Information Security Analyst

Role Summary:
The Information Security Analyst is responsible for supporting the organizations information
security initiatives by ensuring the confidentiality, integrity, and availability of systems and data.
The role involves monitoring security infrastructure, identifying and mitigating risks, and
maintaining compliance with security standards and regulations.

Key Responsibilities:
1. Security Monitoring and Analysis
Monitor security alerts and system logs for signs of potential threats or breaches.
Conduct vulnerability assessments and penetration testing to identify and address risks.
Respond to security incidents, assist in investigations, and document findings.
2. Implementation of Security Measures
Monitor and assist in maintaining security tools, such as firewalls, antivirus software, and intrusion detection systems.
Direct the IT team to apply security patches and updates to systems and applications in a timely manner.
Ensure data protection through encryption, backup strategies, and access controls.
3. Policy and Compliance Support
Assist in creating and updating information security policies, procedures, and guidelines.
Ensure compliance with relevant standards (e.g., ISO 27001, GDPR, HIPAA, etc.) and industry regulations.
Conduct internal audits and support external security assessments.
4. Risk Assessment and Mitigation
Perform risk assessments to identify vulnerabilities in IT systems and business processes.
Recommend and implement controls to mitigate identified risks.
Collaborate with cross-functional teams to improve security posture.
5. Employee Awareness and Training
Conduct security awareness sessions and training programs for employees.
Promote best practices for safeguarding sensitive information and preventing phishing attacks.
6. Research and Continuous Improvement
Stay up to date with the latest security trends, tools, and threats.
Evaluate new security technologies and recommend improvements to existing infrastructure.

Required Qualifications:
Bachelors degree in information technology, Computer Science, Cybersecurity, or a related field.

Experience:
2-4 years of experience in information security or IT-related roles. (Entry-level candidates with certifications and relevant projects are encouraged to apply.)
Certifications (Preferred):
Lead auditor
CompTIA Security+
Certified Information Systems Security Professional (CISSP)
Certified Ethical Hacker (CEH)
Certified Information Security Manager (CISM)

Skills:
Strong understanding of cybersecurity principles and frameworks.
Familiarity with security tools such as SIEM, IDS/IPS, and endpoint protection systems.
Basic knowledge of networking, operating systems, and cloud security.
Analytical mindset with problem-solving abilities.
Excellent communication and documentation skills.
Excellent verbal and written communication skills, willing to learn and work hard, proficiency in MS Office(Word, Excel & Powerpoint).