Cyber Security Analyst

Noida
Hybrid
Junior: 2 to 4 years
4L - 9L (Per Year)
Posted on Jan 02 2025

About the Job

Skills

Network Security
Security Information and Event Management (SIEM)
Penetration Testing
Incident Response
Vulnerability Assessment
Security Risk Assessment
Security Compliance
Threat Intelligence

Key Responsibilities

1. Web Application Penetration Testing

  • Methodical Approach: Apply standardized testing methodologies (e.g., OWASP Testing Guide, PTES) for thorough coverage of application layers.
  • Manual & Automated Testing: Leverage tools such as Burp Suite, OWASP ZAP, and Nessus in tandem with manual testing to uncover hidden vulnerabilities and business logic flaws.
  • Vulnerability Identification & Exploitation: Demonstrate expertise in identifying and exploiting issues like SQL Injection, XSS, CSRF, SSRF, command injection, and IDOR.
  • Fuzzing & Custom Payloads: Develop tailored payloads to test input validation routines; automate fuzzing for advanced assessments.
  • Reporting & Documentation: Document findings with clear proof-of-concept (PoC) evidence and remediation recommendations. Communicate results to both technical and non-technical stakeholders.
  • Continuous Improvement: Stay current with emerging threat landscapes, new vulnerabilities, and evolving testing tools/methods.

2. AWS Cloud Security

  • Design and maintain secure AWS architectures, focusing on core services such as IAM, VPC, EC2, S3, and others.
  • Configure and manage security services like AWS GuardDuty, Security Hub, CloudTrail, and AWS Config to detect and respond to threats.
  • Champion automation of security checks using Infrastructure as Code (IaC) tools (e.g., CloudFormation, Terraform) and continuous monitoring.

3. Security Compliance & Governance

  • Ensure adherence to industry regulations (e.g., ISO 27001, SOC 2, PCI-DSS, HIPAA) and internal security policies.
  • Participate in audits and maintain documentation to demonstrate compliance.

Qualifications

  • Education & Experience
  • Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent work experience).
  • Minimum of 3 years’ experience in cybersecurity, with strong emphasis on penetration testing and cloud security.


  • Technical Skills
  • Web App Pentesting: Proficient with Burp Suite (configuration, proxying, scanning, intruder module), OWASP ZAP, and other testing tools.
  • AWS Expertise: Hands-on experience with GuardDuty, Security Hub, CloudTrail, AWS Config, and secure AWS architectures.
  • CSPM Tools: Familiarity with tools such as AWS Security Hub for posture management.
  • Scripting & Automation: Skilled with scripting languages (Python, Bash, PowerShell) and IaC (Terraform, CloudFormation).

Vulnerability Frameworks: Comprehensive knowledge of OWASP Top 10, SANS Top 25, and secure coding practices.

About the company

Two99: Boosting Business Revenues & Profits With Expertise of Our Team and In-House AI-Driven Marketing Algorithm. Every Customer Wins!

Industry

Advertising Services

Company Size

11-50 Employees

Headquarter

Noida, UP

Other open jobs from Two99