Information Security Analyst

Posted: 2 months ago

Information Security Analyst
Location: Dallas, TX, 75082
Duration: Full Time

Qualification and prior experience:
BE/BTECH/Graduate with Minimum experience of 8+ years.
At least one certification from CISSP/CISA/CISM is a must.
Forensic Analysis (GCFA), certification will be added advantage.
Must have strong verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical staff.
Must have good presentation and documentation skills.

Primary responsibilities:
Strong understanding and experience in conducting security assessments using tools and manual techniques to identify security vulnerabilities or security flaws in the system.
Should be able to analyze not only the technological aspects of IT infrastructure, but also the social, economic, behavioral, and policy aspects, which affect business and security outcomes.
Work to perform security analysis of data received from multiple sources, tools or techniques and in conjunction with respective asset owner(s).
Experienced in demonstrating/building the business use cases with data correlation and reports. He should be experts to take a proactive and risk-based approach, ensuring the freedom of information within and around the organization.
System forensics/investigation skills, including analyzing system artifacts (file system, memory, running processes, network connections) for indicators of infection/compromise.
Ability to work with customer and product specialists to weed out false positives and improve efficiency of the Security Analysis.
Experienced in custom application integration and creating the custom framework creation for integration to perform the Business intelligence out of the big data.
Knowledge on different databases and query writing.
Knowledge of HTML and scripting.
Familiarity with multi OS/system administration and cross functional security controls.
Strong technical understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.).