Role Overview
We are seeking a proactive and detail-oriented Information Security Analyst to strengthen our organization's security posture and ensure compliance with industry standards and regulatory requirements.
The ideal candidate will be responsible for managing security operations, monitoring threats, supporting audits, implementing security controls, and safeguarding organizational data and infrastructure across cloud and on-premises environments.
If you have experience in information security governance, incident response, vulnerability management, cloud security, compliance frameworks, and security monitoring, we'd love to hear from you.
Key Responsibilities:
Information Security Governance
✔ Maintain and enhance information security policies, standards, procedures, and controls.
✔ Ensure alignment with security frameworks including SOC 1, SOC 2, and ISO 27001.
✔ Support implementation and continuous improvement of the Information Security Management System (ISMS).
Access Management & Identity Security
✔ Manage user provisioning and de-provisioning processes.
✔ Administer Role-Based Access Control (RBAC) and Multi-Factor Authentication (MFA).
✔ Conduct periodic user access reviews and privileged account management.
✔ Ensure adherence to the principle of least privilege.
Security Monitoring & Threat Detection
✔ Monitor security events through SIEM, EDR, IDS/IPS, and cloud security platforms.
✔ Investigate suspicious activities, alerts, and security incidents.
✔ Analyze logs and security events to identify potential threats and vulnerabilities.
Incident Response Management
✔ Identify, contain, investigate, and remediate information security incidents.
✔ Maintain incident records, evidence, and root cause analysis documentation.
✔ Coordinate with internal stakeholders during incident response activities.
✔ Support post-incident reviews and corrective actions.
Vulnerability & Patch Management
✔ Conduct vulnerability assessments and coordinate remediation efforts.
✔ Track and monitor security findings until closure.
✔ Ensure timely deployment of security patches across servers, endpoints, and cloud environments.
✔ Validate remediation effectiveness through follow-up assessments.
Cloud Security Management
✔ Secure cloud environments including Azure, AWS, OCI, or equivalent platforms.
✔ Review cloud configurations, access controls, encryption settings, and security policies.
✔ Monitor cloud security posture and recommend improvements.
✔ Ensure compliance with cloud security best practices.
Network & Infrastructure Security
✔ Manage and monitor firewalls, VPNs, WAFs, and network segmentation controls.
✔ Support secure network architecture and infrastructure hardening initiatives.
✔ Conduct periodic reviews of network security configurations.
Data Protection & Compliance
✔ Implement and maintain encryption controls for data at rest and data in transit.
✔ Support Data Loss Prevention (DLP) initiatives.
✔ Support internal and external audits including SOC 1, SOC 2, and ISO 27001 assessments.
✔ Collect audit evidence and maintain compliance documentation.
Risk Management & Security Awareness
✔ Conduct information security risk assessments and vendor security reviews.
✔ Develop risk treatment plans and track mitigation activities.
✔ Conduct security awareness training programs and phishing simulations.
✔ Prepare security dashboards, KPI reports, and management presentations.
Skills & Competencies:
Required Skills
✔ Strong understanding of Information Security principles and best practices.
✔ Knowledge of SOC 1, SOC 2, ISO 27001, and related compliance frameworks.
✔ Experience with SIEM, EDR, IDS/IPS, DLP, MFA, and IAM solutions.
✔ Understanding of cloud security concepts across Azure, AWS, OCI, or similar platforms.
✔ Knowledge of vulnerability management and incident response processes.
✔ Familiarity with network security technologies including firewalls, VPNs, and WAFs.
✔ Strong analytical, troubleshooting, and problem-solving skills.
✔ Excellent documentation and communication abilities.
Technical & Behavioral Competencies
✔ Experience working with security monitoring and incident response tools.
✔ Understanding of cloud, network, endpoint, and infrastructure security controls.
✔ Strong risk assessment and compliance management capabilities.
✔ Ability to investigate security incidents and recommend corrective actions.
✔ Collaborative mindset with the ability to work cross-functionally.
✔ Ability to manage multiple priorities and meet deadlines effectively.
Qualifications & Experience:
• Bachelor's degree in Information Security, Cybersecurity, Computer Science, Information Technology, or a related field.
• 2–5 years of experience in Information Security, Cybersecurity, or IT Security.
• Strong understanding of information security governance and compliance frameworks.
• Experience with security monitoring, incident response, vulnerability management, and cloud security.
• Knowledge of SOC 1, SOC 2, ISO 27001, and security audit processes.
Preferred Qualifications:
• ISO 27001 Lead Implementer or Internal Auditor Certification.
• CompTIA Security+.
• CEH (Certified Ethical Hacker).
• CISSP (Preferred for senior roles).
• Microsoft, AWS, OCI, or Cloud Security Certifications.
• Experience supporting security audits and compliance assessments.
• Familiarity with Data Loss Prevention (DLP), IAM, SIEM, and EDR platforms.
What Success Looks Like:
✔ Strong security governance and compliance posture.
✔ Timely detection and response to security incidents.
✔ Reduced security vulnerabilities and organizational risks.
✔ Successful completion of audits and compliance reviews.
✔ Enhanced cloud, network, endpoint, and infrastructure security.
✔ Improved employee security awareness and compliance.
✔ Effective security reporting and management visibility.
Hiring Process:
1. HR Screening
2. Interview Round
3. Final Discussion
4. Offer Rollout
Perks & Rewards:
• Attractive Incentives & Performance Rewards
• Monthly & Quarterly Recognition Programs
• Festival Celebrations & Team Engagement Activities
• Employee Appreciation Programs
• Growth-Based Salary Reviews
• Competitive Compensation Package
• Supportive & Positive Work Environment
• Work-Life Balance Initiatives
Employee Benefits:
• Paid Leaves & Holidays
• Career Development Support
• Friendly & Inclusive Workplace
• Team Outings & Engagement Activities
• Exposure to Leadership & Strategic Projects
• Internal Growth Opportunities
