Data Security Analyst
Company:
Medline India
Location:
Pune, Maharashtra, India
Job Description: Data Security – Analyst
Description:
The Medline Information Security organization is looking for a Data Security Analyst, who will be part of ‘Data Security’ team. The Data Security analyst works extensively with Medline Security SME, Architects and Developers to ensure solutions are not only secure by design, but also throughout execution and evolution.
Duties and Responsibilities:
As an Application Security Analyst, you will be driving.
Maintain web application security scanning and mitigation/remediation practices.
Description:
The Medline Information Security organization is looking for a Data Security Analyst, who will be part of ‘Data Security’ team. The Data Security analyst works extensively with Medline Security SME, Architects and Developers to ensure solutions are not only secure by design, but also throughout execution and evolution.
Duties and Responsibilities:
As an Application Security Analyst, you will be driving.
Maintain web application security scanning and mitigation/remediation practices.
- Analysis of ISM (formerly HEAT) and JIRA to help us understand workload, trends, and capacity needs.
- Create dashboards.
- Proficient in using APIs to extract data programmatically (script/coding).
- Incident investigation / Forensics
- Compliance intelligence and automation
- Asset threat heat map / Exposure analysis to identify focus areas.
- Vendor risk analytics
- Peer industry forecasts if we have data sets available.
- Perspective analysis with Business needs
- Phishing trend analysis based on logs.
- Problem, Incident, Change co-relation and forecast.
- Predictive Dashboards using analysis of Heat, Assets for compliances which can help Compliance teams.
- Expertise with secure coding practices
- Use and present the data in meaningful ways to help highlight or solve business needs.
- Experience/knowledge/expertise with the following:
- Static and dynamic code scanning tools and methodologies,
- Authentication & authorization schemes and protocols, secure password storage & exchange, multi-factor authentications, SSO, Open SSL, Containers
- Web application development frameworks, protocols, content management systems and techniques
- General Database knowledge (Oracle, MS SQL server)
- Understanding / Exposure to OWASP tools and methodologies.
- Common application attack methods, and associated preventions/defenses
- Knowledge/experience around CMDB, ISM tools
- At least 4-5 years of experience in data analysis with key focus on security
- 2-4 years of experience in SOC
- Bachelor’s degree, preferably in Computer Science or Information Technology
- Dynamic scanning tools like Fortify, WhiteHat, Burp
- Vulnerability scanning tools and methods, such as XRay, Twistlock
- Familiarity with STRIDE model, MITRE ATT&CK