Job Description Information Security Engineer / Security Analyst
Job Location Arjan Garh
On-site
Role Summary
Responsible for vulnerability assessment, security monitoring, incident management, compliance activities, and maintaining the organization's overall security posture.
Key Responsibilities
- Perform VAPT for web apps & infrastructure using Burp Suite, Nmap, OWASP ZAP, OpenVAS.
- Identify, validate, and report vulnerabilities as per OWASP Top 10 & CVSS.
- Monitor security alerts through Wazuh SIEM and handle incidents as per defined SLAs.
- Support ISO 27001 & 27701 audits, client security assessments, and evidence collection.
- Prepare security documentation (policies, checklists, incident reports, VAPT reports).
- Coordinate with vendors for black-box/grey-box testing and with clients during audits.
- Assist with basic AWS security reviews, IAM checks, SG reviews, and Secret Manager.
- Maintain vulnerability tracker, incident register, and key management logs.
Requirements
- 23 years of experience in Information Security/VAPT.
- Hands-on experience with Burp Suite, Nmap, OWASP ZAP, Wazuh, OpenVAS.
- Strong understanding of OWASP Top 10, CVSS, SIEM operations, and basic AWS security.
- Good documentation and communication skills.
Nice To Have
- Experience in fintech/API-based products.
- Familiarity with Fortinet/Reticen8 firewalls.
- Certifications: CEH, ISO 27001 LA/LI, Security+, AWS Security (optional).
To apply reach out on https://www.linkedin.com/in/preeti-bisht-1633b1263/
Skills:- Audit, VAPT, ISO27001 and WAZUH
