Job Title: Information Security Analyst 
Education: Any Degree
Location: Mumbai 
Experience: 5+ years 

Key Skills: IISSP, CEH, CompTIA Security+(Plus), Cyber Security Fundamental Certification.

Information Security analyst/Sr. analyst/lead reports to Sr. Director  - Information Security and Compliance. Information Security analyst position's core responsibilities are to conduct technical Information Security assessments and reporting using security management tool, Risk assessment through the information Security Management System and related ISO control framework. 

Required Skills:

Technical Compliance review:

Proactive log reviewing and monitoring of the system's security and application log, network devices log to determine compliance with device logging requirements using Lumen SIEM and manage incidents and produce compliance report. Perform health check for perimeter devices on daily basis and perform regular review of events reported on EDR. Perform regular review of Endpoint protection, Web events, DLP and USB logs and produce compliance report.  Monitor and act on events of CASB tool (Web, DLP, Malware) Perform regular review of events from various security operations tools and act on non-compliance issues. Manage internal vulnerability scan using tool, produce weekly report and follow up on remediations. Review Patch management per defined policy and procedures on defined frequencies and identify failures. Conduct periodic review of user access management for servers and network devices/appliances on defined frequencies including account status changes e.g. active to disable, disable to delete. Conduct periodic assessment based on defined Information system control checklist by performing sample config reviews on Network device, servers and workstations. Participate in Risk assessment exercise based on defined calendar. Review the following operation security per defined policy and procedures. Change management. Capacity management. Backup and restoration management. Logging and Monitoring including Protection of logs. Technical vulnerability management. Review the asset management per defined policy and procedure and identify gaps Acts as an information Security coordinator and participate in all activities relating to contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties. Initiate security measures and drive initiatives in compliance with the security standards applicable  Monitor, manage and improve the effectiveness of the controls proactively identify opportunities to improve the quality of reporting and usability of the available information. Provide reporting and metrics to the Information Security team on a defined frequency to show results of the above activities.

Security operation and Incident Management:

Event monitoring, correlation, event analysis, investigate and remediation of security events. Use strong TCP/IP networking skills to participate in security incident troubleshooting. Resolve problems independently and understand escalation procedure. Monitoring security events from the various SOC entry based on the security event severity, escalate to Vendor/Customer/Product Development as appropriate to perform further investigation and resolution. Experience with tuning and optimization of SIEM rule sets, use cases (Ability to create and improve SIEM rules) Develop appropriate metrics to measure effectiveness of SOC alerts, tickets closure. Develop executive metrics summary on SOC alerts to management. Staying up-to-date with emerging security threats including applicable regulatory security requirements. Knowledge in security products such as Firewalls, IPS, DLP, and next gen devices is preferred. Recommend enhancements to SOC security process, procedures and policies. Periodically review security events/incidents and ensure that they are classified appropriately, prioritize and escalated within the defined timelines. Track and monitor strategy to achieve operational excellence through automation. Escalate critical incidents that require management attention in a timely manner and provide timely updates. Communicate effectively with customers, teammates, and management. Ability to quickly adapt and master new technology/processes as per the business/partner requirement.

Below listed skill good to have:

Good knowledge and experience of Security Monitoring tools Good knowledge and experience of Cyber Incident Response Good knowledge and experience of Cyber Threat Intelligence and the role it plays Experience with anti-virus software, open DNS & firewalls Relevant professional experience including working knowledge or high level awareness of the following technologies: Log Management and Event Management Firewalls, Routers  Network Analysis Tools (e.g. Netwitness, Wireshark, packet Tracer, etc.) Windows Management (e.g. WSUS, SCCM, Automox, Active Directory, Group Policy Objects, etc.) Vulnerability Management and Penetration Testing Tools Operating Systems (e.g. Windows Server 2008/2012, CentOS Linux, OSX, etc.)

Vulnerability Assessment Penetration Testing:

Creation of Vulnerability Assessment Penetration Testing calendar for Critical Infrastructure. Ensure Vulnerability Assessments testing are performed in defined timelines for Internal and External vulnerability Scan. Escalation of SLA violation issues to senior management. Creation of Dashboards and publishing the same on regular interval.

Vendor Management:

Creation of vendor evaluation criteria for selection of Vendor for management of Application Security Assessment. Conducting POC of various Security technologies and providing Assessment report/ recommendations.

Skills and Experience:

At least 5 years of full-time work experience in information security management and/or related functions (such as IT audit and Risk Management). Technical ability to develop reports in various IT and security management systems. Good exposure with conducting the technical assessment of Information Security Audits. Knowledge and experience of information security, cyber security "best practices," such as ISO 27001/27002, PCI-DSS, Data Protection and Privacy. In-depth knowledge of security systems and applications and a strong foundation in core area of security (e.g. OS hardening, DB hardening, Active Directory, Firewalls, IDS, IPS, Router, DLP, network and perimeter defense) is preferred. Experience in Business Continuity and Disaster Recovery.

The successful candidate will possess the following attributes:

Interpersonal skills - ability to build strong relationships with internal team members and to work across the organization to achieve results. Professional communication skills - Ability to work effectively with mid and senior level contacts face to face, electronically and over the phone. Integrity - Words and actions are always consistent and behaviour is always in accordance with highest ethical standards. Technical acumen - Ability to grasp technical concepts and establish credibility with technical contacts. Strong ability to troubleshoot issues and provide resolution. Customer service oriented Process orientation - Ability to recognize process deficiencies and implement improvements.

Qualifications:

A Security Certification in leading/implementing security standards such as CISSP, CEH, CompTIA Security+(Plus), Cyber Security Fundamental Certification are preferred for this position.