Senior Security Analyst

Job Summary

The Senior Security Analyst will serve as a perimeter and cloud security expert, responsible for deploying, managing, and enhancing Web Application Firewall (WAF) and API security configurations. This role involves proactive defense against OWASP top 10 vulnerabilities, account takeovers, bot attacks, and other external threats. The analyst will also manage cyber incidents, analyze web traffic patterns, and collaborate with both technical and non-technical stakeholders to strengthen the organization's security posture. This position supports the organization's goal of maintaining robust, cutting-edge security defenses in a hybrid work environment.

Responsibilities

• Deploy, evaluate, and manage Akamai, AWS, and Azure Web Application Firewall (WAF) security configurations.
• Monitor and analyze web traffic patterns to improve security protections and proactively combat OWASP top 10 vulnerabilities, account takeovers, API attacks, and bot threats.
• Manage cyber incidents and service incidents related to WAF and other security technologies.
• Conduct log analysis using Splunk or other Security Information and Event Management (SIEM) tools, including web logs, NetFlow, and packet analysis.
• Review and enforce security policy change requests, gathering additional requirements through stakeholder interviews.
• Maintain expertise in perimeter and cloud security, including Email Security (Exchange Online Protection), Network Intrusion Detection/Prevention Systems (IDS/IPS), Distributed Denial of Service (DDoS) control, and cloud security.
• Collaborate with Agile, DevSecOps teams, and utilize programming knowledge to enhance security processes.
• Communicate effectively with senior technical and non-technical stakeholders, balancing business and security interests.

Qualifications

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 7 to 9 years of experience in security roles, preferably within a matrix-driven corporate environment.
• Expertise in WAF operations is mandatory; experience with Email Security is a strong secondary skill.
• Strong knowledge of WAF providers, API definitions, custom rule writing, bot management rules, and traffic log analysis.
• Proven ability to troubleshoot and simulate HTTP client requests using tools such as curl, Postman, and HAR file analysis.
• Solid understanding of core networking concepts including TCP/IP, DNS, HTTP, proxy, and load balancing.
• Functional experience with Splunk, SIEM, or other log aggregation and analysis technologies.
• Experience with cloud platforms such as AWS or other Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS) environments.
• Ability to communicate complex technical information clearly to both technical and non-technical audiences, including executives.
• Functional understanding of network controls and policies to prevent cyber threats.
• Familiarity with external-facing security controls such as WAF tuning, bot management, API protection, network policy governance, troubleshooting, and incident response.
• Knowledge of cybercriminal tactics and attack vectors across OSI model layers.
• Capability to assess information security risks based on intelligence analysis.
• Understanding of cyber threat actors’ motivations and capabilities relevant to specific regions.

Preferred Skills

• Experience working in Agile and DevSecOps environments.
• Programming skills relevant to security automation and scripting.
• Intellectual curiosity to stay updated on emerging security technologies and software delivery methodologies.
• Strong interpersonal skills with a partnering approach and ability to work collaboratively in teams.
• Senior stakeholder management experience, both technical and non-technical.

Experience

• 7 to 9 years of relevant security experience, with a focus on WAF operations and cloud security.
• Experience in a corporate, matrix-driven environment is preferred.

Environment

• Full-time position based in Bangalore.
• Hybrid work mode combining remote and in-office work.
• Collaborative team environment requiring interaction with multiple stakeholders across technical and business units.

Salary

• Annual salary of INR 1,840,000.

Number of Positions

• 1 position available.