Security Analyst

Essential Functions:

• Monitor and Maintain ISO27001 adherance.
• Conduct risk and gap assessments to identify gaps in existing security governance
• Develop, maintain, and review information security policies, standards, procedures, and guidelines aligned with business objectives and regulatory requirements.
• Maintaining and improving the security technologies deployed, including creating use cases, customizing or better configuring the tools based on past and current threats.
• Develop and maintain data governance and data security
• Develop and conduct security awareness training programs
• Coordinate internal and external audits, including evidence collection, walkthroughs, and remediation tracking.
• Act as a liaison between security, IT, business units, and auditors to ensure consistent understanding of security and compliance requirements. Maintain documentation repositories for policies, procedures, risk assessments, and audit artifacts.
• Maintain the information security risk register and ensure risks are appropriately documented, prioritized, and tracked.

Required minimum qualification & experience:

• Bachelor’s degree in computer science, Information Technology, or Cybersecurity.
• Certifications required: CISSP, CISA and/or CEH.

Minimum Professional Experience Required:

• Technical knowledge of networking concepts and network infrastructure.
• Working knowledge of cloud security and data governance (e.g., Azure). Solid understanding of network and computer security, software security Strong analytical, documentation, and communication skills.
• Knowledge of ISO27001, NIST controls and implementation.
• Familiar with penetration and vulnerability testing. Familiar with antivirus, Firewall, IDS/IPS protocols.