Cyber Security Analyst
Cyber Security Analyst190
Applications
190
Applications
Noida
Hybrid
Junior: 2 to 4 years
₹ 4L - ₹ 9L (Per Year)
Posted on Jan 02 2025
About the Job
Skills
Network Security
Security Information and Event Management (SIEM)
Penetration Testing
Incident Response
Vulnerability Assessment
Security Risk Assessment
Security Compliance
Threat Intelligence
Key Responsibilities
1. Web Application Penetration Testing
- Methodical Approach: Apply standardized testing methodologies (e.g., OWASP Testing Guide, PTES) for thorough coverage of application layers.
- Manual & Automated Testing: Leverage tools such as Burp Suite, OWASP ZAP, and Nessus in tandem with manual testing to uncover hidden vulnerabilities and business logic flaws.
- Vulnerability Identification & Exploitation: Demonstrate expertise in identifying and exploiting issues like SQL Injection, XSS, CSRF, SSRF, command injection, and IDOR.
- Fuzzing & Custom Payloads: Develop tailored payloads to test input validation routines; automate fuzzing for advanced assessments.
- Reporting & Documentation: Document findings with clear proof-of-concept (PoC) evidence and remediation recommendations. Communicate results to both technical and non-technical stakeholders.
- Continuous Improvement: Stay current with emerging threat landscapes, new vulnerabilities, and evolving testing tools/methods.
2. AWS Cloud Security
- Design and maintain secure AWS architectures, focusing on core services such as IAM, VPC, EC2, S3, and others.
- Configure and manage security services like AWS GuardDuty, Security Hub, CloudTrail, and AWS Config to detect and respond to threats.
- Champion automation of security checks using Infrastructure as Code (IaC) tools (e.g., CloudFormation, Terraform) and continuous monitoring.
3. Security Compliance & Governance
- Ensure adherence to industry regulations (e.g., ISO 27001, SOC 2, PCI-DSS, HIPAA) and internal security policies.
- Participate in audits and maintain documentation to demonstrate compliance.
Qualifications
- Education & Experience
- Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent work experience).
- Minimum of 3 years’ experience in cybersecurity, with strong emphasis on penetration testing and cloud security.
- Technical Skills
- Web App Pentesting: Proficient with Burp Suite (configuration, proxying, scanning, intruder module), OWASP ZAP, and other testing tools.
- AWS Expertise: Hands-on experience with GuardDuty, Security Hub, CloudTrail, AWS Config, and secure AWS architectures.
- CSPM Tools: Familiarity with tools such as AWS Security Hub for posture management.
- Scripting & Automation: Skilled with scripting languages (Python, Bash, PowerShell) and IaC (Terraform, CloudFormation).
Vulnerability Frameworks: Comprehensive knowledge of OWASP Top 10, SANS Top 25, and secure coding practices.
About the company
Two99: Boosting Business Revenues & Profits With Expertise of Our Team and In-House AI-Driven Marketing Algorithm. Every Customer Wins!
Two99: Boosting Business Revenues & Profits With Expertise of Our Team and In-House AI-Driven Marketing Algorithm. Every Customer Wins!
Industry
Advertising Services
Company Size
11-50 Employees
Headquarter
Noida, UP
Other open jobs from Two99