Role:

The security analyst plays a vital role in keeping our proprietary and sensitive information secure. He/she will work with various departments to identify and fix flaws in the company's security systems, solutions, and programs while recommending specific measures that can improve the company's overall security posture.

Responsibilities:

- Security analysts are responsible for ensuring that the company's digital assets are protected from unauthorized access. This includes securing both online and on premise infrastructures, weeding through metrics and data to filter out suspicious activity, and finding and mitigating risks before breaches occur. If a breach does occur, security analysts are often on the front line, leading efforts to counter the attack.

- Security analysts are also responsible for generating reports for IT administrators and business managers to evaluate the efficacy of the security policies in place. They will then help to make the necessary changes for a more secure network and may also create training programs and modules to educate employees and users on proper security protocols.

- Furthermore, security analysts are responsible for keeping the company's security systems up to date and creating documentation and planning for all security-related information, including incident response and disaster recovery plans.

Other specific responsibilities include:

- Monitoring security access

- Conducting security assessments through vulnerability testing and risk analysis

- Performing both internal and external security audits

- Analyzing security breaches to identify the root cause

- Continuously updating the company's incident response and disaster recovery plans

- Verifying the security of third-party vendors and collaborating with them to meet security requirements

Skills :

You'll need to have:

- A passion for cyber security and a keen interest in IT

- Excellent IT skills, including knowledge of computer networks, operating systems, software, hardware and security

- An understanding of the cyber security risks associated with various technologies and ways to manage them

- A good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and anti-virus

- Analytical and problem-solving skills to identify and assess risks, threats, patterns and trends

- Team working skills in order to collaborate with team members and clients

- Verbal communication skills, including presentation skills, with an ability to communicate with a range of technical and non-technical team members and other relevant individuals

- Written communication skills, for example to write technical reports

- Time-management and organizational skills to manage a variety of tasks and meet deadlines

- The ability to multi-task and priorities your workload

- Excellent attention to detail

- An ability to work under pressure, particularly when dealing with threats and at times of high demand.

Qualifications / Experience:

- Around 5~7 years of relevant experience

- Experience in Application / Mobile and Infrastructure Security Assessment, Secure Code Review Experience in Dynamic Application Security Testing

- Experience in Static Application Security Testing

- Should have good hands on experience on one of the VA tools

- Good understanding of the Vulnerability analysis and false positive removal.

- Should have good hands on experience in penetration testing

- Good understanding of Windows, Linux, Android and iOS

- Good understanding of OWASP Top 10 vulnerabilities, SANS Top 25, CIS benchmark, NIST standards.

- Security related certifications such as CEH, SANS, OSCP, CISSP.

- Good understanding and experience in Audits will be an added advantage.

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.