Current Opeing

IT Security Analyst

Position title :IT Security Analyst
Function :Information Technology
Grade :Manager-II/ Senior Manager-I
Location :Delhi
Qualification:B.tec/ MBA
Experience:At least 5 to 10 years of total IT experience and minimum 3 years in handling Information Security.
Responsibility:This role provides technical consulting to management, business users, security teams, and technical associates to assure that IT applications and infrastructure is secure.

  • Experience in performing IT Security reviews including third party/vendor reviews, Vulnerability Assessment, Penetration testing & Secure code reviews
  • Hands on experience in security systems, including firewalls, intrusion detection systems, identity and access management,  antivirus software, authentication systems, log management/Security operations center (SOC), content filtering etc
  • Provide clarity and direction on organizations Information Security Strategy to senior Management.
  • Excellent knowledge of Information Security technologies and methodologies particularly, including for example web server security / firewalls / networks / encryption / PKI / TCP/IP / UNIX / Windows etc.
  • Review & recommend appropriate enhancements and interventions to continuously improve the existing processes and policies
  • Maintain & exceed level of Information Security governance as expected by the management.
  • Strong understanding of key network and technical security controls
  • Experience of information security standards ( desirable) such as: ISO 27001, ISO 22301, PCI DSS, ITIL, COBIT
  • Certifications (desirable): CISA, CISSP, PMP, ITIL, CEH, COBIT, ISO 27001
  • Proactively evaluate product ecosystem to determine potential short- and long-term security vulnerabilities.
  • Should be able to visualize how to play both offence and defence in cybersecurity, and offer resolution advice for identified vulnerabilities.
  • Should be able to drill down to specific reported vulnerabilities as well as have a holistic view of the impact of the vulnerabilities.
  • Understand the threat model and perform security architecture reviews.
  • Hands-on experience in computer forensics, analysing network exploits, hacking of any device and penetration testing. (Should have done any of the above in a real system)
  • Experience using Vulnerability and Penetration test tools is highly desired. ( e.g. Nmap, Nessus, w3af, etc.)
  • Experience using Fuzz tools to model different attack patterns is highly desired (e.g. Metasploit, etc.)
  • Should have a pulse on the latest trends and best practices in cybersecurity attacks.
  • Familiarity with Security Standards and groups (OWASP, WASC, FISMA, CVE, NCERT, etc.)
  • Experience with multiple platforms ( e.g. Windows Server, Kali/Backtrack Linux, Embedded systems, Android, Cloud systems, etc.) and languages (e.g. C, C++, Java, Python, etc.) highly desirable.
  • Experience and good understanding of networking protocols TCP/IP, UDP , SSL, XML, etc.
  • Fair understanding of network security and cryptography fundamentals, with some hands-on experience using crypto libraries and APIs (e.g. Openssl, Keystore, etc.)
  • Strong understanding of Denial of service, replay attacks, masquerading attacks, man-in-the-middle attacks and other cybersecurity issues.
  • Experience with S/W vulnerability analysis and knowledge of best practices for secure S/W programming.
  • Strong understanding of SDLC and experience using related tools for Defect tracking, Source Control, IDEs,
  • Excellent written & oral communication skills.
Competencies:
  • Communication skills
  • Team player
Select Location:     Apply


Back to Current Openings