Security Analyst

Position Title: Senior Cybersecurity Analyst

Position Purpose: The Senior Cybersecurity Analyst plays a pivotal role in executing the cybersecurity strategy to safeguard the company's digital assets and operations. Reporting directly to the Chief Information Security Officer (CISO), this role involves hands-on implementation of cybersecurity initiatives and ensuring compliance with security policies and procedures.

Essential Functions:

Conduct periodic cybersecurity activities as defined in the cybersecurity roadmap.

Maintain and update knowledge base documentation related to cybersecurity protocols and procedures.

Contribute to the development and enhancement of cybersecurity policies and procedures.

Monitor and optimize cybersecurity solutions to mitigate risks and threats effectively.

Generate comprehensive cybersecurity reports for stakeholders and management.

Perform vulnerability assessments and participate in risk assessment activities.

Collaborate with cross-functional teams to promote cybersecurity synergies and proactive monitoring.

Define and measure Key Performance Indicators (KPIs) related to cybersecurity performance.

Execute cybersecurity training programs for employees to enhance awareness and compliance.

Develop and maintain Incident Response playbooks and participate in incident response activities.

Verify and ensure the security posture of third-party vendors aligns with company security standards.

Education:

Bachelor’s degree in Computer Science, Information Technology, Engineering, or a related field.

Industry certifications in security and technical domains (e.g., CEH, OSCP, GIAC) are advantageous.

Years of Experience:

4-6 years of experience as an Information Security Analyst.

Hands-on experience in vulnerability assessments, penetration testing, and collaborating with technical teams, legal, and internal audit.

Special Knowledge/Skills:

Proficiency in security technologies including VA/PT, WAPT, XDR, firewalls, intrusion prevention, web filtering, and log monitoring.

Strong understanding of security concepts such as network segmentation, DMZ, tiered architecture, and cryptography.

Expertise in Active Directory, networking, GNU/Linux, and scripting languages.

Familiarity with SIEM solutions and incident response protocols.

Additional Skills:

Critical thinking and problem-solving skills to address complex cybersecurity challenges.

Result-oriented with strong analytical capabilities.

Proactive, self-motivated, detail-oriented, and able to work effectively in a team environment.