Cyber Security Analyst

We are seeking an experienced and motivated Cybersecurity Specialist with a strong background in penetration testing, red teaming, DevSecOps practices, and vulnerability management. This individual will be a hands-on contributor responsible for identifying vulnerabilities, simulating real-world attacks, and integrating security throughout our development processes. The ideal candidate will possess a blend of technical expertise, analytical skills, and the ability to take initiative.

Location: Bangalore

Position Type: Full-time

Mode of working: Work from Office

Key Responsibilities:

• Conduct comprehensive penetration tests and red team assessments to identify vulnerabilities and weaknesses across various systems and applications.
• Develop and execute advanced attack simulations and methodologies to evaluate the security posture of the organization.
• Collaborate with development teams to integrate security practices seamlessly into the Software Development Life Cycle (SDLC) through DevSecOps initiatives.
• Manage the vulnerability scanning and management process using tools such as Qualys, Tenable, and other industry-standard solutions, ensuring timely remediation of identified vulnerabilities across the IT landscape.
• Utilize Static Application Security Testing (SAST) tools, including Veracode, Snyk, and other relevant solutions, to enhance application security throughout the development process.
• Analyze security assessments and present findings to stakeholders, providing actionable recommendations for risk reduction.
• Engage in security research to stay current with emerging trends, threat intelligence, and vulnerabilities in technologies relevant to the organization.
• Take ownership of assigned tasks and projects, demonstrating accountability and a results-driven approach.
• Proactively identify areas for improvement in existing security processes and tools, and initiate projects to enhance overall security posture.
• Mentor junior team members and share knowledge on best practices, tools, and methodologies in cybersecurity.
• Serve as a liaison between technical and non-technical teams to promote security awareness and practices across the organization.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent work experience.
• Minimum of 3 years of experience in cybersecurity, with a focus on penetration testing, red teaming, DevSecOps, and vulnerability management.
• Proven experience with penetration testing tools (e.g., Burp Suite, Kali Linux) and methodologies (e.g., OWASP Top Ten, MITRE ATT&CK Framework).
• Must have the mobile security assessment experience (RASP) solution,
• Must have good concept of AI adaptation and AI Security red teaming activities.
• Experience managing vulnerabilities using tools such as Qualys, Tenable, or similar vulnerability management solutions.
• Familiarity with DevSecOps tools and practices (e.g., CI/CD pipelines, security scanning tools).
• Strong knowledge of operating systems (Linux, Windows) and networking protocols.
• Experience with cloud security principles and technologies (AWS, Azure, GCP).
• Excellent problem-solving skills and the ability to think critically in high-pressure situations.
• Strong communication and interpersonal skills with the ability to work collaboratively in a team-oriented environment.
• Relevant cybersecurity certifications (e.g., PNPT, CPPT, OSCP, CEH, etc.) are a plus.