IT Security Analyst [Hybrid Setup]

Audit and Compliance:

• Plan and execute risk-based audits to evaluate the adequacy and effectiveness of internal controls.
• Conduct compliance reviews and audits to ensure alignment with frameworks such as ISO 27001, SOC2, NIST, PCI-DSS, and CIS.
• Assist clients in developing security standards, policies, and roadmaps to enhance their security posture.
• Identify, document, and recommend actionable controls to mitigate identified risks.

Advisory Services:

• Deliver tailored recommendations and insights to improve security practices and address compliance gaps.
• Provide strategic advice to enhance processes, optimize security investments, and align with corporate demands.

Risk and Vulnerability Management:

• Conduct risk assessments, vulnerability scans, and validation testing for client environments.
• Support continuous improvement initiatives in vulnerability management, including processes and technology integration.
• Perform root-cause analyses for security issues and propose sustainable remediation strategies.

Security Awareness and Training:

• Facilitate security awareness campaigns and training programs to promote a security culture within client organizations.
• Provide advisory on emerging threats, trends, and best practices.
• Education – Bachelor’s Degree in IT, Computer Science, Engineering, or any related course
• Certifications: Preferred
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA).

• Certified Ethical Hacker (CEH), Certified Threat Intelligence Analyst (CTIA), GIAC Certified Incident Handler (GCIH), Offensive Security Certified Professional (OSCP).
• Related Work Experience – 2-3 years of hands-on experience in IT Support, Cybersecurity, or as a Security Analyst. Experience with industry frameworks such as ISO 27001, SOC2, PCI-DSS, and vulnerability management tools. Preferably with a background in Vulnerability Scanning.

Knowledgeable in the following:

• Knowledge of cloud platforms, data management, and security.
• Knowledge of different security frameworks such as ISO 27001, CIS, SOC2, NIST, PCI-DSS, and others.
• Understanding of user interface design and information architecture.
• Knowledge in Malware handling and anti-virus technologies.
• Basic understanding of Networking.
• Excellent communicator, able to understand issues and discuss them effectively among technical, software development, business development, and partner stakeholders
• Diplomacy, tact, and poise under pressure when working through customer issues.
• Skills in troubleshooting and analyzing problems
• Ability to work independently and with a cross-functional team.
• Must be adept to work in a fast-paced environment with tight SLAs.