Senior Information Security Analyst

Burns McDonnell

Mumbai, India
Education
Industry
Qualifications
Benefits
Skills
Experience
Other
Apply
10,000+ Similar Jobs

Description

The Information Security program protects Burns & McDonnell data, systems, and employees from evolving cyber threats with focus on continually reducing cybersecurity risk for the company.

The Senior Information Security Analyst functions as a subject matter expert in evaluating the overall security posture. They will assess and identify vulnerabilities, analyze risks, and recommend solutions to mitigate these risks.

Responsibilities :

  • Risk Assessment: Conduct regular assessments of the organization's cybersecurity measures to identify vulnerabilities and risks.
  • Monitoring and Analysis: Use various tools to monitor networks and systems for security breaches or intrusions. Analyze security breaches to understand their root causes.
  • Incident Response: Play a key role in responding to security incidents and breaches, including assisting with investigations and remediation efforts.
  • Reporting: Prepare detailed reports on security issues, such as breach incidents, current risk status, and improvement recommendations.
  • Policy Development Support: Assist in developing and updating the organization's security policies and procedures based on the findings and evolving threat landscape.
  • Training: Perform security awareness training program related to phishing campaigns.
  • All other duties as assigned.

Qualifications

  • Bachelor's degree in Information Security, Computer Science, Computer Engineering, Information Technology, or related field.
  • Minimum 8 years of experience in Information Security.
  • Information Security certification (CISSP, GSEC, Security )
  • Demonstrated expert knowledge with two or more Information Security technologies such as EDR, IPS, SIEM, SOAR, CASB, CAASM, IAM, PAM, NAC, MFA, and DLP
  • Broad understanding of network and security protocols such as, DNS, SPF/DKIM/DMARC, SSL/TLS, TCP/UDP, IPSec.
  • Experience with CIS Critical Security Controls, OWASP Top 10, and MITRE ATT&CK framework.
  • Demonstrated knowledge and experience of securing cloud environments such as Azure, AWS, and GCP.
  • Broad experience and familiarity with Information Technology such as routers, load balancers, web application gateways, PKI, and Active Directory.
  • Demonstrated knowledge of compliance frameworks (ISO 27001, SOC 2, NIST, FedRAMP, etc.).
  • Demonstrated ability to evaluate cybersecurity risk and propose risk mitigations to technical and non-technical audiences.
  • Highly effective oral and written communication skills with ability to convey security concepts and risks to non-technical personnel.

Apply Now Not Ready to Apply?

Read Full Description
Apply
Jobs at Burns McDonnell
Similar Jobs
Confirmed 23 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles

Leaving Consulting: The Why, When, How and What For?
The Joy of B-Corps
What is a Unicorn Startup?
Managing a Software Career
Leaving Banking: The Why, When, and How
Write a Resume Like Leonardo Da Vinci

Junior and Mid-Level Investing Roles