Senior Security Analyst Yodlee
THIS JOB HAS EXPIRED
Job Code: Job Title*: Senior Security Analyst
Department*: Yodlee Security Office
Reporting Structure*: Reports to Manager, Network Security
Summary of Position: The Senior Security Analyst is a key role in the Security Office of an established and innovative financial services platform provider. The selected candidate will be part of the independent security function, where they will contribute, learn and influence the evolution of our dynamic and leading-edge security architecture.
On Day One, the Senior Security Analyst will:
Primary Responsibilities*: List 3 to 6 key responsibilities of the job
- Assume primary responsibilities for security operations (Security Monitoring, Alerts handling, Systems and Network Compliance, Vulnerability Life Cycle Management (details below).
- Participate as a subject matter expert in the application of security practices to the design, operation and oversight of a heterogeneous environment consisting of SaaS, development and corporate computing environment.
- Incorporate their expertise and experience with the other 15 Security Office members to support the successful mission of this World Class provider of software services to leading financial institutions and companies in India, the US, the UK, and Asia.
The qualification requirements below are representative of the knowledge, skills and abilities required to perform this job successfully. Employees who do not possess the requirements for a job at time of hire or transfer/promotion are expected to attain the skills, knowledge and abilities required within a reasonable period of time, as agreed upon, in writing, with the hiring manager. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Responsible for handling all security alerts â€" Review the alerts and handle them as per the process. This involves working with different groups and ensuring that all the alerts are closed in a timely manner
- Responsible for patch management process â€" This involves a) performing security impact analysis for the patches and vulnerabilities published by vendors other security research sites for different platforms ( Operating Systems, Web Servers and Network devices) b) Defining priority for the patch rollout c) Ensuring that the patches are rolled out in a timely manner d) Scanning the systems and other platforms to validate that the patches are applied and following up with various teams to address any gaps
- Responsible for Vulnerability Management Process â€" This involves a) Ensuring that vulnerability scans are run at scheduled time b) Scan results are analyzed in a timely manner c) Categorizing the vulnerabilities as per defined process d) Fixes are applied as per the vulnerability policy e) Tracking the open issues and follow up with different teams to address the open issues.
- Security Log Analysis â€" Monitor and analyze the logs from various security tools â€" Any events that need to be correlated from a security perspective to be researched and submitted to the tools team for the alert development
- Compile Security Metrics - Automate management reports based on information generated from different security tools â€" Compile security metrics and efficiency metrics for management review.
- Assist in providing requirements for new and existing security systems, tools, and applications
- Collaborate with different groups to ensure that their requirements and new initiaves adhere to information security policies and best practices
- Assist in writing best practice procedures for the following services: Incident analysis, Incident response coordination, security audits or assessments, certificate authority, log analysis & diagnostics, and host vulnerability scanning
Work Experience*: 5 to 7 years experience working as a hands-on system or network administrator in a support role. Experience should include handling projects in an independent capacity and with extensive cross functional co-ordination. Experience in handling security projects is required. The interview process will include a technical competency assessment of security knowledge, including both concepts and their application to typical scenarios.
Skills: 1.Good project management skills 2.Excellent communication skills both verbal and written 3. Prior experience working in a lead role 4. Good experience and knowledge of Operating Systems, Networks Security technologies, such as firewalls, IDS, SIEM and authentication, in a hands-on support role 5. Demonstrated experience working in heterogeneous environment 6The interview process will include a technical competency assessment of security knowledge, including both concepts and their application to typical scenarios.
Education/Degree(s)*: BS degree/Engineering Diploma in IT or related field
Certification/Training: Security or Network certification is desirable, with preference given to current holders of CISSP, CISM or GIAC
Other Job-Related Requirements: (location, travel, minimum physical requirements) No travel * Required Field. This job specification should not be construed to imply that these requirements are the exclusive standards of the position. Employees will follow any other instructions, andperform any other related duties, as may be required.
||multiple, multiple |
THIS JOB HAS EXPIRED