IT Security Analyst (Collaboration and Edge Services)

Location

Mumbai | India

Job description

About AMINA

WE are a FINMA-licensed Swiss Bank focused on cryptocurrencies and digital assets. AMINA provides custody, trading, credit and investment products on cryptocurrencies and digital assets to institutional and professional investors. AMINA Bank is Headquartered in Zug, with a presence in Mumbai, Abu Dhabi, Hong Kong, and Singapore.

India Team acts as a virtual extension of the bank, supporting activities spanning digital assets research, investment solutions, trading and liquidity management, risk management, and, more recently, mid/back-office and IT operations.

About the Role

This position will primarily focus on securing our Collaboration and Edge services (MDO email security platform, E5 Security, DLP, PAM, MS Teams, Cloud Applications, API integrations, VPN services, and other related technologies), including monitoring system maintenance, updates, and upgrades, migrations, consolidations, deployments, and project support. You will work cross-functionally with our IT Operations and Dev Ops teams. In this role, you will be reporting to our Head of IT Security. The successful candidate will be responsible for Operating and maintaining robust security measures, based on the latest Security Tooling Architecture and Inform other departments about email security. You will also manage email security rules (filtering, white-lists, spam), messaging input, infrastructure, and risk-mitigation controls. Policies and access monitoring protect email. KPIs, security threats and trends, security protocols, and email security training for employees.

As our IT Security Analyst focused on Collaboration and Edge services, your mission will be, to ensure the confidentiality, integrity, and availability of our Collaboration and Edge services. You will be supporting the operation and improvement of our Security Operations Center (SOC), in alignment and integration with IT engineering and IT Operations processes, and work with other IT Security team members to monitor and hunt for abnormal behavior (false positive alerts and incidents), and then respond as required. Act as the Expert IT Security resource between groups in the IT department and the business developing our products.

Responsibilities

• Open to contribute any other solution and take responsibilities under Infosec Department.
• Collaborate with IT and Security Architecture teams to implement and maintain email security protocols.
• Develop and report metrics (KPIs) for email security performance.
• Stay current with emerging security threats and trends and adapt security measures accordingly.
• Create and maintain documentation for security procedures and protocols.
• Support, with expert advice, the development and maturing of IT Security capabilities, related to our Collaborations and Edge service.
• Develop IT security-related automation and processes that enable the IT Security team to deploy, manage, configure, scale, and monitor by way of automation tools such as Azure Sentinel logic apps, SIGMA rules (YAML), and deploying Blueprints as JSON.
• Actively practice and advance Threat Informed Defence (Kill Chain tactics), IoC ingestion.
• Work with SRE team engineers on IT Security requirements in cloud environments using modern development tools.
• You will also be involved in developing and implementing security policies, standards, and best practices for our collaboration and edge services.
• Engage with IT department heads and business managers to promote Secure and Safe use of our Collaborations and Edge service.
• Work Hands-on with other IT Security Analysts in our Security Operations Center (SOC), Monitoring and analyzing security logs and alerts from the Security Information and Event Management (SIEM), and Security Orchestration and Automated Response (SOAR) platform for Event Detection & Response and effectively address security incidents and breaches.
• Participate in incident response activities, including investigation, containment, and recovery, in the event of a security incident.
• Investigate and remediate security incidents and vulnerabilities affecting our collaboration services and provide root cause analysis and recommendations.
• Prepare and present reports on security incidents, vulnerabilities, and risk assessments to management and other relevant stakeholders.
• Coordinate with other security teams and stakeholders to ensure the security of our collaboration services and compliance with regulatory requirements.
• Research and stay updated on the latest security trends, threats, and best practices for collaboration services.
• Provide security awareness and training to our collaboration services users and staff
• Apply certified knowledge of Microsoft Azure cloud environment and Microsoft Defender suite of security products.
• Project manage with business units and 3rd party suppliers to successfully create value for IT Security related engagements.

About Our team

• You will work with our other IT Security Specialists who are responsible for a broad scope of Operational Security Topics, including Threat Hunting, Penetration Testing, Vulnerability management and overall Threat detection across the banks specialized landscape and associated risks.
• Working with IT Security team members to Identify, Protect, Detect & Respond to emerging cyber threats. You will also work with our CISO, supporting regular engagement at the executive committee and risk committee level.

Requirements

• Bachelor's degree in Computer Science, Information Security, or related field
• At least 2 years of experience in security analysis, incident response, experienced in working with Microsoft's Suite of Collaboration and Edge services,
• 3-7 years of experience in IT Security, working with IT Security SOC teams supporting, threat intelligence, vulnerability management & cloud security, or related roles.
• Microsoft Certified: Azure Security Engineer (defender suite of tools)
• Understanding of ITIL and ITSM processes. This knowledge will be essential in establishing and maintaining effective email security services.
• Proactive mindset with a continuous improvement approach, staying updated with emerging security threats and technologies.
• Experience working with threat intelligence systems and emerging Threat Informed Defense concepts (Kill Chain tactics)
• Recognized professional security certification (e.g. OSCP, CEH, CISSP, CISM, GIAC, GCIH, GCIA) or comparable experience and certifications.
• Knowledge of security-related solutions, such as Next-Generation Firewall, Endpoint Detection and Response (EDR), Intrusion Detection/Prevention (IDS/IPS), Security Incident and Event Management (SIEM), Security Orchestration and Automated Response (SOAR) Web Application Firewall (WAF), Threat Intelligence (TI) platforms, Continuous Automated Penetration (CAP) testing and Application Security Testing (DAST, SAST, OSA), Identity & Access Management (IAM).

To apply for the position, please share your resume to [HIDDEN TEXT]

Job tags

Salary