- Min 7 years in an Enterprise or Technology Service Provider environment.
- Bachelor in Computer Science, Computer Applications, Computer Engineering or equivalent
- Industrial Certifications: CISSP, Cloud Security, Software Development, Ethical Hacking, Offensive Security.
- Project Management, Problem Solving and Critical Thinking
The Information Security Analyst role is to implement Information Security controls, industrial best practices and ensures compliance across the Organization.
This role includes:
- Review of solutions architecture and check compliance against internal and industrial standards.
- Conduct solutions/applications Static Security test. Identify false positives and recommend solutions to the identified risks.
- Conduct Dynamic Security tests. Identify false positives and recommend solutions to the identified risks.
- Plan and execute red team and blue team activities.
- Design Information Security controls inline with security requirements, compliance requirements and industry best practice.
- Conduct assessments of the existing controls and propose improvements.
- Identify information security and IT management risks, conduct risk reviews with systems stakeholders and maintain Risk Registers.
- Work with technical teams in developing security and solutions architectures, reviewing architectures and proposing secure solutions.
- Work with the SecDevOps team in implementing the sSDLC controls.