Cybersecurity Analyst

WE ARE HIRING: Cybersecurity Analyst

Key Responsibilities

• Conduct information security audits based on international standards and frameworks such as ISO/IEC 27001, ISO/IEC 27002, NIST CSF, and other relevant best practices.
• Perform cybersecurity risk assessments for both internal systems and external clients; identify vulnerabilities, assess threats, and recommend appropriate controls.
• Monitor and respond to threats using the organizations Endpoint Detection and Response (EDR) solution, escalating issues as necessary and contributing to incident response.
• Assist with regular vulnerability scans and assessments of company and client IT infrastructures, using tools such as Nessus and Nmap.
• Participate in the development and execution of social engineering and phishing simulation campaigns to promote a strong security culture among users.
• Conduct security hardening reviews of IT assets, including servers, network devices, and endpoints, based on CIS Benchmarks or vendor-specific guidelines.
• Support the design, implementation, and continuous improvement of Information Security Management Systems (ISMS) in line with ISO/IEC 27001 requirements.
• Develop, update, and maintain cybersecurity policies, procedures, guidelines, and standards, ensuring alignment with regulatory and business needs.
• Stay abreast of emerging cyber threats, vulnerabilities, and technologies to proactively recommend security improvements.

Required Qualifications and Experience

• Bachelors degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• 1-3 years of professional experience in IT security, governance, risk, and compliance, or cybersecurity operations (red team or blue team experience is a plus).
• Strong working knowledge of cybersecurity principles, threat landscapes, and security controls.
• Familiarity with ISMS frameworks, especially the ISO/IEC 27000 series, and risk management methodologies.
• Experience with security tools and platforms such as EDR, vulnerability scanners, or GRC platforms is an advantage.
• Demonstrated ability to assess and document information security risks, control deficiencies, and process gaps.
• Effective communication and report-writing skills to articulate technical findings to non-technical audiences.
• Certifications such as ISO/IEC 27001 Lead Implementer/Auditor, CompTIA Security+ are desirable.

Ready to take your career to new heights?

We're InTalent Asia, your go-to recruitment partner in Sri Lanka, and we've got an exciting opportunity for you! Our client is on the lookout for a dynamic individual to fill the role of Cybersecurity Analyst

At InTalent Asia, we're not just recruiters; we're here to architect your career success. Join us in the journey of matching your skills with unparalleled opportunities.

Apply now and see how you can be the perfect fit for this exclusive position!

#InTalentAsia #CareerOpportunity #JobVacancy #ElevateYourCareer