Information Security Analyst

Position Title: Information Security Analyst

Team: Regional Security Support Crew (Information security)

Reporting Location: Bangalore (B4 / B5)

Job Overview:

As a Regional Security Support crew, your primary role, will be to assist the Regional Information Security Officers (RISO) in implementing and maintaining cybersecurity strategies for various legal entities Globally. You will be responsible for ensuring compliance with group security policies, managing risks, and supporting the continuous improvement of the regional security posture. This role offers a unique opportunity to be part of a newly established team, providing a dynamic environment where you can help shape security processes from the ground up.

Key Responsibilities:

• Provide direct support to the RISO in managing and implementing security plans for legal entities across the region.
• Assist in the creation, follow-up, and management of remediation plans for identified security risks and non-compliance issues.
• Conduct security risk assessments and ensure that security measures are aligned with the Group s standards and adapted to each legal entity s needs.
• Support the RISO in reviewing and approving changes to systems, processes, and applications prior to deployment.
• Perform and prioritize security audits, vulnerability scans, and reviews (including access rights, firewall rules, cloud compliance, etc. ).
• Coordinate and support legal entities during internal and third-party security audits, ensuring compliance with all security policies.
• Conduct security training and awareness programs customized for regional entities, ensuring all staff are informed and compliant.
• Maintain accurate inventories of assets, third-party vendors, and local processes for audit and security monitoring purposes.
• Collaborate with regional and Group IT teams to ensure a security by design approach is applied in all regional architectures, applications, and processes.
• Assist in evaluating third-party vendors to ensure they meet security standards.
• Support the development of Disaster Recovery (DR) and Business Continuity (BC) plans.
• Assist the RISO with the development and implementation of policies, procedures, and guidelines that cater to local regulatory requirements and Group standards.
• Core Responsibilities in Incident Response and Vulnerability Management:
• Assist the RISO in incident response activities by investigating security breaches and incidents in collaboration with the Security Operations Center (SOC).
• Analyze vulnerability reports and assist in remediation efforts, ensuring timely patching and risk mitigation.
• Support the review and approval of firewall rules, configurations, and exceptions to maintain network security.
• Collaborate with the RISO in monitoring for emerging threats and recommending security improvements based on current trends.

Qualifications & Skills:

• Strong communication and interpersonal skills, with the ability to work effectively with multiple stakeholders across various legal entities.
• Ability to manage multiple priorities and work under pressure in a fast-paced environment.
• Strong knowledge of cybersecurity concepts, including vulnerability assessments, incident management, network architecture, firewalls, and cloud security.
• Expertise in general IT concepts, including Active Directory, Office 365, and modern networking solutions like micro-segmentation, SASE, SD-WAN, etc.
• Demonstrated ability to assist in the creation and execution of security policies, procedures, and standards.
• Familiarity with security frameworks such as ISO 2700x, ITIL, and the EU Privacy Directives.
• Experience in conducting security assessments and working with audit teams during internal or external security reviews.

Education & Experience:

• At least 3+ years of experience in cybersecurity, information security, or a related field.
• Certifications such as CISM, CISSP, or CEH are nice to have.
• Atypical profiles with experience from bug bounties, open-source projects, or bootcamps are also encouraged to apply if they can demonstrate strong skills and knowledge in the required areas.

Key Competencies:

• A quick learner who is autonomous, adaptable, and detail oriented.
• Ability to work in large, complex IT environments and be comfortable with ambiguity and fast-changing priorities.
• A passion for cybersecurity, with strong problem-solving skills and a proactive approach to risk management.
• Strong English language skills are required, additional language is a plus.

How You Will Help:

• Regularly test legal entities for compliance with security policies and procedures.
• Assist in conducting vulnerability assessments and implementing remediation measures based on Group standards.
• Investigate security incidents in collaboration with the SOC and provide technical support during audits.
• Support the development of Security Key Performance Indicators (KPIs) to monitor and improve the region s security posture.

This is an exceptional opportunity for cybersecurity professionals who thrive in dynamic environments and enjoy creating and improving security processes. If you are passionate about cybersecurity and want to play a crucial role in protecting a diverse range of legal entities across Europe, we encourage you to apply.