Security Analyst

Job Description

In this role, you will be a critical part of our security team, acting as the bridge between engineering, IT, and security departments to shape and execute Vulnerability Management processes. You will conduct in-depth software design and code reviews, perform application security testing, and implement vulnerability management practices to protect the Customer’s ecosystem. This role involves proactive security testing, research on advanced threats, and close collaboration with Engineering, as well-as DevOps and IT to integrate security best practices across CI / CD pipeline.

Experience – 6 to 8 Years

Location – Whitefield, Bangalore

Work Mode – Hybrid

Employment Mode – F u l l Time

Key Responsibilities

Vulnerability Management and Collaboration :

Conduct regular vulnerability assessments and penetration testing on network, application, and infrastructure components.

Analyse and prioritize vulnerabilities based on risk and potential impact.

Monitor and respond to security incidents and alerts.

Generate detailed reports on vulnerability findings and remediation efforts for management and stakeholders.

Participate in security audits and compliance initiatives as required .

Threat Research and Response : Maintain up-to-date knowledge of the latest cybersecurity trends, threats, and technology solutions.

Security Integration in Engineering, IT and DevOps : Collaborate with Engineering, IT, Development and DevOps teams to seamlessly integrate vulnerability management practices into CI / CD pipelines, automating security reviews to proactively identify and mitigate vulnerabilities.

Skills and Qualifications

Core Knowledge : Solid experience in vulnerability management with a strong understanding of the OWASP Top 10 and mitigation strategies.

Technical Proficiency : Skilled in using commercial and open-source security tools and frameworks, such as Snyk , Nessus, Burp Suite, Metasploit, Kali Linux, WebInspect , SoapUI Pro, Nmap, SQLmap , and OWASP ZAP.

Application Security Expertise : Proficient in secure code reviews, manual security testing, API testing, and application security.

Development Team Collaboration : Ability to enhance security awareness and secure coding practices within development teams.

Security Domains : Knowledgeable in network security, infrastructure security, and application security.

Web Application Security : Hands-on experience in web application security assessments, including identifying SQL injection, XSS, security misconfigurations, CSRF, and system vulnerabilities.

Requirements

Minimum Requirements

Education : Bachelor’s degree (B.E. / B.Tech . or equivalent) in Computer Science or related field.

Experience : 5 to 8 years in Vulnerability Assessment, Penetration Testing, and Secure S oftware Configuration Review.

Specialized Skills :

Experience in Red Teaming and proficient in conducting security reviews.

Strong understanding of common vulnerabilities and exposure (CVE), Common Vulnerability Scoring System (CVSS), and vulnerability management tools (e.g., Nessus, Qualys, Rapid7).

Experience with scripting languages (e.g., Python, PowerShell) and automation of security tasks.

Certifications (Preferred) : CEH, OSCP, CISSP or similar.

Desired Attributes :

Proactive and self-motivated with a keen eye for detail.

Ability to work independently and as part of a team.

Strong organizational skills with the ability to manage multiple tasks and projects simultaneously.

Commitment to continuous learning and professional development.

Requirements

Key Responsibilities Vulnerability Management and Collaboration : Conduct regular vulnerability assessments and penetration testing on network, application, and infrastructure components. Analyse and prioritize vulnerabilities based on risk and potential impact. Monitor and respond to security incidents and alerts. Generate detailed reports on vulnerability findings and remediation efforts for management and stakeholders. Participate in security audits and compliance initiatives as required. Threat Research and Response : Maintain up-to-date knowledge of the latest cybersecurity trends, threats, and technology solutions. Security Integration in Engineering, IT and DevOps : Collaborate with Engineering, IT, Development and DevOps teams to seamlessly integrate vulnerability management practices into CI / CD pipelines, automating security reviews to proactively identify and mitigate vulnerabilities. Skills and Qualifications Core Knowledge : Solid experience in vulnerability management with a strong understanding of the OWASP Top 10 and mitigation strategies. Technical Proficiency : Skilled in using commercial and open-source security tools and frameworks, such as Snyk, Nessus, Burp Suite, Metasploit, Kali Linux, WebInspect, SoapUI Pro, Nmap, SQLmap, and OWASP ZAP. Application Security Expertise : Proficient in secure code reviews, manual security testing, API testing, and application security. Development Team Collaboration : Ability to enhance security awareness and secure coding practices within development teams. Security Domains : Knowledgeable in network security, infrastructure security, and application security. Web Application Security : Hands-on experience in web application security assessments, including identifying SQL injection, XSS, security misconfigurations, CSRF, and system vulnerabilities.