Information Security Analyst (India Based)

Bangalore or any-remote location in India

Job Description - Information Security Analyst

CTPRP, CISA, CISM, CRISC or similar certifications are a must.

Our compliance products are used by regulated industries to perform automated third-party vendor risk management and cyber compliance. Product provides a holistic view of a firm's vendor risk posture and ensures sensitive information is protected & secured in vendor systems. Software delivers a robust and timely solution to identify risky vendors before they become a liability for our clients. Cybersecurity compliance software monitors, automatically remediates non-compliances and generates compliance reports.

Primary Responsibilities

• Manage day-to-day operations for our clients, including managing and reviewing vendor security assessments, providing suggestions to establish or enhance their vendor risk management program when needed, delivering our due diligence solution, and hosting regularly scheduled calls.
• Utilize vulnerability testing tools, tactics, and procedures to perform analysis and identify vulnerabilities - Implement static and dynamic security testing as part of an automated application security testing process.
• Demonstrate strong customer service skills to ensure a smooth experience for both our customers and our internal business unit partners.
• Interact with customers via email and phone in a professional manner to guide them through our platform and best practices.

• Perform vulnerability assessment and penetration testing for our customers using off the shelf tools.

• Support other operational duties as assigned as part of the Customer VENDOR RISK MANAGEMENT team.

Requirements

• Understands best practice cybersecurity controls, processes, procedures, and policies.
• 3 to 5 years of related work experience specifically in Vendor Risk Management and/or Information Security.
• CTPRP, CISA, CISM, CRISC or similar certifications are a must.
• Experience reviewing security assessments for completeness and overall risk
• Utilize vulnerability testing tools, tactics, and procedures to perform analysis and identify vulnerabilities
• Implement static and dynamic security testing
• Experience with security assessment tools, including Nessus, Metasploit, or Cobalt Strike is desirable.
• Experience with server administration, TCP/IP networking, vulnerability identification and exploitation
• Demonstrates project management and documentation skills while managing multiple parallel work streams.
• Detail-oriented with strong interpersonal, written and verbal communication skills
• Ability to overcome challenging learning curves and proficient with both Microsoft Office Suite and Google G- Suite.
• Works well under pressure with tight deadlines to deliver superior service to our current/potential clients and internal business unit stakeholders.
• Proactive, self-motivated, and highly professional, with outstanding customer relationship skills and ability to work unsupervised for extended periods of time