Senior Information Security Analyst

Job Designation: Information Security Analyst

Job Location: Bangalore

What is the role?

The role requires the candidate to be proactive and spearhead our efforts to protect our assets and mitigate security risks.

Key Responsibilities:

Security Leadership:

• Provide strategic direction and leadership in all aspects of information security, including risk management, compliance, and incident response.
• Develop and implement security policies, procedures, and best practices to protect the organization's assets and mitigate security risks.

Ethical Hacking:

• Conduct regular security assessments and penetration tests to identify vulnerabilities in systems, applications, and infrastructure.
• Utilize ethical hacking techniques and tools to simulate real-world cyber attacks and assess the effectiveness of defensive measures.
• Provide actionable recommendations and remediation guidance to address identified security weaknesses.

Threat Intelligence and Monitoring:

• Stay abreast of the latest security threats, vulnerabilities, and attack techniques through threat intelligence sources and industry research.
• Monitor security logs, alerts, and incident reports to detect and respond to security incidents in a timely manner.

Develop and maintain security monitoring tools and systems to enhance the organization's threat detection capabilities.

Security Awareness and Training:

• Design and deliver security awareness programs and training sessions to educate employees about security best practices and promote a culture of security awareness.
• Conduct phishing simulations and other security exercises to assess and improve employee security awareness and readiness.

Compliance and Risk Management:

• Ensure compliance with relevant security standards, regulations, and industry frameworks (e.g., GDPR, PCI DSS, ISO 27001).
• Conduct risk assessments and vulnerability assessments to identify and prioritize security risks, and work with stakeholders to implement appropriate controls and mitigations.

Incident Response and Forensics:

• Lead incident response activities during security incidents, coordinating with internal teams and external stakeholders to contain, investigate, and remediate security breaches.
• Conduct digital forensics investigations to determine the root cause of security incidents and support legal and regulatory requirements.

Preferred Qualifications with Skills & Experience:

• Bachelor's or Master's degree in Computer Science, Information Security, or related field.
• 10+ years of experience in information security, with a focus on ethical hacking and penetration testing.
• Proven experience leading security initiatives in complex environments.
• Certification(s) in ethical hacking (e.g., CEH, OSCP) and other relevant security certifications (e.g., CISSP, CISM) preferred.
• Deep understanding of security principles, technologies, and best practices, including network security, cryptography, and secure coding.
• Strong technical skills in penetration testing tools and techniques, such as Metasploit, Burp Suite, and Nmap.
• Excellent communication and interpersonal skills, with the ability to effectively communicate technical concepts to both technical and non-technical audiences.
• Strong problem-solving skills and the ability to think creatively to address complex security challenges.

Job Types: Full-time, Permanent

Pay: ₹2,000,000.00 - ₹2,500,000.00 per year

Benefits:

• Commuter assistance
• Health insurance
• Provident Fund

Experience:

• Information security: 5 years (Required)

License/Certification:

• CEH (Required)

Work Location: In person