Senior Cyber Security Analyst - BOT
India
Technology – Engineering Services: Cloud Services /
Build, Operate, Transfer (BOT) /
Remote
We are looking for a collaborative and motivated Senior Cyber Security Analyst for our Cloud Operations team. This is a key role in our mission to protect and defend against cyber threats and vulnerabilities. As a Senior Cyber Security Analyst at Tribute, you will take a leading role in the ongoing assessment and protection of our digital infrastructure. You will work closely with cross-functional teams to ensure the confidentiality, integrity, and availability of data, while also identifying and mitigating cyber risks. If you are a seasoned cyber security professional with a deep understanding of threats, vulnerability assessments, incident response, and compliance we want you on our team.
KEY RESPONSIBILITIES
- Threat Monitoring and Analysis:Continuously monitor the organization's networks and systems for potential threats and vulnerabilities. Analyze and assess the severity of security incidents.
- Vulnerability Assessments: Conduct regular vulnerability assessments and penetration testing to identify weaknesses and recommend remediation measures.
- Incidence Response: Lead incident response efforts, including containment, analysis, recovery, and post-incident reporting. Ensure compliance with incident response procedures.
- Security & Compliance: Ensure compliance with industry standards and regulations. Keep up to date with evolving compliance requirements and maintain the organization's security posture.
- Security Technology Management:Manage and maintain security tools and technologies, such as SIEM systems, IDS/IPS, and endpoint security s.
- Security Awareness Training: Provide security training and awareness programs to employees to enhance the organization's overall security culture.
- Security Policy Development: Develop and update security policies, procedures, and guidelines to align with industry best practices and emerging threats.
- Threat Intelligence: Stay current with the latest cyber threats and vulnerabilities. Leverage threat intelligence to enhance security.
- Reporting & Documentation: Prepare detailed reports on security incidents, vulnerabilities, and risk assessments. Maintain accurate documentation for security policies and procedures.
- Mentorship & Guidance: Provide guidance and mentorship to junior members of the security team, fostering skill development and growth.
- Strategic Vision: Developing and communicating a strategic vision for cybersecurity initiatives aligned with the company's business goals and risk posture.
- Expertise & Technical Proficiency: Demonstrating a high level of technical knowledge and proficiency in cybersecurity to guide and mentor.
- Proactive Risk Management: Identifying and mitigating potential cybersecurity risks proactively, staying ahead of emerging threats, and adapting security measures accordingly.
- Compliance & Governance: Provide leadership in annual compliance certifications for PCI, guide the teams plan for certification dates, lead AOC documentation, complete annual scans and ensure the company is always in compliance with relevant cyber security regulations.
- Customer Focus: Understand the needs of the business and product teams and aligning cyber security strategies to enhance the overall business objectives.
OPERATIONS– Cyber Security and Defense.
LEADERSHIP – Team leader.
EXPERIENCE REQUIREMENTS
- 7+ years of security experience with 3-5years of Proven experience as a senior-level cyber security analyst, with a strong understanding of threat detection, vulnerability management, and incident response
- In-depth knowledge of security tools, including SIEM, IDS/IPS, and endpoint security solutions, and a strong working knowledge of MDR tools such as Crowdstrike, Qualys, and Artic Wolf.
- Familiarity with industry standards and regulations, such as NIST, ISO 27001, and GDPR.
- Strong analytical and problem-solving skills, with the ability to assess and respond to complex security incidents.
- Excellent communication skills, both written and verbal, with the ability to convey technical information to non-technical stakeholders.
- Proven track record of working with security vendors to understand their technical product features to implement security protection for employees and digital assets.
- Ability to work effectively in a team, lead incident response efforts, and provide mentorship to development teams supporting their needs to maintain cyber security and PCI compliance.
- Continuous learning and a proactive approach to staying updated on emerging cyber threats and security best practices.
- Fluency in English required.