Senior Information Security Analyst
Location
Bangalore | India
Job description
First American (India) is a GCC (Global Capability Center) of the First American Financial Corporation (NYSE: FAF) family of companies. FAI is a proud member of the FORTUNE 500 companies and has been amongst the Fortune 100 Best Companies to Work For® list for eight consecutive years. First American Financial Corporation provides comprehensive title insurance, closing/settlement, property data and technology solutions. First American (India) creates quality solutions for its customers by combining software, back office, and knowledge processing operations to fulfill First American's business requirements. Our priorities are our employees, customers, and shareholders - in that order. First American (India) has been ranked amongst India's Best Companies To Work For™ 2023: Listed amongst the Top 100 by Great Place To Work® India, FAI is also certified Best Workplaces for Women and Workplace with Inclusive Practices.
The Information Security Analyst for the Security Incident Response (SIR) team is responsible for understanding complex business information technology needs specifically focused on the information security infrastructure services. Assumes the lead role supporting the Security Operations Manager in monitoring, investigating, and responding to security events. Provides guidance and prioritization to tasks, as well as assigning tasks and mentoring the team as needed. Provides long-term solutions to Information Technology needs, including protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.
What You'll Do:
- Acts as the team's resource and subject matter expert to answer questions and create resolutions using experience, best practices and sound judgment.
- Provides technical leadership among a global team of highly skilled security analysts/subject matter resources.
- Responsible for assessing information risk and facilitates remediation of identified vulnerabilities for IT security and IT risk across the enterprise.
- Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of risk
- scenarios.
- Conducts risk assessments and interviewing internal and external customers, to gain technical knowledge of
- security/compliance requirements and to support the business.
- Responsible for security audits and testing. Evaluates system security configurations to ensure efficacy and compliance with policies and procedures.
- Analyzes threats and current security controls as well as current team procedures/processes to identify gaps in the
- company's security posture.
- Mentors other analysts across the team, leading by example and insisting on high standards.
- Ensures procedural documentation of team functions are updated on a routine basis.
- Anticipates, identifies, and escalates appropriate issues to Manager/Director.
- Provides reports or data points as input to senior management on function-wide metrics and performance as well as provide input to KRI and KPI reporting.
- Reports up on areas of opportunities and/or concerns.
- Ensures compliance with information security standards, policies, and procedures.
- Communicates and implements industry best practices and solutions employed in the information security space.
- Creative self-starter who can think through a task from start to finish and has the technological vision to support the
- operational and security needs of the enterprise
What You'll Bring
- 8+ years of experience with networking security technologies for the following security technologies are required:
- Network security: next-gen firewalls, cloud security group, ACLs
- Logging and monitoring: SIEM and Cloud Access Security Broker (CASB)
- Endpoint security: Antivirus, DLP and host compliance
- Azure/AWS cloud services and infrastructure
- 5+ years of experience in administering IT security controls in an organization
- Prior experience performing security reviews and risk assessments
- Demonstrated leadership experience in progressively responsible roles in a demanding environment
- Bachelor's degree in Information Systems, Information Security, Computer Science or equivalent combination of education and experience
- 5-7 years of IT security or information security experience with a proven ability to understand complex problems within the
- field of security operations
- Ability to effectively convey complex issues and communicate to a variety of audiences including technical staff, peers, as well as senior management, and oversight bodies.
- Knowledge of technical infrastructure, networks, databases, and systems in relation to IT Security and IT Risk
- Windows workstation and server administration experience
- Experience in product evaluation and managing vendor relationships
- Excellent written and verbal communication skills
- Excellent interpersonal, relationship-building and teamwork skills
- Experience managing projects with complex inter-dependencies, focusing on both long-range projects and immediate tasks
Education
· Minimum of 15 years of formal education - Graduate / Postgraduate in Computer Science / Information Technology.
Range of Experience
Must have minimum 8+ years information security experience.of consecutive hands-on experience working in a SOC environment, utilizing industry leading network security monitoring technologies, application, web, database and Security Event and Information Management (SIEM), IDS/IPS, endpoint, email security gateways and DLP technologies.
License or Certification
Security+, GIAC, CEH, OSCP preferred.
'FAI is committed to creating an environment that respects, supports, and inspires all individuals. We do not discriminate based on color, religion, sex, gender identity, sexual orientation and age. At FAI, we celebrate diversity and believe that an inclusive workforce benefits employees, the organization and our community. We are an Equal Opportunity Employer'
Job tags
Salary
