Information Security Analyst
Newfold Digital · Mumbai Metropolitan Region
- On site
- Full-time
- $95,000 / year
- Mumbai Metropolitan Region
Job highlights
- Monitor systems and networks for security issues.
- Install security software and perform testing.
- Assess risks and support business continuity.
- Respond to security incidents and contain risk.
- Develop and maintain security control framework.
About the role
About The Role
The Information Security Analyst is responsible for the day-to-day monitoring of systems and networks for security issues, installing security software, documenting security issues or breaches and performing security testing for company systems. The Information Security Analyst may perform risk assessments, support business continuity, review system configuration and compliance with security requirements, perform incident logging and reporting, security operations, and end user security administration and system access.
What you’ll do & how you’ll make your mark:
- Identifies and ensures mitigation of information security risks within the organization
- Evaluates projects to ensure proper security requirements and actively with corporate-wide information security project planning and documentation of divisional and corporate projects
- Assists with internal and external IT audits. Support processes for identification, collection and review of relevant data and assist with defining control recommendations that are both efficient and effective.
- Reviews requests for adherence to security policies, assuring requests are executed correctly
- Identifies security incidents and responds to ensure risk is contained
- Maintains integrity of security controls based on toolsets as well as support their updates and use
- Develops and analyzes security reports and reports security incidents to compliance staff and department leadership
- Monitors audit system to find security violations, vulnerabilities, and abnormalities
- Develops and maintains security control framework, which includes security policies, standards, practices, and guidelines
Who you are & what you’ll need to succeed:
- Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security)
- Must be well versed in operating systems such as Linux as well as Windows environments, Active Directory, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks, Threat and vulnerability management
- Experience with vulnerability scanners, vulnerability management systems, patch management and host-based security systems
- Knowledge of networking and the common network protocols
- Demonstrated ability to create scripts to automate processes in PowerShell, Python or Bash
- Demonstrated ability to perform static and dynamic malware analysis
- Demonstrated ability to analyze large data sets and identify anomalies
- Demonstrated ability to quickly create and deploy countermeasures under pressure
- Familiarity with common infrastructure systems that can be used as enforcement points
- Building Effective Relationships: Develop and use collaborative relationships to facilitate the accomplishment of work goals
- Project Management skill is a plus
- Experience working with cloud technologies (AWS, Azure, SaaS, etc.) is highly desired with a focus on Oracle’s OCI being most desirable
- Ability to take internal vulnerability, threat intelligence and other sources of data and report on it, at scale for large scale tracking and remediation
Role Level & Qualifications:
- Intermediate professional role
- Moderate skills with high level of proficiency. Works under general supervision with increased latitude for independent judgment.
- Identifies non-routine issues and routes/escalates to appropriate team member.
- Works on multiple concurrent projects of medium complexity. Is an active team member, contributes to complex projects to gain experience, shares ideas and suggests process improvements appropriate for level of experience.
- Consults with senior peers on semi-complex processes to learn through experience.
- Typically requires a minimum of 3 - 5 years of experience in security-related fields or related disciplines.
- A degree in Information Technology, Computer Science or related field is highly desirable.
- Certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CEH (Certified Ethical Hacker), CompTIA Security+ is highly desired.
Key skills/competency
- Information Security Analyst
- Risk Management
- Vulnerability Management
- Incident Response
- Security Audits
- Network Security
- Access Control
- Encryption
- Security Testing
- Compliance
Skills & topics
- Information Security Analyst
- Security
- Analyst
- Risk Management
- Vulnerability Management
- Incident Response
- Network Security
- Cybersecurity
- IT Security
- Information Technology
How to get hired
- Tailor your resume: Highlight experience with security controls, operating systems, and scripting languages relevant to the Information Security Analyst role.
- Showcase technical skills: Emphasize experience with vulnerability scanners, threat intelligence, and cloud technologies like AWS or Azure.
- Prepare for technical interviews: Be ready to discuss security concepts, incident response scenarios, and scripting automation.
- Demonstrate understanding of Newfold Digital: Research their brands and how security supports their mission to help customers build digital presences.
Technical preparation
Master Linux and Windows environments.,Practice scripting in PowerShell, Python, or Bash.,Study encryption schemas and authentication mechanisms.,Familiarize with vulnerability scanners and cloud platforms.
Behavioral questions
Describe a time you mitigated a security risk.,How do you handle security incidents under pressure?,Explain your approach to collaborative problem-solving.,How do you ensure adherence to security policies?
Frequently asked questions
- What are the key responsibilities for an Information Security Analyst at Newfold Digital?
- Key responsibilities include monitoring systems for security issues, installing security software, performing security testing, assessing risks, documenting breaches, and responding to security incidents. You will also assist with IT audits and maintain security control frameworks.
- What technical skills are most important for an Information Security Analyst at Newfold Digital?
- Strong knowledge of operating systems (Linux, Windows), Active Directory, encryption, authentication mechanisms, TCP/IP networks, and threat/vulnerability management is crucial. Experience with vulnerability scanners, scripting (PowerShell, Python, Bash), and cloud technologies (AWS, Azure) is highly desired.
- What certifications are beneficial for this Information Security Analyst role at Newfold Digital?
- Certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable and can significantly strengthen your application for the Information Security Analyst position.
- How much experience is typically required for the Information Security Analyst position at Newfold Digital?
- Typically, a minimum of 3 to 5 years of experience in security-related fields or related disciplines is required for this intermediate professional role.
- Does Newfold Digital prefer a specific degree for the Information Security Analyst role?
- A degree in Information Technology, Computer Science, or a related field is highly desirable for the Information Security Analyst position at Newfold Digital.
- What is the work environment like for an Information Security Analyst at Newfold Digital?
- This is an intermediate professional role where you will work under general supervision, with latitude for independent judgment. You will be involved in multiple concurrent projects of medium complexity and collaborate with senior peers.
- What is the significance of Oracle's OCI for this Information Security Analyst role?
- Experience with cloud technologies is highly desired, with a specific focus on Oracle's OCI being most desirable. This suggests OCI may be a primary cloud platform used by Newfold Digital.