Information Security Analyst penetration testing
Share
Job Location:
Monthly Salary:
Posted on:
Vacancies:
Job Summary
TransUnions Job Applicant Privacy Notice
What Well Bring:
We are seeking a security analyst to join CIBIL Information Security team to support annual penetration testing ongoing vulnerability assessments and application security scanning across our environment. The role will collaborate closely with development teams to embed DevSecOps practices drive timely remediation of vulnerabilities and ensure compliance with regulatory and threatintelligence advisories. Responsibilities include maintaining security baselines for infrastructure and leveraging tools such as Rapid7 Burp Suite Checkmarx and Seeker to strengthen our overall security posture.What Youll Bring:
Support the annual penetration testing program for both existing systems and new golive applications ensuring timely remediation of identified risks.
Execute periodic internal and external vulnerability assessment (VA) scans analyze discovered vulnerabilities and provide clear reporting to stakeholders for timely closure.
Support Static Application Security Testing (SAST) and Interactive Application Security Testing (IAST) scans driving application teams to identify prioritize and resolve security weaknesses.
Collaborate with development teams to embed security controls into CI/CD pipelines (DevSecOps) and promote secure coding practices across the SDLC.
Support regulatory and compliance-driven security advisories ensuring vulnerabilities identified through external mandates are remediated within required timelines.
Assist in remediation activities triggered by threat intelligence and VTM advisories including evaluation of reported exploits zero-day vulnerabilities and their applicability to the organization.
Conduct periodic security baseline reviews for network devices operating systems and infrastructure components to ensure configuration compliance.
Utilize and maintain proficiency with key security tools such as Rapid7 Burp Suite Checkmarx and Seeker using them to strengthen the organizations vulnerability management and application security posture.
Impact Youll Make:
- Maintain and enhance dashboards reporting mechanisms and metrics for vulnerability management providing leadership with visibility into risk trends remediation progress and compliance adherence.
- Assist in establishing and continuously improving secure coding standards development guidelines and security guardrails aligned with industry best practices.
- Contribute to audit and compliance programs (e.g. ISO SOC 2 regulatory reviews) by providing evidence documentation and remediation tracking for securityrelated controls.
- Stay updated with emerging threats new tools and evolving security techniques advising teams on adoption of modern efficient and scalable security practices.
TransUnion Job Title
Analyst InfoSec Risk Management & GovernanceRequired Experience:
IC
Key Skills
- IT Experience
- Splunk
- IDS
- Cybersecurity
- FIPS
- PCI
- NIST Standards
- Information Security
- Encryption
- FISMA
- RMF
- Siem
About Company
Company Overview TransUnion is a leading global risk and information solutions provider. Our mission is to help people worldwide access opportunities that lead to a higher quality of life. We accomplish this by delivering solutions that help organizations optimize their risk-based dec ... View more
