Job Description

Job Summary ::

The Security Analyst / Security Engineer will be responsible for defining, implementing, and managing the organizations enterprise information security vision, strategy, and programs to ensure that information assets and technology systems are adequately protected.

The role will work closely with the CISO, senior security leadership, and business units to drive risk assessment, risk management, compliance, and incident response initiatives. The incumbent will oversee the Audit, development and enforcement of security policies, standards, and procedures, while fostering a strong security-first culture across the organization.

Key Responsibilities ::

Security Strategy & Governance

• Develop, implement, and continuously enhance a comprehensive information security strategy aligned with business objectives.
• Establish security governance frameworks, standards, and operating models.
• Foster a security-first mindset across the organization through leadership and advocacy.

Endpoint Security Management

• Administer and manage endpoint security solutions including EDR, AV, DLP, SSE, and other endpoint protection tools.
• Ensure deployment, configuration, and health monitoring of endpoint security agents across endpoints and servers.
• Implement and enforce endpoint security policies and best practices.

Threat Monitoring & Incident Response

• Monitor security alerts generated from endpoint security tools.
• Investigate suspicious activities and coordinate with SOC and IT teams for incident response.
• Track incidents until closure and document Root Cause Analysis (RCA) and remediation actions.

Vulnerability & Compliance Management

• Work with IT teams to remediate endpoint vulnerabilities and ensure patch compliance.
• Support internal audits and ensure adherence to security policies and regulatory requirements.

Compliance & Regulatory Management

• Ensure compliance with applicable laws, regulations, and industry standards.
• Support internal and external audits and regulatory reviews.
• Coordinate remediation of audit findings and control gaps.
• Should have knowledge of Cyber CSCRF, DPDP, ISO 270001 framework.

Reporting & Documentation

• Generate periodic reports on endpoint security posture, incidents, and compliance status.
• Maintain documentation related to security incidents, policies, and tool configurations.

Experience & Skills

• 5–8 years of experience in Endpoint Security or Cybersecurity operations.
• Hands-on experience with EDR/AV solutions.
• Strong hands-on experience in implementing, managing, and monitoring Data Loss Prevention (DLP) solutions.
• Familiarity with SIEM tools, vulnerability management, and patch management is an advantage.
• Strong analytical, troubleshooting, and communication skills.

Preferred Certifications

• CompTIA Security+
• CEH (Certified Ethical Hacker)
• Other relevant cybersecurity certifications.

More Info

Education