No longer accepting applications

Security Vulnerability Analyst

ISAPune, Republic Of India, IN

13 days ago

Job description

ISA is a premier technology solution provider for the Aviation industry. We are backed by Air Arabia and headquartered in Sharjah, UAE, while the Research and Development center is located in Colombo, Sri Lanka and Pune, India. We are a 100% owned subsidiary of Air Arabia

Location : Pune

https : / / isa.Ae /

Address : Smartworks Building, Nexa Soft, Core Ops,5th Floor, 43EQ, Survey No 44, PLOT A, H. No. 8 / 1 (P, opp. Opp. Ravindranath Tagore School of Excellence, Balewadi, Pune, Maharashtra 411045

Job Title : Security Engineer (Penetration Tester)

Job Type : Full-time

Reports To : Security Architect

Job Overview :

We are seeking a highly skilled Security Engineer to design, implement, and manage the security architecture of our organization. The ideal candidate will be responsible for firewall and endpoint security, WAF implementation, VAPT, fraud investigation, dark web monitoring, brand monitoring, email security, and compliance enforcement . The role requires expertise in securing IT infrastructure, conducting risk assessments, ensuring compliance, and implementing Microsoft security layers to strengthen the organization's security posture.

Key Responsibilities :

1. Firewall, Endpoint & WAF Security

Design, configure, and manage firewalls (Palo Alto, Fortinet, Cisco ASA, Check Point).
Deploy and maintain Web Application Firewalls (WAF) for web security (Cloudflare, Imperva, AWS WAF).
Implement Endpoint Detection & Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, SentinelOne .
Conduct regular firewall rule audits, optimize configurations, and enforce Zero Trust principles .

2. Microsoft Security Layer Implementation

a. Microsoft Email Security

Configure and manage Microsoft Defender for Office 365 to protect against phishing, malware, and email threats.

Implement Safe Links, Safe Attachments, and Anti-Phishing policies .

Monitor and respond to email security alerts in Microsoft Security Portal .

Conduct email security threat hunting using Defender for O365 and advanced hunting queries.

b. Microsoft Endpoint Security

Deploy and manage Microsoft Defender for Endpoint (MDE) to protect corporate devices.

Enforce attack surface reduction (ASR) rules for endpoint protection.

Configure endpoint compliance policies using Microsoft Intune .

Implement DLP (Data Loss Prevention) policies to prevent data exfiltration.

c. Compliance & Risk Management

Implement and monitor Microsoft Purview Compliance Manager for risk assessment.

Enforce Information Protection & Encryption Policies using Microsoft Purview.

Configure and manage Conditional Access Policies in Microsoft Entra ID .

Ensure compliance with security frameworks like ISO 27001, NIST, CIS, and GDPR .

3. Dark Web Monitoring & Brand Protection

Monitor dark web forums, marketplaces, and underground networks for stolen credentials, data leaks, and insider threats.

Implement dark web intelligence tools such as Recorded Future, Digital Shadows, or Microsoft Defender Threat Intelligence.

Work with threat intelligence platforms to detect and respond to brand impersonation, phishing sites, and fraudulent domains .

Collaborate with legal and compliance teams to enforce takedowns of malicious content.

4. Fraudulent Incident Investigation & Threat Hunting

Investigate fraud incidents, phishing attempts, and business email compromise (BEC) .

Conduct forensic analysis on compromised endpoints, servers, and email accounts.

Develop and implement threat intelligence and threat hunting processes.

Work closely with SOC teams for incident response and mitigation .

5. VAPT & IT Security Operations

Perform Vulnerability Assessments & Penetration Testing (VAPT) on infrastructure, applications, and cloud environments.

Implement and manage intrusion detection / prevention systems (IDS / IPS) .

Monitor, analyze, and mitigate vulnerabilities from external and internal security scans .

Work with teams to remediate vulnerabilities and harden IT assets.

6. IT Security & Compliance Management

Develop and enforce security policies, standards, and procedures .

Implement Zero Trust Architecture and IAM policies .

Conduct security awareness training and phishing simulations.

Ensure compliance with ISO 27001, NIST, CIS, PCI-DSS, GDPR, and other industry standards .

Required Qualifications & Skills :

Technical Skills :

✅ Firewall & Network Security : Palo Alto, Fortinet, Cisco ASA, Check Point

✅ Microsoft Security Stack : Defender for Endpoint, Defender for Office 365, Intune, Purview Compliance

✅ Endpoint Security & EDR : Microsoft Defender, CrowdStrike, SentinelOne

✅ WAF & Web Security : Imperva, AWS WAF, Akamai, Cloudflare

✅ VAPT & Red Teaming : Burp Suite, Nessus, Metasploit, Kali Linux, OWASP ZAP

✅ SIEM & Threat Intelligence : Microsoft Sentinel, Splunk, QRadar, ELK Stack, MITRE ATT&CK

✅ Cloud Security : Azure Security Center, AWS Security Hub, GCP Security Command Center

✅ IAM & Zero Trust : Okta, Microsoft Entra ID, Conditional Access Policies, PAM

✅ Dark Web & Brand Monitoring : Recorded Future, Digital Shadows, Microsoft Defender Threat Intelligence

Soft Skills :

Strong analytical and problem-solving skills.

Excellent communication and stakeholder management abilities.

Ability to work independently and in cross-functional teams.

Proactive security mindset with attention to detail.

Certifications (Preferred, but not mandatory) :

️ CISSP – Certified Information Systems Security Professional

️ CEH – Certified Ethical Hacker

️ OSCP – Offensive Security Certified Professional

️ CISM / CISA – Certified Information Security Manager / Auditor

️ Microsoft Certified : Cybersecurity Architect (SC-100)

️ Microsoft Certified : Security Operations Analyst (SC-200)

️ Microsoft Certified : Information Protection Administrator (SC-400)

Experience Required :

🔹 5+ years of experience in IT Security, Cybersecurity, and Threat Intelligence .

🔹 Hands-on expertise in firewall management, endpoint security, WAF, email security, and compliance .

🔹 Strong experience in fraud investigation, dark web monitoring, and brand protection .

🔹 Proven ability to secure cloud, hybrid, and on-premise environments .

Please send resumes to careers@isa.ae

Create a job alert for this search

Security Analyst • Pune, Republic Of India, IN

Related jobs

Promoted

Vulnerability Assessment Lead

Cubical Operations LLPRepublic Of India, IN

Cybersecurity / Information Security.We are looking for a highly skilled and motivated.The ideal candidate will have a solid background in. Vulnerability Assessment and Penetration Testing.VAPT) acr...Show moreLast updated: 30+ days ago

Promoted

L2 Security Analyst- Soc Advanced

Art Technology and SoftwareCochin, Republic Of India, IN

Job Title : Infosec L2 Security Analyst (Security Operations Center - Advanced).Location : From Kochi Office (Onsite).The L2 Security Analyst is responsible for performing advanced incident analysis,...Show moreLast updated: 23 days ago

Promoted

Security Operations Center Analyst

PeoplefyPune, Republic Of India, IN

We're Hiring : SOC Specialist | Pune 🚨.Are you passionate about cybersecurity and eager to make an impact in threat detection and incident response? We’re looking for a skilled SOC Specialist to jo...Show moreLast updated: 30+ days ago

Promoted

Cyber Security Analyst

Centrico India Private LtdChennai, Republic Of India, IN

As a Cyber Security Specialist you would be involved in one or more of the following activities : .Monitors, identify, investigate and analyze all activities related to cyber security.Identify securi...Show moreLast updated: 13 days ago

Promoted

Vulnerability Analyst

ConfidentialIndia

At EG, we develop software for our customers so they can focus on their profession.Our industry-specific software is built by peers from the industry, and backed by the scale of EG for stability, i...Show moreLast updated: 6 days ago

Promoted

Security Operations Center Analyst - Contract

Dexian IndiaChennai, Republic Of India, IN

Bachelor's degree in Cybersecurity, Information Technology, or related field.SOC operations or cybersecurity roles.Experience with license management and compliance processes.Hands-on experience wi...Show moreLast updated: 13 days ago

Promoted

Security Analyst

BarclaysPune, Republic Of India, IN

Job Title : Security Analyst L1 - CEH Certification +VAPT Experience : 0 – 2 Years Location : Pune Employment Type : Full-time Immediate Joiners Preferred!!! Job Description : Monitor and analyze securi...Show moreLast updated: 1 day ago

Vulnerability Management

Trigent Software Private LimitediNDIA, KA, India

Quick Apply

Summary : As part of information security Vulnerability and Compliance management team, manage and support operational aspects of security / compliance scans and provide remediation support / guidance th...Show moreLast updated: 2 days ago

Promoted

Senior Security Compliance Analyst(6+ Years Minimum) Pune

Energy ExemplarPune, Republic Of India, IN

Energy Exemplar is looking for a Senior Security Compliance Analyst who will perform duties related to compliance certifications, continuous monitoring of the controls and operational security admi...Show moreLast updated: 15 days ago

Promoted

Security Analyst - Purple Team

ConfidentialIndia

With electric vehicles expected to be nearly 30% of new vehicle sales by 2025 and more than 50% by 2040, electric mobility is becoming a reality. ChargePoint (NYSE : CHPT) is at the center of this re...Show moreLast updated: 6 days ago

Promoted

Vulnerability Assessment

PayatuPune, Republic Of India, IN

Are you interested in automating the build and deployment process of the application with ensuring the application security? If yes, then Payatu is the place for you. We are always in search of pass...Show moreLast updated: 2 days ago

Promoted

Security Analyst - Vapt

Soffit Infrastructure Services (P) LtdCochin, Republic Of India, IN

The Security Testing Engineer will be responsible for executing end-to-end security testing assignments, including vulnerability assessment, penetration testing, secure code reviews, and configurat...Show moreLast updated: 2 days ago

Promoted

Vulnerability Management - L2

ITC InfotechRepublic Of India, IN

Vulnerability Management Analyst – L2.ITCI Cyber Security team is looking for the role which is accountable for leading the organization’s end-to-end vulnerability lifecycle and aligning risk and c...Show moreLast updated: 16 days ago

Promoted

Security Analyst

ConfidentialIndia

Porch Group is a leading vertical software and insurance platform and is positioned to be the best partner to help homebuyers move, maintain, and fully protect their homes.We offer differentiated p...Show moreLast updated: 1 day ago

Promoted

Senior Cyber Security Analyst

Eltropynagpur, maharashtra, in

Senior Cybersecurity Analyst | 100% Remote | Eltropy (Product based fintech SaaS firm).Senior Cybersecurity Analyst – GRC (Governance, Risk, and Compliance). This individual will help manage third-p...Show moreLast updated: 2 days ago

Promoted

Security Analyst

Bahwan CyberTekChennai, Republic Of India, IN

VAPT, preferably in both application and infrastructure testing.Perform manual verification and risk assessment of identified vulnerabilities. Track and validate remediation efforts in collaboration...Show moreLast updated: 15 days ago

Promoted

Security Analyst

ACL DigitalPune, Republic Of India, IN

Good experience in application and mobile security.Conduct vulnerability assessment that involves scanning IT assets and. Vulnerability research and data analysis.Possesses hands-on knowledge of Web...Show moreLast updated: 30+ days ago

Promoted

Vulnerability SOC Engineer

ConfidentialIndia

The Vulnerability Engineer / SOC Engineer L1 / 2 will be responsible for monitoring and analyzing security alerts to identify and respond to potential threats in real-time. Knowledge of correct teams fo...Show moreLast updated: 6 days ago