FreeHire

hCaptcha

Senior Security Analyst

Show

This is a remote position.

What You'll Be Doing

  • Monitoring, identifying and analyzing events from a range of sources to spot threats and respond to such incidents with a sense of urgency

  • Collaborating with globally dispersed teams to accomplish tasks

  • Assisting in the collection of metrics to measure the efficiency of Security Operations functions

  • Auditing the effectiveness of security measures to check if the systems meet the Security compliance norms

  • Assisting in implementation of security policies and procedures

  • Fine-tuning of the process and eventually updating standard operating procedures for the team

    • Participating in various stages of incident investigations and threat hunting engagements

    Working closely with internal company teams (such as Product, Customer Success, etc.)

Requirements

    Must have a solid exposure to web, API security, coding standards, WAFs advanced persistent threat actors, botnets (off the shelf and custom) and attack mitigation.

    Knowledge in managing, securing and preparing production web environments

  • Familiar with Threat Hunting - Web/ API, web hacking, web data analysis or WAF hands-on experience.

  • Have an in-depth knowledge of the web technology and web application security field.

  • Have a deep understanding of the cybersecurity threat landscape, and the attackers mindset.

  • Have experience in scripting and programming (JavaScript, Python, etc.)

  • Show an interest in analysing industry trends and market demands to recommend product enhancements and new sources of intelligence

  • Demonstrate an interest in working with data and metrics as applied to security with respect to large data sets

  • Be a great collaborator and communicator, be curious and want to innovate

Nice to Have

    Experience developing bot-nets and whitehat hacking

    Hands on knowledge on Web security modules and secure configuration

    Hands-on experience and proficiency in API test automation and standardisation

    Experience and solid knowledge on computer and network security

    Must have practical experience managing Agile Release Management and maintaining a scalable SDLC

    Strong knowledge on Role Based Access Control (RBAC) for Web applications

    Integrating security into build automation, deployment automation, test automation, SDLC orchestration, environment management, monitoring, and production

    Mentor development teams, review pull requests, and guide evolution of the development pipeline

  • Experience with modern application packaging, deployment, containerisation, bug tracking tools and other supporting tools ( Jenkins, Docker, Kubernetes, etc.)

  • Familiar with ISMS (ISO/IEC 27001), SOC2, NIST Cybersecurity Framework, CIS Controls and Open Web Application Security Project


Originally posted on Himalayas