Security Information Analyst

Brief Description:

  • Perform regular security audits in Applications/Products/Environment.
  • Create documents.
  • Conduct vulnerability assessment in products.
  • Build a security service to make better platforms and products in terms of security.
  • Constantly update security policy based on current trends and new zero-days released.
  • Create/Automate security tools to eliminate basic manual security audits.
  • Actively work with engineering teams to provide guidelines about secure environment setup.
  • Create security principles for the required products and architecture.

Preferred Skills:

  • Must have 2-4 years of experience.
  • The candidate should be passionate about cybersecurity.
  • The candidate should be aware of security problems and participate in the security community.
  • Should have basic knowledge of security testing and security tools like BurpSuite, Nikto, Amaas, Nmap, Metasploit, OwaspZap.
  • Should have a proper understanding of the common exploitation process.
  • Hands-on experience with security tools and/or relevant experience in security tools.
  • Understanding basic networking concepts.
  • Understanding basic web application and mobile application development process and security problems.
  • Should know basic security problems and mitigation steps.

You will have an advantage if you:

  • Certifications like CEH, OSCP, etc., are advantageous but not desirable.
  • Participating in Bug Bounty or RDP or VDP experience.
  • If the candidate released a zero-day, security report to a company or having a hall of fame.
  • Knowledge of various services like AWS, Azure, Confluence, Jira, Jenkins, and servers like Ubuntu, IIS, Jetty.
  • Knowledge of Firewalls, CDNs, Proxy, Load Balancers.