Senior Security Analyst
Summary
Colombo,
Sri Lanka
On-Site
LKR
350000
-
600000
Full-time
Category
Other
Share job
Roles & Responsibilities
As a Security Engineer, you’ll be part of the IT Security team responsible for monitoring the business’s network and endpoints for malicious and anomalous activity. You’ll be responsible for designing, implementing, and maintaining security tooling and process for CLIENT. You’ll assist in reviewing incidents to assess their risk and urgency, acting as a point of escalation to less experienced team members.
You’ll be actively involved in the software development process advising developers on best practise and security architecture during development to ensure that CLIENT’s internal tooling is developed with security by design.
Mandatory
- Microsoft Sentinel (formerly Azure Sentinel)
- SAST / DAST (Static Application Security Testing / Dynamic Application Security Testing)
- Code Scanning (Application Security Scanning) / SEC OPS / Secure Dev Practices
- Penetration Testing
- Security Standards – ISO 27001 / ISO 27002
- IAM (Identity and Access Management) Cloud – Azure
- OAuth (Open Authorization) / Tokenization /SSD
Key responsibilities & Accountabilities:
- Designing, implementing, and maintaining tooling and processes to enhance CLIENT’s IT Security posture.
- Advising developers on best practice and security architecture during development
- Conducting security reviews of software prior to release to ensure they meet CLIENT’s security requirements.
- Acting as an escalation point for investigation and resolution of events where more junior members of the team require support.
- Creation of SOPs, policies, and procedures relating to our Information Security practices.
- Assist in reviewing and mitigation of vulnerability assessments, penetrations tests and security audits and working with IT to mitigate any identified risks.
- Assessment of vulnerabilities to identify the potential impact to CLIENT.
- Keep up to date with the latest Cyber Security Trends and Updates
Skills & Ability
- An analytical thinker with excellent problem-solving skills
- High attention to detail
- Security Detection and Monitoring
- Incident Response
- SIEM tools (Azure Sentinel)
- Vulnerability Management
- Secure Software Development
Pre Requisites
- 8+ Years previous experience working within the Cyber Security industry.
- Working knowledge of Windows & Active Directory (Inc Azure Active Directory)
- Hands on working with Office 365 and Azure
- Networking, including TCP/IP and other common protocols.
- Use of SASE including Cato preferred but not essential.
- Experience in cyber forensics preferred but not essential.
- Working knowledge of security standards and frameworks
- Any Microsoft certification would be a bonus, but not essential.