About the job

Role Description

The Senior Information Security Analyst will be responsible for performing penetration testing and vulnerability assessments across web infrastructure, cloud environments, and mobile platforms (Android/iOS). This role involves identifying and exploiting security vulnerabilities, analyzing security risks, and implementing actionable remediation strategies to enhance the organization's overall cybersecurity posture.

The analyst will collaborate closely with development, IT, and security teams to design and deploy proactive security measures, ensuring robust protection against evolving threats. 

Job Responsibilities

• Conduct penetration testing and vulnerability assessments for web infrastructure, cloud environments, and mobile platforms (Android/iOS).
• Identify and exploit security vulnerabilities in applications, networks, and systems.
• Analyze findings from security assessments to deliver actionable remediation strategies and recommendations.
• Collaborate with development, IT, and security teams to implement effective risk mitigation measures.
• Prepare comprehensive technical reports and executive summaries on security assessments, including identified risks and recommended actions.
• Design, develop, and deploy security monitoring tools to ensure accurate visibility and proactive threat detection within the infrastructure.
• Stay updated on emerging threats, vulnerabilities, and security trends across diverse platforms.
• Provide insights and recommendations to address evolving cybersecurity challenges.
• Work closely with cross-functional teams to enhance the organization’s overall cybersecurity posture.
• Mentor and guide junior team members on best practices in information security and risk management.

Technical Skills

• Ability to devise and implement penetration testing strategies tailored to the organization’s environment, ensuring comprehensive coverage of security risks.
• Expertise in utilizing a wide range of penetration testing tools (e.g., Burp Suite, Metasploit, Nmap, Nessus) and advanced techniques to identify and exploit vulnerabilities.
• Capable of designing custom testing methodologies aligned with organizational goals and compliance requirements.
• Proficient in conducting VAPT for hosts, web applications, network devices, APIs, and mobile applications to identify and remediate security weaknesses
• In-depth knowledge of networking protocols, computing technologies, and security frameworks, including cloud computing and secure software development methodologies (e.g., DevSecOps).
• Familiarity with tools and practices for secure coding, code review, and threat modeling.
• Strong understanding of diverse computing platforms, including Windows, OSX, Linux, Unix, and cloud platforms (e.g., AWS, Azure, GCP).
• Experience with securing network infrastructure and endpoints across hybrid environments.
• Skilled in applying threat intelligence, indicators of compromise (IOCs), and vulnerability analysis to proactively identify and mitigate risks.
• Experience in source code review to identify security flaws and recommend remediation measures.
• Hands-on experience in configuring and managing security solutions such as web application firewalls (WAF), network firewalls, and endpoint security tools.
• Ability to set up, configure, and deploy security monitoring solutions to detect and respond to security events in real-time.

Requirements

• Bachelor’s in Computer Engineering, Computer Science and Information Technology, Computer Networking and IT Security, or related field
• 5+ years of experience in a related field

Why Join us?

• Stellar opportunity to work with the rising company
• The amazing and passionate young team, beautiful office space
• Trust of biggest FinTech company.
• One-of-a-kind company culture and growth opportunities to accelerate your career progression.