Cyber Security Expert // 7-10 years // Mumbai
Cyber Security Expert // 7-10 years // Mumbai
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Requirements
Key Responsibilities::
BusinessCybersecurity Alignment:
o Work closely with business stakeholders IT security teams and crossfunctional teams to ensure cybersecurity initiatives align with the organization s broader business goals.
o Translate business needs into technical security requirements that can be effectively executed by the security and IT teams.
Requirements Gathering & Documentation:
o Collect and document detailed business requirements for cybersecurity projects and initiatives ensuring security requirements are clearly articulated for technical implementation.
o Prepare clear concise documentation such as functional requirements risk assessments security processes and workflows for new security programs and enhancements.
Risk Analysis & Security Assessments:
o Conduct risk assessments in the context of hybrid IT environments (cloud onpremises and edge) to identify security gaps and vulnerabilities.
o Collaborate with security teams to evaluate existing security controls and recommend solutions to mitigate identified risks balancing business needs with security requirements.
Cybersecurity Frameworks & Compliance:
o Ensure that all business and technical security requirements comply with relevant regulatory compliance frameworks (e.g. NIST CSF ISO 27001 GDPR HIPAA).
o Support audits and compliance assessments identifying any gaps between current practices and regulatory standards. (must have)
Security Process Improvement:
o Identify opportunities for process improvements within the cybersecurity function including streamlining security incident response access management processes and threat detection workflows.
o Develop business cases for proposed security improvements including costbenefit analyses and risk assessments.
The Business Analyst will have comprehensive responsibilities spanning multiple cybersecurity domains and should have expertise in at least 5 of the following areas
o SIEM Sentinel & Security Operations:
Manage and optimize SIEM solutions particularly Sentinel for effective monitoring incident detection and security event correlation across hybrid environments.
Collaborate with security operations teams to ensure proper configuration tuning and reporting within SIEM platforms to support proactive threat management.
o Security Tools & Technology Integration:
Work with security teams to implement and optimize security tools such as SIEM (e.g. Splunk Microsoft Sentinel) EDR (e.g. CrowdStrike MS Purview/Defender) SOAR platforms CASB (Cloud Access Security Broker) and Threat Intelligence systems.
Help define and document requirements for the integration of cybersecurity tools into the broader security ecosystem.
o User Access Management (UAM) & RBAC:
Work closely with identity and access management teams to ensure the implementation of UAM and RBACsystems that align with the organizations security policy and business requirements.
Support the development of processes for managing user roles privileges and access rights across enterprise systems.
o Cloud & Encryption Security:
Ensure that security policies and controls are applied across both onpremises and cloud environments(AWS Azure Google Cloud) addressing challenges related to cloud security data encryption and access management.
Collaborate with technical teams to implement strong encryption methods for dataintransit dataatrest and datainuse in line with organizational security policies.
o AI & ML in Cybersecurity: (Good to have)
Contribute to the use of AI/ML technologies to enhance threat detection anomaly identification and predictive analytics within the organization s security operations.
Collaborate with data scientists and security teams to define requirements for AI/MLbased security models and incident response automation.
o SOAR Integration & Incident Response:
Assist with the integration of Security Orchestration Automation and Response (SOAR) solutions into the incident response lifecycle to streamline response times and automate repetitive tasks.
Support the continuous improvement of incident response procedures and playbooks ensuring a consistent rapid and efficient approach to security incidents.
Stakeholder Communication & Reporting:
o Regularly communicate project status risks and mitigation plans to senior leadership business stakeholders and technical teams.
o Translate complex technical concepts and security strategies into businessfriendly language for nontechnical stakeholders ensuring full understanding of key security issues.
Training & Awareness:
o Help develop training materials security guidelines and awareness programs to ensure that staff are educated on security best practices and compliance requirements.
o Facilitate knowledge transfer sessions with technical teams to ensure the effective implementation of new security initiatives.
Benefits
Any Certifications
Mode: Work from Office
Technical Skill'- Experience in designing Java applications. Strong experience in creating front-end layers of software in Java technology: Java, Spring boot, Hibernate, Spring - Expert understanding in SOA, ESB, Messaging, Event Processing technologies - Experience with relational and non-relational dbs like SQL Server, My SQL, Casandra or Mongo Redis/mem-cached for implementing caching solutions - Experience in AGILE (SCRUM) methodology and ability to define product life cycle - Strong foundation knowledge around integration technologies such as MuleSoft, Apache Storm, Kafka etc. - Presentation skills with a high degree of comfort with both large and small audiences Secondary Skills: ----- " Need to work closely with Business and Technical Stakeholders to understand the functional and non-functional requirements.
Employment Type
Full Time
