Information Security Analyst

General Position Description:
The Information Security Engineer, under the guidance of the Chief Information Security Officer, will drive periodic security assessments, security policy enforcement, design and implementation and operation of security controls and systems, and incident response. The essential functions of the position include, but are not limited to the following duties consistent with the Information Security Engineer position.

Essential Job Functions:

• Be part of team that design, protects and manages, security services for companies’ global security infrastructure.
• Engineer and tune the cloud security solutions including but not limited to enrollments, monitoring, alerting and maintaining defined security posture.
• Implementation, development and integration of security solutions like IDS, Identity and Access Management systems, Firewalls and other related security controls and technologies.
• Engage in technical design of solutions based on use cases and business requirements
• Participate in proof of concepts and other technical evaluations of technologies, designs and solutions and provide recommendations
• Stay abreast of emerging technologies and threats proactively assess and evaluate the adoption thereof into the organization
• Reduce time-to-detect and time-to-remediate by driving the automation of applied threat intelligence and sensor enrichment
• Recommend appropriate system enhancements to improve the overall
  security posture.
• Assist in the development and review of security standards and practices
• Maintain expertise to function as the subject matter expert in all security-related areas.
• Review and analyze configurations, architecture and implementations to verify compliance with security standards and practices.
• Ensure systems and solutions are as per prescribed policies and are aligned with appropriate industry compliance standards.
• Research and resolve IT security compliance issues.
• Assist in the development of appropriate security metrics and key
  performance indicators.

Qualifications

Skills: Requires excellent interpersonal, problem solving, and written and verbal
communication skills. Must be able to demonstrate flexibility, self-motivation and initiative. Requires the ability to work under pressure in a fast-paced environment and be able to multi-task effectively. Must be detail-oriented, customer-focused and able to work in a team environment. The candidate needs to understand the business reason for analysis and comfortably navigate through the technical details. Additional skills with applications and tools that directly pertain to the information security/vulnerability assessment and compliance arena are highly desirable.

Experience:
At least 5 years overall Information Technology experience within the Information Security area.

Specific technical experience includes:

• Firewall and Intrusion Detection technologies
• TCP/IP networking
• Experience in securing Linux
• Scripting languages and command line interfaces beneficial
• Risk and vulnerability assessments (network, host, application),
• SIEM familiarity
• Fortinet
• Firepower IDS
• Cloud (AWS, GCP)
  
  

Must be able to effectively evaluate technical security controls in place on information systems and make management recommendations. Strong understanding of information security engineering processes, architecture methodologies, industry best practices and
governance models (SANS, GIAC, COBIT, NIST etc) and generally accepted security principles.

Education: Bachelor's degree or equivalent experience.

Certifications:
(cloud security certifications), CCNA, CISSP desirable

Experience with SOC, ISO and other attestation and certification reviews a plus.

Working Arrangements

This is a Hybrid position with weekly time in the office with the flexibility of working from home. Though travel may be required from time to time, it is not expected to be regular or frequent. The role holder will be expected to work whatever hours are necessary for the performance of this role (recognizing that it involves multiple jurisdictions/geographies including but not limited to EMEA, USA and APAC).

IMPORTANT DATA PRIVACY INFORMATION:

This position is available with PICO TECHNOLOGY INDIA PRIVATE LIMITED . The controller of your personal data will be PICO TECHNOLOGY INDIA PRIVATE LIMITED

For further information on what personal data we collect, how we will process your personal data and your rights with respect to your personal data please read our Pico Job Candidate Privacy Notice, View Here.