At Caris, we understand that cancer is an ugly word-a word no one wants to hear, but one that connects us all. That's why we're not just transforming cancer care-we're changing lives. We introduced precision medicine to the world and built an industry around the idea that every patient deserves answers as unique as their DNA. Backed by cutting-edge molecular science and AI, we ask ourselves every day:
"What would I do if this patient were my mom?" That question drives everything we do.
But our mission doesn't stop with cancer. We're pushing the frontiers of medicine and leading a revolution in healthcare-driven by innovation, compassion, and purpose.
Join us in our mission to improve the human condition across multiple diseases. If you're passionate about meaningful work and want to be part of something bigger than yourself, Caris is where your impact begins.
Investigations Information Security Engineer Position Summary The Investigations and Information Security Engineer will assist in managing internal investigations for the company. This individual will support the internal investigations team in addressing requests from Legal, Human Resources, and various cybersecurity incidents. They will work closely with senior team members to assist in penetration testing and report findings to the Information Security department. The role involves a foundational understanding of compliance frameworks such as SOX, SOC 2, HIPAA, GDPR, and NIST. The engineer will collaborate with various teams to develop security solutions while adhering to best practices. This position requires a mix of technical skills, strong organizational and analytical abilities, and an eagerness to learn about investigation and security processes.
Job Responsibilities - Assist in conducting internal investigations in compliance with corporate policies and applicable local/federal laws.
- Conduct forensic analysis on electronic devices to support investigations.
- Prepare written reports of findings of internal investigations.
- Support continuous attack surface penetration tests (CASPT) under supervision to validate network security and provide feedback.
- Assist in incident response efforts as directed by senior team members, following the corporate incident response plan.
- Analyze system requirements for audit and compliance purposes.
- Work with cross-functional teams to incorporate security best practices into the development lifecycle.
- Support periodic gap assessments to ensure compliance with relevant standards.
- Stay informed about developing cybersecurity trends and regulatory changes.
- Assist in monitoring and reporting on security and compliance metrics.
- Participate in technical decision-making under guidance and training from senior engineers.
Required Qualifications - Bachelor's degree
- Minimum of 1-3 years of experience in information security, cybersecurity, or investigations.
- Forensic analysis experience and certifications
- Basic understanding of physical and network security principles.
- Strong problem-solving, analytical, and organizational skills.
- Ability to communicate technical concepts to both technical and non-technical stakeholders.
- Ability to obtain ISC2 CISSP certification.
Preferred Qualifications - Bachelor's degree in Information Security, Cybersecurity, or related educational experience.
- Minimum 2 years of experience in digital forensics, analysis and evidence handling.
- Minimum 2 years of experience in Microsoft Azure/Purview environments.
- Exposure to industry regulations like SOX, SOC 2, HIPAA, GDPR, or NIST frameworks.
- Basic understanding of vulnerability assessments or penetration testing.
- Industry-standardized certification related to digital forensics.
- ISC2 CISSP certification.
Training - Training will be provided on job-specific, safety, and compliance topics relevant to the role.
Physical Demands - Must possess ability to sit, stand, and/or work at a computer for long periods of time.
- Ability to work extended hours during implementations and on-call rotations.
Other - The role may require occasional after-hours work for incident response.
- Some on-call responsibilities may be assigned in support of technical emergencies.
- Trainings and functions may require intermittent travel, paid by the company.
- Other duties as assigned by management.
Conditions of Employment: Individual must successfully complete pre-employment process, which includes criminal background check, drug screening, credit check ( applicable for certain positions) and reference verification.
This job description reflects management's assignment of essential functions. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time.
Caris Life Sciences is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, gender identity, sexual orientation, age, status as a protected veteran, among other things, or status as a qualified individual with disability.
Caris Life Sciences is a leading innovator in molecular science and artificial intelligence focused on fulfilling the promise of precision medicine through quality and innovation.
Caris is committed to quality and excellence at our state-of-the-art laboratories. Learn more about our tissue lab and the advanced technologies that are helping improve the lives of cancer patients.