INFORMATION SECURITY ANALYST

• Minimum of 3 years’ experience in the Information Security or Cybersecurity domain.
• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field.
• Strong understanding of information security principles, governance, IT audit, and risk management practices.
• Familiar with risk assessment tools, technologies, and risk mitigation techniques.
• Practical experience working with security technologies, including SIEM systems, antivirus and antimalware platforms, Intrusion Detection Systems (IDS), Web Application Firewalls (WAF), and DDoS mitigation solutions.
• Possesses professional certifications, such as Certified Ethical Hacker (CEH), CompTIA Security+, or other equivalent security certifications.

• Conduct Internal Vulnerability Assessment and Penetration Testing (VAPT) as per organizational requirements.

• Coordinate and manage External VAPT activities with third-party audit teams.

• Maintain and ensure all security policy documents, forms, and compliance artifacts are up to date.

• Carry out regular security audits and inspections to ensure full adherence to internal and external security standards.

• Review and analyze security events in the SIEM platform and take necessary remediation actions.

• Perform incident investigations using SIEM and other security monitoring tools.

• Research and assess emerging threats to the systems and networks, and propose or apply mitigation strategies.

• Support the deployment and updating of security technologies, including patch management.

• Follow and help implement standardized procedures to detect, respond to, and report on IT threats across infrastructure, applications, and assets.

• Plan, develop, and deliver security awareness training for employees and stakeholders.

We’re looking for an experienced Information Security Specialist to lead vulnerability assessments, coordinate penetration testing, monitor security systems, and enforce compliance. The ideal candidate has strong technical skills with security tools, a solid understanding of risk management, and relevant certifications.