Information Security Analyst

Company Overview

Pinnacle Infotech values inclusive growth in an agile, diverse environment. With 30+ years of global experience, 3,400+ experts completed 15,000+ projects across 43+ countries for 5,000+ clients. Join us for rapid advancement, cutting-edge training, and impactful global projects. Embrace E.A.R.T.H. values, celebrate uniqueness, and drive swift career growth with Pinnaclites!

No. of open Position-

2 Openings

• 1 – Information Security Engineer
• 1 – Security Analyst

Experience:

• Security Analyst: 2+ years of relevant experience
• Senior Security Analyst / Engineer: 4+ years of relevant experience

Qualifications:

• Bachelor's degree in B.Tech / BE / MCA or equivalent
• Relevant certifications (preferred):
• ISO 27001 Lead Implementer/Auditor
• CEH, CISSP, CISM (added advantage)

Location- Madurai, Tamil Nadu/ Jaipur, Rajasthan

Qualification- B.Tech/B.E/Any Master Degree (CS, IT, EEE, ECE)

Job Summary:

We are seeking a highly skilled Information Security Engineer / Security Analyst to safeguard our organization's IT infrastructure, systems, and data against evolving cyber threats. The role involves implementing robust security measures, ensuring compliance with industry standards, and proactively identifying and mitigating risks.

Key Responsibilities:

Information Security Governance & ISMS

• Implement and maintain the Information Security Management System (ISMS) aligned with ISO/IEC 27001.
• Conduct risk assessments and manage risk treatment plans.
• Ensure compliance with ISO 27001 Annex A controls and other frameworks (NIST, CIS).
• Develop, review, and enforce security policies, procedures, and standards.
• Perform gap analysis and drive corrective actions for compliance readiness.
• Coordinate internal and external security audits.

Security Operations & Incident Management

• Monitor systems and networks for security threats and suspicious activities.
• Manage security incidents, conduct root cause analysis, and implement preventive measures.
• Handle vulnerability management, including scanning, reporting, and remediation tracking.
• Collaborate with internal stakeholders and external partners for incident response.

Infrastructure & Technology Security

• Manage and configure security tools such as SIEM, Firewalls, IDS/IPS, VPNs, and Endpoint Protection.
• Ensure secure architecture across cloud (AWS/Azure/GCP), SaaS, and on-prem environments.
• Apply security-by-design principles in system implementations.

Risk & Compliance

• Perform periodic risk assessments and recommend mitigation strategies.
• Maintain documentation such as risk registers, audit reports, and Statement of Applicability (SoA).
• Work closely with IT, Legal, and Compliance teams to ensure regulatory adherence.

Awareness & Training

• Conduct information security awareness sessions for employees.
• Stay updated on emerging cybersecurity threats, tools, and best practices.

Required Skills & Competencies

• Strong knowledge of ISO/IEC 27001 ISMS framework
• Experience in risk management and governance
• Understanding of network security, cryptography, and system security
• Hands-on experience with:
• SIEM tools
• Firewalls, IDS/IPS
• Vulnerability tools (Nessus, Qualys, etc.)
• Knowledge of cloud security (AWS, Azure, or GCP)
• Familiarity with incident management & vulnerability management
• Basic scripting knowledge (Python, Bash, or PowerShell) is an added advantage
• Strong documentation and policy drafting skills

Location & Work Mode:

• Location: Jaipur / Madurai (Hybrid)
• Work Mode: Hybrid (as per business requirement)

Key Attributes

• Strong analytical and problem-solving skills
• Good communication and stakeholder management
• Ability to work in a fast-paced and evolving environment

Interested candidates, kindly share your resume at [Confidential Information]