Security Analyst

VACANCY ANNOUNCEMENT

A reputed international IT company is looking for a talented and dedicated security Analyst who can work remotely in Nepal.

The position demands for a security analyst, who is responsible for maintaining the security and integrity of data. The security analyst must possess knowledge of every aspect of information security to protect company assets from evolving threat vectors.

The main responsibilities will include:

• Understand customers' business drivers and requirements and translate those into technical solutions. 
• Design, configure, implement, and manage network security projects. 
• Perform L2, L3 support of day-to-day cyber security incident queues including threat assessment. 
• Manage multiple client environment cyber security infrastructure and applications. 
• Responsible for managing and improving the access management governance by investigating improper access; revoking access; reporting violations. 
• SIEM and incident management 
• User Access Review 
• Knowledge of ServiceNow, Zoho desk, Jira/Confluence, etc. 
• Perform vulnerability risk reviews using Qualys, Rapid7 and/or Tenable. 
• Responsible for managing and improving the defined patch management & configuration review process and activities. 
• Perform regular security review, reporting and remediation. 
• Proactively manage applications, infrastructure security & network risks; ensuring security infrastructure aligns with company’s compliance requirements. 
• Experience in executing security incident response plan. 
• Experience in analyzing security data for trends and reporting. 
• Able to write policies and standards and procedures. 
• Proactively manage, maintain, and report on the operational security calendar activities. 
• Develops security awareness by providing orientation, educational programs, and on-going communication. 
• Work with the various IT Security Operations team members, IT infrastructure personnel, and network and / or operations teams, to ensure the implemented technologies are integrated and fully utilized as intended in the protection of Company's assets.   

Skills & Experience:

• 4 years+ project and information security experience. 
• Good knowledge on security analyst, engineering, and project management experience 
• Experience in client management for security projects 
• Knowledge in network security technologies such as Firewalls, VPN, Web Content Filters, Identity & Access management, Certificate management, HSM, Proxies, WAF, etc. 
• Knowledge and hands-on experience with SIEM technologies 
• Strong experience in Virtualization, Cloud (Azure, AWS, other service providers) design, configuration, and management. 
• Ability to manage priorities, perform multiple tasks and work under dynamic environment and tight deadlines. 
• Ability to perform vulnerability assessments, penetration testing using manual testing techniques, scripts, commercial and open-source tools. 
• Experience and ability to perform Phishing campaign and/or similar social engineering exercise. 
• Provide highly technical examination, analysis and reporting of cyber based events to include collecting and analyzing intrusion information and use discovered data to enable mitigation potential cyber security incidents. 
• Monitor, review event and security logs for breaches. 
• Subject matter expert in one or multiple areas as Windows, Unix, Linux OS. 
• Ability to perform and troubleshoot high stress environment. 
• Vendor or Security specific certifications is preferred. 
• Demonstrated analytical, conceptual and problem-solving skills. 
• Demonstrated comprehensive understanding of the principles of secure data communication and encryption technology, together with a practical understanding of security methodologies and their application. 
• Demonstrated experience working in multi-vendor environments and governance. 
• Demonstrated deep technical expertise in a broad spectrum of technology areas e.g. ICT infrastructure, networks, operating systems, virtualization, cloud computing, etc. 
• Demonstrated highly developed interpersonal, consultative and negotiation skills and the ability to build and maintain positive working relationships. 
• Experience in the application of ICT risk assessment processes for complex systems 
• Understanding of Business Impact Assessment and Threat Risk Assessment concepts and processes. 
• Ability to work effectively with limited supervision on multiple concurrent operational activities. 
• Ability to communicate effectively via email, report, procedures in a professional and succinct manner.  

How to Apply

If you’re ready to take your career to the next level and make a significant impact in the field of cybersecurity, we encourage you to apply for the Security Analyst position.

Please submit your resume with two references, cover letter, and any relevant certifications to email hr.recruitmenton@gmail.com before 18 January 2024.