Description :

Synopsis of the role :

- The Information Security Analyst is responsible for protecting an organization's computer systems, networks, and data from security breaches, cyberattacks, and unauthorized access.

- This involves planning, implementing, monitoring, and upgrading security measures and managing incident response and disaster recovery plans.

What Youll Do :

- Prevention & Protection : Manage security software (e., firewalls, encryption programs, anti-virus/anti-malware etc).

- Vulnerability Management : Coordinate and support penetration testing and conduct periodic risk assessments to identify weaknesses and vulnerabilities in systems and networks.

- Develop Policies/Process/SOPs : Update, and enforce security standards, policies, and best practices for the organization.

- Access Control : Manage and monitor user access, credentials, and permissions to ensure data integrity and confidentiality.

- Detection & Response : (Security Monitoring) Continuously monitor networks and systems for security breaches, anomalies, and suspicious activity (often using SIEM tools).

- Incident Response : Respond immediately to security alerts, investigate cyberattacks, determine the root cause, and implement countermeasures to mitigate damage.

- Strategy & Compliance (Documentation and Reporting) : Prepare detailed reports on security metrics, attempted attacks, and successful breaches for both technical and non-technical stakeholders.

- RBI & CERTIN notification implementations and followup with stakeholders.

- Quaterly Infosec RBI Daksh portal submissions.

- Disaster Recovery : Develop and test disaster recovery and business continuity plans to ensure IT operations can be quickly restored after an emergency.

- Research : Stay up-to-date on the latest IT security trends, cyber threats, and attack vectors to proactively recommend system enhancements.

- Security Audits : Assist with internal (Information systems, ISO 27001, PCI DSS audits, Global Security control testing, Data Centre, Vendor, Customer onboardind and CISA audit) and managing external regulatory RBI & CSITE audits to ensure compliance with relevant security laws and regulations.

- Training & Support : Provide security guidance, support, and Infosec awareness training, Email & programs and events to employees,Vendor and IT staff on new security products and procedures.

What Experience You Need :

Technical Knowledge :

- Networking : Strong understanding of network protocols, network security (e., VPN, IDS/IPS), and firewall management.

- Operating Systems : Proficiency/understanding with various operating systems (Windows, Linux etc).

- Security Tools : Experience with vulnerability scanners, penetration testing tools, and Security Information and Event Management ( SIEM ) systems.

- Programming/Scripting : Basic familiarity with one or more scripting or programming languages (e., Python, Bash) for automation and analysis.

Education And Experience :

- Education : A Bachelor's degree in Computer Science, Cybersecurity, Information Technology.

- Experience : 0 -5 years of experience.

Soft Skills :

- Analytical and Problem-Solving : Ability to quickly analyze large amounts of data, detect subtle security anomalies, and solve complex technical issues under pressure.

- Attention to Detail : Meticulous approach to monitoring system logs and configuration files.

- Communication : Excellent written and verbal communication skills to explain technical issues, threats, and security policies to both technical teams and non-technical management.

- Creative Thinking : Ability to anticipate and think like an attacker to proactively identify and close security gaps.

- Security Domains : Knowledge of key security concepts like incident response, computer forensics, ethical hacking, and risk management.

What Could Set You Apart :

- Certified Information Systems Security Professional ( CISSP ).

- Certified Ethical Hacker ( CEH ).

- Certified Information Security Manager.