Security Analyst

The Security and Compliance Officer is primarily responsible for ensuring the security of our On-premises & Cloud-based infrastructure, Information Systems, and Organizational data. The incumbent will play a critical role in identifying potential security and compliance risks, implementing measures to mitigate those risks, and maintaining compliance with industry regulations and best practices. The ideal candidate will have a strong background in information security, compliance frameworks, cloud architecture, and risk management.

• Evaluate, assess and enhance the security posture of On-premises & cloud-based infrastructure, applications, and services.
• Assess and implement security tools & controls for Cloud platforms, such as AWS, Azure, or Google Cloud to enhance the organization’s security posture.
• Develop, implement, and maintain information security policies, procedures, and standards.
• Collaborate with cross-functional teams and help prepare for audits, address security concerns, and provide recommendations to close Gaps.
• Stay up to date on emerging security threats, vulnerabilities, and industry best practices.
• Conduct BIA, Risk Assessment
• Assist in Facilitating Audits, both Internal and External, for ISO standards as well as Regulatory Requirements.
• Conduct regular security audits and vulnerability assessments to identify potential threats and vulnerabilities.
• Maintain all InfoSec records as per ISO 27001 standard (2022).
• Understand the GDPR framework including all controls and create a Plan for organization’s readiness for the qualification and compliance against the standard.
• Creating Policies, Custom-Categories, URL Filtering and adding/removing URLs from local categories on Palo Alto (200, 400, Panorama) and Fortigate (FG-60, FG-90 and FG-40).
• Managing Firewall Security Policies, VPN and security profiles.
• Provide guidance, support internal teams, and conduct security awareness training for internal teams.
• Contribute to the continuous improvement of the organization’s security posture through risk analysis and mitigation strategies.
• Monitor and analyze security alerts and events to identify and respond to security incidents.
• Document security incidents and their resolution for future reference.
• Management of M365 Infrastructure (Microsoft Admin Center, Intune) & Apps (SharePoint, OneDrive, Exchange, Teams).

• Must be well-versed with ISO 27001:2022 Standard.
• Experience with regulatory compliance frameworks such as GDPR and HIPAA. SOC 2 is a plus but not required.
• Proven experience in handling security of cloud computing platforms such as Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP).
• Excellent communication and stakeholder management skills are required as this role involves collaboration with cross‑functional teams.
• Must be energetic, motivated, and creative for project implementation and support.
• Bachelor’s degree, preferably Computer Science
• 3+ years of experience in Facilitating Information Security Audits.
• 2‑3+ years of experience in Cloud & On‑premises Infrastructure, Network & System Administration.