Job Description

Position at DNEGJob Title :Information Security AnalystLocation: MumbaiTime Zone: North America1 1.1 OverviewDNEG's Information Security (InfoSec) team has the requirement to add an Information Security Analyst to the existing global team. The Information Security Analyst position will provide essential support and assistance to the global InfoSec team and colleagues alike.The role will be that of an InfoSec generalist with a strong foundation in technical competencies, however, the position will also be required to assist with the numerous demands that are made on the InfoSec team's GRC (Governance, Risk and Compliance) function such as assisting with internal and external (client) audits.1.2 Mandatory Requirements and ExpectationsThe requirement to recruit an Information Security Analyst is centered around enhancing the InfoSec function's capabilities to meet the company's diverse assurance and compliance requirements, and to work in close collaboration with the various InfoSec teams, and to act as a support bridge between internal IT department(s) and colleagues.A brief overview of the mandatory requirements is listed below.xe2x97x8f Demonstrable experience of working in a multi-disciplinary technical role.xe2x97x8f Be able to work both proactively, independently and partner with other internal teams as and when required.xe2x97x8f Be a strong team player and possess a positive and professional manner.xe2x97x8f Possess excellent interpersonal skills.xe2x97x8f Have excellent written communication and documentation skills.xe2x97x8f Experience of working within a dynamic and technically diverse environment.xe2x97x8f Familiarity with security incident response processes and procedures.2 Duties and Operational Responsibilitiesxe2x97x8f Monitor, detect, investigate, and triage issues that might compromise the confidentiality and integrity of the company's systems and services using a variety of InfoSec services and tools.xe2x97x8f Assist with documenting InfoSec technical and procedural documentation which will assist with further maturing and streamlining existing workflows.xe2x97x8f Work in close partnership and collaborate with peers, internal/external technical teams, and various departments across the company.xe2x97x8f Manage remediation of relevant, reported and detected InfoSec findings that have been raised by global IT teams and colleagues alike.xe2x97x8f Assist with the management and maintenance of the BAU requirements of the vulnerability assurance program.o Analyzing vulnerability assessments and running ad-hoc scans when required.o Manage remediation of findings with IT teams that are responsible for the infrastructure and end user support.xe2x97x8f Work closely with the InfoSec project management (PM) function to provide artefacts and technical information as and when required to do so.3 Requirements3.1 Job RequirementsA successful candidate will meet most and be able to demonstrate suitable experience to each of the following requirements.xe2x97x8f 5 to 8 years, plus/minus, of working either in a SOC/Security Operations role or within a suitable technical capacity would be highly beneficial.xe2x97x8f Experience and/or knowledge of cybersecurity operations, incident response (IR) management, processes and procedures and investigations would be highly beneficial.xe2x97x8f Experience and/or demonstrable, technical knowledge, of the following is highly desirable:o Network Security: Firewalls, IDS/IPS, Proxy Servers, Email and Web Content Filters.o Endpoint Security: Anti-Virus/Malware Mitigation (EPP), both traditional and XDR EPP solutions.o Access Control Concepts and Application.o Operating Systems: MS Windows (Client and Server O/S); multiple LINUX distributions, Mac OSXxe2x97x8f Experience and/or demonstrable, technical knowledge, application, and experience with the following would be highly beneficial.:o Security data analytics and reporting.o SIEM, security data aggregation and correlation knowledge.xe2x97x8f Experience and/or demonstrable understanding of working with the following Information Security frameworks would be highly beneficial.:o CISo NISTxe2x97x8f Knowledge and experience of working with mobile O/S's and applying security controls such as MDM and MAM would be highly beneficial.xe2x97x8f Knowledge and experience of BYOD and remote (WFH) working.xe2x97x8f Experience and demonstrable knowledge of identity management systems would be highly beneficial.xe2x97x8f Working knowledge and experience of using vulnerability assurance management toolsets and service would be highly beneficial.xe2x97x8f Working knowledge and experience of network and application penetration testing methodologies and practice would be highly beneficial.xe2x97x8f Willingness to assist in enhancing and maturing existing InfoSec technologies that are utilized across the InfoSec team.xe2x97x8f Knowledge of privacy compliance and privacy frameworks and their applicability to a SecOps function e.g. GDPR, would be desirable.xe2x97x8f Working knowledge and experience of Cloud Security (especially SaaS and PaaS), concepts and application would be highly beneficial.xe2x97x8f Demonstrate experience of working within an ITIL framework and familiar with IT ticketing systems.xe2x97x8f Highly motivated and bring a forward thinking and highly collaborative approach.3.2 Educationxe2x97x8f Certified Information Systems Security Professional (CISSP) requiredxe2x97x8f A bachelor's degree in IT or Computer Science would be desirable but is not essential.xe2x97x8f Certified Ethical Hacker (CEH) and any IT certification/accreditation, such as a Cisco CCNA etc., would be desirable but is not essential.About Us
We are DNEG, one of the world's leading visual effects and animation companies for the creation of award-winning feature film, television, and multiplatform content. We employ more than 9,000 people with worldwide offices and studios across North America (Los Angeles, Montrxc3xa9al, Toronto, Vancouver), Europe (London), Asia (Bangalore, Mohali, Chennai, Mumbai) and Australia (Sydney).

DNEG