Senior Security Analyst-Infosec Practitioner

Senior Security Analyst

We are seeking an Infosec Practitioner to support the design, implementation, and management of security frameworks, architectures, and policies. As an Infosec Practitioner, you will work alongside security architects and engineers to help maintain and improve cybersecurity practices across cloud, application, and infrastructure environments. This role is ideal for early-career professionals looking to develop expertise in cybersecurity, governance, and risk management. This is a hands-on technical role, requiring knowledge of cloud security, IAM, vulnerability management, security compliance frameworks, and security monitoring tools. The role will also involve collaboration with cross-functional teams, helping to ensure a secure-by-design approach to enterprise security.

Key Responsibilities

• Assist in monitoring, analyzing, and mitigating cybersecurity threats across cloud and on-premises environments.
• Support identity and access management (IAM) implementations, ensuring the enforcement of least privilege access controls and multi-factor authentication (MFA).
• Participate in security assessments, risk analysis, and compliance audits to identify vulnerabilities and ensure alignment with industry standards such as NIST, ISO 27001, SOC 2, PCI-DSS, GDPR, and HIPAA.
• Help develop and implement zero-trust security frameworks, ensuring strong authentication and network segmentation policies.
• Assist in the integration of security tools into DevSecOps pipelines, supporting the automation of vulnerability scanning, policy-as-code, and compliance checks.
• Work closely with teams to support cloud security best practices, including AWS, Azure, and GCP security controls and configurations.
• Assist in security monitoring and threat intelligence activities, utilizing SIEM, XDR, and anomaly detection tools to enhance security visibility.
• Help conduct penetration testing and vulnerability management processes, supporting remediation efforts and security hardening.
• Support incident response activities, helping to investigate, document, and mitigate security incidents in collaboration with senior security engineers.
• Maintain security documentation, developing reports, dashboards, and metrics to track security performance and maturity.
• Assist in security awareness training initiatives, helping internal teams understand and apply cybersecurity best practices.
• Collaborate with compliance teams to ensure ongoing security governance, risk management, and policy enforcement.

Required Qualifications & Experience Technical Expertise

• 6-8 years of experience in Cybersecurity, Information Security, or Security Engineering.
• Knowledge of cloud security principles, including security controls for AWS, Azure, or GCP.
• Basic understanding of IAM, zero-trust architectures, and privileged access management (PAM).
• Experience with security monitoring tools (SIEM, XDR, SOAR) and vulnerability management solutions.
• Familiarity with DevSecOps principles, including CI/CD security and automated security testing.
• Understanding of penetration testing, risk management, and compliance frameworks.
• Knowledge of encryption standards, network security, and endpoint protection.

Consulting & Collaboration Skills

• Ability to support security assessments and assist in defining security roadmaps.
• Strong collaboration skills, with experience working alongside security teams, engineers, and compliance professionals.
• Ability to translate security risks into actionable recommendations for clients and internal stakeholders.
• Strong documentation and communication skills, helping to develop security reports, policies, and training materials.

Preferred Qualifications

• Certifications: Security+, SSCP, AWS/Azure Security Specialty, CEH, or similar security certifications.
• Hands-on experience with SIEM platforms, vulnerability scanners, and security automation tools.
• Familiarity with container security, Kubernetes security, and API security best practices.
• Exposure to AI-driven security solutions and threat intelligence platforms.