Job Openings Senior Security Analyst

About the job Senior Security Analyst

Role Overview

A leading organization is seeking a Senior Security Analyst to support and strengthen its information security function. This role is responsible for protecting systems, ensuring regulatory compliance, managing security risks, and supporting incident response activities across the organization.

The position requires a strong blend of technical expertise, risk awareness, and collaboration with cross-functional teams to maintain a robust security posture.

Key Responsibilities

Information Security Management

  • Perform regular security assessments and vulnerability scans to identify risks across systems and infrastructure
  • Implement and maintain controls to safeguard systems, data, and networks from unauthorized access and threats
  • Monitor security alerts and logs, investigate anomalies, and respond to incidents in a timely manner
  • Support the development and enforcement of internal security policies, standards, and procedures
  • Partner with technology teams to ensure secure system configurations and deployments
  • Stay informed on emerging threats, tools, and best practices to continuously enhance security capabilities


Compliance & Regulatory Support

  • Ensure alignment with applicable security standards, regulations, and contractual obligations (e.g., data privacy and industry frameworks)
  • Conduct internal assessments and audits to validate compliance
  • Prepare documentation and reports for internal and external stakeholders
  • Collaborate with relevant stakeholders to interpret regulatory requirements and implement necessary controls
  • Provide guidance on compliance matters and support remediation efforts


Risk Management

  • Identify and evaluate security risks based on likelihood and potential impact

  • Recommend and implement mitigation strategies to reduce exposure

  • Work closely with business units to integrate security practices into operational processes


Security Awareness & Training

  • Deliver security awareness sessions to promote a culture of security across the organization
  • Educate employees on policies, procedures, and best practices to minimize human-related risks


Testing, Incident Response & Forensics

  • Conduct testing of applications and environments to identify vulnerabilities and emerging threats
  • Participate in incident response activities, including investigation and resolution
  • Assist with evidence collection, forensic analysis, and incident reporting


Qualifications & Experience

  • Bachelor’s degree in Computer Science, Information Technology, or a related field
  • Proven experience in information security, compliance, or a related discipline
  • Professional certifications (e.g., CISSP, CISA, CISM) are advantageous
  • Strong understanding of security frameworks (e.g., NIST, ISO 27001, CIS)
  • Familiarity with global data protection and privacy regulations
  • Experience in risk assessment and risk management methodologies
  • Hands-on experience with security tools such as firewalls, intrusion detection/prevention systems, and SIEM platform
  • Strong analytical, problem-solving, and communication skills
  • Ability to collaborate effectively with cross-functional teams


Technical Skills & Tools

  • Experience with cloud platforms (e.g., AWS and Azure)
  • Knowledge of network security technologies (firewalls, WAFs, VPNs, load balancers)
  • Familiarity with system hardening practices across endpoints and infrastructure
  • Experience with penetration testing and vulnerability assessment tools
  • Understanding of malware, attack vectors, and incident response processes
  • Knowledge of distributed systems and enterprise network environments
  • Experience with intrusion prevention systems and endpoint security
  • Proficiency in Linux administration and shell scripting (e.g., Bash)
  • Exposure to containerization and orchestration technologies (e.g., Kubernetes)
  • Understanding of encryption methods and authentication technologies
  • Familiarity with internet protocols and data formats (e.g., HTTP, TLS, XML)
  • Experience with database technologies (e.g., SQL-based systems, Elasticsearch)


Preferred Qualifications

  • Experience in highly regulated environments (e.g., government or similar sectors)
  • Exposure to handling sensitive or classified information
  • Knowledge of additional regulatory standards and frameworks
  • Additional certifications in security, penetration testing, or offensive security are a plus

    Or refer someone