Information Security Analyst

About the Job

Lexitas India Pvt. Ltd., a subsidiary of the global Lexitas MNC, is establishing a world-class IT development team and a Shared Services hub in Chennai. This high-growth company prioritizes strong client relationships and reliable, accurate professional services.

This Full-Time position is based in Chennai, India. The Information Security Analyst will play a crucial role in supporting and enhancing Lexitas's information security, privacy, risk, and compliance programs. Under the guidance of the VP of Information Security or Information Security Manager, you will contribute to developing and maintaining a robust security program, ensuring the protection of sensitive information assets. Your responsibilities will include functional and technical support for security posture maintenance, assisting in the design, implementation, configuration, documentation, and maintenance of security measures to mitigate business risks.

Key Roles and Responsibilities:

• Support IT security, privacy, risk, and compliance systems and processes, with opportunities to lead initiatives.
• Monitor computer networks and associated tools for security, privacy, risk, and compliance issues.
• Assist in the project management, tracking, and documentation of Information, Privacy, Risk, and Compliance programs.
• Investigate and document security breaches and cybersecurity incidents, assessing their impact.
• Perform and support security tests, risk assessments, and audits to identify and remediate vulnerabilities.
• Track and facilitate the mitigation of vulnerabilities to maintain high security standards.
• Champion best practices in IT security, privacy, and compliance.
• Support third-party vulnerability management and penetration testing efforts.
• Research security enhancements and provide recommendations to management.
• Stay current with IT trends and security standards.
• Prepare reports detailing security, privacy, and compliance risk assessment findings.
• Support Security Operations Center (SOC) functions, including monitoring and incident response activities.
• Assist in the development and communication of IT Security, Privacy, Risk, and Compliance policies.
• Perform other related IT security, privacy, risk, and compliance duties as required.

Skills and Abilities:

• Experience with vulnerability management and penetration testing techniques.
• Solid understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
• Ability to identify and mitigate network and application vulnerabilities.
• Good understanding of patch management.
• Proficient with various operating systems.
• Excellent written and verbal communication skills.
• Knowledge of firewalls, antivirus, and intrusion detection system concepts.
• Ability to support and document Information Security, Privacy, Risk, and Compliance processes and programs.
• Ability to support the incident response process.
• Experience directing third-party providers in Information Security, Privacy, Risk, and Compliance areas.
• Support information security controls, including physical and data security, to protect confidentiality, integrity, and availability of information systems data.

Preferred Knowledge, Skills, and Abilities (KSAs):

• Strong working knowledge of primary Information Security, Privacy, Risk, and compliance standards and frameworks such as NIST, SOC 2, HIPAA, PCI DSS, GDPR, etc.
• Experience administering information security software and controls.
• Experience supporting network and application security management processes.
• Network and system administration experience is a plus.
• Good understanding of Standard Information Security Baseline Frameworks, Business Continuity, and Disaster Recovery protocols and best practices.
• Exposure to ITIL (Incident/Change Management) – ITIL v3 Foundation preferred.
• Ability to learn and monitor business processes for areas of primary support responsibility.
• Support annual Security Baseline Audits and execution of recommendations.
• Perform day-to-day “Help Desk” tasks as part of the technology team in support of Information Security, Privacy, Risk, and Compliance.

Education and Experience:

• Bachelor’s degree in computer science or a related field is strongly preferred.
• IAT Level-2 technical certification strongly preferred (CompTIA Security+ or CISSP) or the ability to obtain within the first 90 days of hire.
• 5+ years of experience in an Information Security Analyst or SOC role.
• Demonstrated experience in responding to, managing, and resolving security incidents.
• Experience with LAN/WAN networking, IP addressing and routing, Windows/Linux/Unix operating systems, and Information Security concepts and best practices.
• Experience working with Security Information and Event Management (SIEM) systems is a plus.