Security Analyst - Technical

Responsibilities:

• Technical documentation about the security breaches and the processes.
• Configuration reviews for implemented solutions like firewalls, WAF, PAM/PIM, DLP, SIEM Etc
• Data encryption programs to safeguard organizations vital data.
• Red teaming, VA-PT, source code reviews, Mobile app reviews
• Work directly with the ISG team and coordination with stakeholders
• Risk assessment and risk management processes
• Understand the processes and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
• Review and Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance.
• Coordinate, measure and report on the technical aspects of security posture.
• Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements.
• Manage and coordinate operational components of incident management, including detection, response, documentation and reporting.
• Maintain a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations.
• Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
• Mitigate the compliance requirements as per regulatory guidelines
• Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and follow policies and audit requirements.
• Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.

Requirements:

• Diploma /Degree in a technology-related field required.
• Professional security analyst certification
• Minimum of five to 7 years of hands on experience in VA-PT, configuration reviews and data protection
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.
• Excellent written and verbal communication skills and high level of personal integrity.
• Experience with Cloud computing/Elastic computing across virtualized environments.