Senior Analyst, TSG Information Security, Cyber Operations Bain & Company

4.0 - 8.0 years

0 Lacs

haryana

On-site

The Senior Analyst role within Bain's Cyber Security Department focuses on safeguarding the organization's digital assets and integrity. As a Senior Analyst, you will play a crucial role in understanding how security measures align with the organizational strategy. Your responsibilities will include organizing and leading the development and implementation of security controls that comply with regulatory requirements and best practices. You will be responsible for monitoring, analyzing, and responding to potential security incidents and threats. Assessing their urgency and impact on Bain, you will implement necessary measures to protect the organization's digital assets, data, and infrastructure. This may involve taking a leadership position in coordinating activities across the team, collaborating with technical teams and Security leadership. The Senior Analyst Security Operations role encompasses various disciplines, including Threat Intelligence, Vulnerability Management, Pro-Active Security Testing, and Enhanced Security Operations. Depending on the requirements, team members may dedicate a percentage or all of their time to these specific disciplines. Your principal accountabilities will include: - Vulnerability Management (80%) - Collaborating with cross-functional teams and providing leadership and guidance. - Conducting regular vulnerability scans on the organization's network, applications, and systems. - Implementing and operationalizing vulnerability management tools, processes, and best practices. - Prioritizing vulnerabilities based on risk and potential impact. - Leading meetings to remediate identified vulnerabilities and tracking progress. - Enhanced Security Operations (10%) - Expertise in Forensic Investigations and Tooling. - Leadership experience in Red Team, Blue Team, Purple team exercises. - Professional Development and Innovation (10%) - Staying informed about emerging trends and technologies in cybersecurity. - Collaborating with security team members, IT departments, and relevant business units to address security concerns. - Exploring Professional Certifications and planning trainings with leadership. Your knowledge, skills, and abilities should include: - Strong expertise in Security Monitoring & Incident Detection and Response. - Knowledge of various security tools like Splunk, CrowdStrike, Windows Defender, and others. - Understanding of Vulnerability & Attack Surface Management toolsets, Threat Intelligence tools, etc. - General skills such as good communication, analytical mindset, ability to work independently and in a team, eagerness to learn, and entrepreneurial spirit. Qualifications and Experience: - Bachelor's degree in a related field or equivalent education and experience. - 4-6 years of experience in the same domain. - Experience in deploying systems or applications, complex problem solving, and working in a dynamic environment. - Strong customer service, communication, troubleshooting, and endpoint security control design skills. - Experience with automation of Information Security controls, scripting, and cloud security control frameworks. In this role, you will play a vital part in enhancing the organization's overall security posture and addressing security concerns effectively. Your ability to adapt to new challenges, work collaboratively, and stay updated with cybersecurity trends will be crucial for success in this position.,

Posted 2 weeks ago

Apply

Network Security Engineer EY

4.0 - 9.0 years

8 - 12 Lacs

Shimla

Work from Office

Overview of the Role The ideal candidate will be responsible for implementing, configuring, and managing advanced security technologies to safeguard against sophisticated threats. This role requires hands-on experience with next-generation security solutions and a proactive approach to ensuring high availability, performance, and secure access across both internal and external networks. Roles and Responsibilities Manage secure and redundant routing and switching infrastructure to ensure 24x7 availability of critical services. Implement network segmentation to enhance security, improve performance, and isolate faults across departments. Ensure VPN connectivity (IPSec/SSL) for remote offices and departments in line with security policy frameworks. Deploy, configure, and maintain Next Generation Firewalls (NGFWs) for traffic inspection, threat prevention, and application control. Operate Anti-DDoS solutions to counter volumetric and protocol-based attacks. Enforce Web Application Firewall (WAF) protections for public-facing applications and servers. Utilize Anti-APT solutions to detect, analyze, and contain advanced persistent threats. Administer Software and Link Load Balancers to ensure service uptime and bandwidth optimization across multiple ISP connections. Design and maintain high-availability security architectures for critical enterprise applications. Deploy and manage Endpoint Security tools including antivirus, device control, and policy enforcement for desktops, laptops, and servers. Monitor and control sensitive data using Data Loss Prevention (DLP) tools aligned with organizational data classification guidelines. Integrate and operate EDR/XDR solutions for continuous endpoint monitoring and incident response. Implement malware protection tools for both end-user and server environments. Enforce Access Control Policies including role-based access, least privilege, and scheduled access reviews. Implement data encryption standards and manage secure key handling and PKI-based authentication mechanisms. Operate Intrusion Detection/Prevention Systems (IDS/IPS) to identify and mitigate malicious traffic. Analyze logs and security events using SIEM tools to uncover policy violations and emerging threats. Lead incident response efforts in coordination with CERT-In, Third Party Auditors (TPA), and MeitY in case of security breaches. Desired Skills/Background Certifications: CCNP Security, Fortinet NSE, or JNCIS-SEC (mandatory). Strong grasp of network and cybersecurity principles, standards, and best practices. Hands-on experience with firewalls, VPNs, IDS/IPS, load balancers, DLP, SIEM, EDR/XDR, and endpoint protection technologies. Excellent analytical, problem-solving, and troubleshooting capabilities. Ability to manage complex, high-availability security architectures in enterprise-scale environments. Proven experience in incident handling, root cause analysis, and working with regulatory bodies and third parties.

Posted 1 month ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.