Information Security Analyst

Job Description

The Security Analyst serves as the core technical expert of all assurance activities related to the information security posture, compliance mitigation, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organization's information security policies. Responsibilities: Technical documentation about the security breaches and the processes. Configuration reviews for implemented solutions like firewalls, WAF, PAM/PIM, DLP, SIEM. Data encryption programs to safeguard organization’s vital data. Red teaming, VA-PT, source code reviews, Mobile app reviews. Work directly with the ISG team and coordination with stakeholders. Risk assessment and risk management processes. Understand the processes and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services. Review and Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance. Coordinate, measure and report on the technical aspects of security posture. Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements. Manage and coordinate operational components of incident management, including detection, response, documentation and reporting. Maintain a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations. Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk. Mitigate the compliance requirements as per regulatory guidelines Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and follow policies and audit requirements. Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks. Requirements: Diploma /Degree in a technology-related field required. Professional security analyst certification. Minimum of five to 7 years of hands on experience in VA-PT, configuration reviews and data protection. Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST. Excellent written and verbal communication skills and high level of personal integrity. Experience with Cloud computing/Elastic computing across virtualized environments. Interested candidates can share their resume at shamli.kamble@hdfcsales.co.in