Information Security Analyst

Role Overview

We are seeking an Information Security professional with 2–4 years of experience to conduct security assessments, identify vulnerabilities, and enhance our overall security posture.

While the primary focus of this role is InfoSec and security audit activities, it also includes selective QA responsibilities to ensure application quality and reliability.

This hybrid position is ideal for candidates who have hands-on security testing experience along with a strong grounding in QA principles.

Key Responsibilities

• Perform application, network, and infrastructure security assessments.
• Conduct vulnerability scanning and basic penetration testing using tools such as Burp Suite, OWASP ZAP, Nessus, and Nmap.
• Identify, analyze, and document security risks aligned with OWASP Top 10, NIST, and other industry standards.
• Conduct configuration reviews, access control audits, and compliance checks.
• Monitor, triage, and investigate potential security incidents or threats.
• Prepare detailed security assessment reports and recommend actionable remediation steps.
• Work closely with development and DevOps teams to support secure SDLC practices and remediation of findings.
• Assist with internal and external audits, including ISO 27001, SOC, and other compliance frameworks.
• Support QA activities by preparing and executing functional and regression test cases when required.
• Perform basic API testing, UI validation, and data integrity checks.
• Verify fixes for security vulnerabilities or other high-priority issues.
• Contribute to improving test coverage, documentation quality, and overall product reliability.

Required Qualifications

Preferred Qualifications