Information Security Analyst - CISSP/CISA Certified (5-8 yrs)

As a Security Analyst, you will play a critical role in safeguarding our organization's data and information systems.

Your expertise in cybersecurity will be essential for identifying and mitigating potential security threats and vulnerabilities.

If you're passionate about protecting digital infrastructure and staying ahead of emerging risks, this role is for you.

Responsibilities :

Security Assessments and Audits :

- Conduct regular security assessments and audits to identify potential vulnerabilities.

- Implement and maintain security protocols and procedures to protect information systems and data.

Monitoring and Threat Detection :

- Monitor network traffic for suspicious behaviour and identify potential threats.

- Respond to and investigate security incidents and breaches promptly.

Stay Informed and Proactive :

- Stay up to date on the latest intelligence, including hackers' methodologies, to anticipate security breaches.

- Develop strategies to handle security incidents and coordinate responses effectively.

Education and Documentation :

- Educate staff on information security through training and awareness programs.

- Document security breaches and assess the damage they cause.

Tools and Countermeasures :

- Recommend and install appropriate tools and countermeasures to prevent cyber-attacks.

Collaboration and Best Practices :

- Collaborate with management to create an organization-wide best practices policy for cybersecurity.

- Cross functional trainings by sharing your knowledge with peers and gaining knowledge from them.

- Experience : Minimum 5+ years of relevant experience in security analysis.

Skills :

- Proficiency in security log analytics.

- Strong understanding and hand on experience in information technology and security systems.

- Familiarity with the latest security principles, techniques, and protocols.

- Relevant experience as security professionals working in healthcare / ITeS / BPO etc.

- Certification like CCSP/ CEH/ CISSP / CISA/ CRISC preferred.

- Deep understanding on following is required to correlate to identified vulnerability :

1. AD server (windows 2012 and 2019).

2. Cisco core switches.

3. Meraki / FortiGate firewall.

4. Physical servers, switches and storages.

5. Virtual machines.

6. VMWare / ProxMox (optional and can be trained).

- Understanding on Cloud platform is plus.

- Resource must be able to understand Routing, vLAN, Network ACL, Wireless Ent Auth (802.11x), AD NPS, AD-DS, GPO, DNS, Cert Authority, DHCP, Firewall policies, IDS/IPS policies, App/web Content policies, Policy based routing, VPN, SDWAN (understanding), NAC (optional).