.


  • Continuously evaluate and recommend new and emerging security products and technologies
  • Perform external and internal security audits
  • Install approved security measures and operational solutions to protect systems and the information infrastructure, including firewalls, and data encryption programs
  • Analyze security incidents and breaches and perform root cause analysis and remediation
  • Conduct security assessments through vulnerability assessment, and risk analysis
  • Provide recommendations on mitigating vulnerabilities
  • Define enterprise security policies and proactively manage procedures to maintain the organizations data security framework
  • Plan, implement and upgrade security measures and controls
  • Lead projects using best of breed tools and design patterns, such as implementing host/container hardening, vulnerability detection, file integrity monitoring, incident response, encryption, DLP, risk management and mitigation
  • Manage and maintain the IT infrastructure security needs leveraging endpoint security, network security, and end user training
  • Document the security infrastructure and collaborate with regulatory/compliance and software engineering teams
•  BA/BSc in Information Technology or related technical field with a minimum of 7 years’ experience; or
• MBA or MSc in Information Technology or related technical field with a minimum of 4 years’ experience
• Certified Ethical Hacker or Offensive Security Certified Professional
• Additional security certification (CISSP, CISM, CISA, etc.)
• Demonstrated experience conducting security and compliance audits (internal and external)
• Experience in coordinating security plans and the execution of plans in collaboration with external vendors
• Proven Experience identifying, recommending and implementing security tools such as DLP, AV, anti-malware
• Demonstrated experience overseeing data security in a cloud-based environment (AWS)
• Proven experience running data security for virtual workspaces, corporate web environments and broad cloud-based infrastructures
• Ethical hacking skills and extensive knowledge in the seven-stage intrusion model
• Excellent oral and written communication skills
• Proficient in Python or other scripting languages
• Demonstrated knowledge of trends and regulations including ISO, NIST, HIPAA, SOX, HITRUST and GDPR to ensure effectiveness and ongoing compliance with all regulations, industry standards and frameworks
• Maintain data (and data classification) and monitor security access
• Strong capability in social engineering, penetration testing and vulnerability assessment and remediation
• Ability to lead security awareness training (end user, software developers, etc.)
• Demonstrated leadership skills, including presentations of product vision to executives to get buy-in
• Excellent oral and written communication skills
• Ability to work independently and collaboratively among cross-functional teams
• Ability to work efficiently, prioritize workflow, meet deadlines and balance competing priorities.
At Lyell, we believe that highest performing teams include people from a wide variety of backgrounds and experiences who respectfully challenge each other. We are committed to building an open, diverse and inclusive culture for all employees.
Lyell is proud to be an equal opportunity employer and does not discriminate on the basis of race, color, citizenship status, national origin, ancestry, sex, sexual orientation, age, religion, creed, physical or mental disability, medical condition, marital status, veteran status or any other characteristics protected under applicable federal, state and local laws.
The Company complies with all laws respecting equal employment opportunity and does not discriminate against applicants with regard to any protected characteristic as defined by federal, state, and local law.  This position requires you to work onsite at the Company’s facilities and the Company requires that all employees working in its facilities be fully vaccinated (except as required by applicable law).  Therefore, this position requires you to be fully vaccinated from COVID-19, subject to reasonable accommodations for medical or religious reasons, and/or as otherwise required by applicable law.  The Company considers you fully vaccinated once 14 days have passed since you received either the second dose in a two-dose COVID-19 vaccine series or a single-dose COVID-19 vaccine.  The vaccine must have been FDA approved, have emergency use authorization from the FDA, or, for persons fully vaccinated outside of the U.S., be listed for emergency use by the World Health Organization.”
We’ve learned from experience that some of the best people don’t always match our requirements perfectly - if you’re interested and think you could fit, please don’t hesitate to apply.
Apply Now