Security Engineering Analyst

The purpose of this role is to design the organization's computer and network security infrastructure and protect its systems and sensitive information from cyber threats.

Responsibilities

• Design and develop enterprise cyber security strategy and architecture.
• Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses.
• Identify risks associated with business processes, operations, information security programs, and technology projects.
• Identify and communicate current and emerging security threats and design security architecture elements to mitigate them.
• Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.
• Provide product best fit analysis to ensure end-to-end security covering layered security, zoning, integration aspects, API, endpoint security, data security, compliance and regulations.
• Demonstrate experience in security assessment against NIST Frameworks, SANS, CIS, etc.
• Provide support during technical deployment, configuration, integration, and administration of security technologies.
• Demonstrate experience around ITIL or key process-oriented domains such as incident management, configuration management, change management, problem management, etc.
• Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity.
• Provide solutions for RFPs received from clients and ensure overall design assurance.
• Develop a direction to manage the portfolio of to be solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security to better match business outcome objectives.
• Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/architecture.
• Depending on the client's need with particular standards and technology stacks, create complete RFPs.
• Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology.
• Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions.
• Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps.
• Evaluate and recommend solutions to integrate with overall technology ecosystem.
• Track industry and application trends and relate these to planning current and future IT needs.
• Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations.
• Maintain an information security risk register and help with internal and external audits relating to information security.
• Support audit of security best practices and implementation of security principles across the organization to meet business goals along with customer and regulatory requirements.
• Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers.
• Provide training to employees on issues such as spam and unwanted or malicious emails.

Deliverables

• Customer centricity: timely security breach solutioning to end users, internal stakeholders & external customers experience, CSAT, educating and suggesting right controls to the customers.
• Support sales team to create wins, quantity of proposals with Quality Index >7, timely support of the proposals, identifying opportunities/ leads to sell services within/ outside account (lead generation), number of proposals led.

Qualifications

• Managed Security Services (MSS) experience.
• Experience in modern security technologies and frameworks (NIST, SANS, CIS).
• Strong understanding of ITIL and key process-oriented domains.
• Experience with disaster recovery planning and incident response.
• Strong communication and stakeholder management skills.