Information Security Analyst

Job Summary

• Monitor security alerts and incidents and respond promptly to potential threats.
• Conduct threat hunting, vulnerability assessments and penetration testing to identify security weaknesses.
• Conduct regular security audits and risk assessments.
• Analyse security breaches to determine root cause and implement corrective actions. Assist and/or lead efforts to isolate, contain, respond to, and recover from security incidents.
• Identify, review, prioritize, plan, coordinate, and follow-up on the remediation of vulnerabilities
• Manage security alerts raised by the Group-Wide CSIRT team, security tools, technologies, and services (eg endpoint security, network security, IDR, DLP, SIEM, etc)
• Configure and maintain security technologies such as SIEM & endpoint security, intrusion detection/prevention systems, etc This may also include scripting, automation, and orchestration across various platforms.
• Develop and implement security policies, procedures, and protocols.
• Review systems, configurations, and report on, compliance with ION standards, client requirements, audit controls, regulations, and industry best practices.
• Respond to information security-related inquiries and requests.
• Collaborate with Engineering teams and other functions, to ensure security measures are integrated into all aspects of Product delivery and the organization.
• Provide training and best practice security recommendations to Engineering and other teams within ION.
• Stay up to date with the latest security trends, technologies, and threats.
• Prepare and present reports on security incidents and mitigation efforts to management

Required Skills, Experience and Education :

• Bachelors degree in computer science, Information Technology with a specialization in Information security.
• 3+Yrs Proven experience as a Security Analyst or in a similar role.
• Strong knowledge of security protocols, systems, and methodologies.
• Fundamental programming/scripting capabilities (eg Python, PowerShell, Bash, etc)
• Experience with security tools such as firewalls, intrusion detection systems, and antivirus software.
• Familiarity with regulatory requirements and industry standards (eg, GDPR, ISO 27001).
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Relevant certifications (eg, CISSP, CISM, CEH) are a plus.