Free cookie consent management tool by TermsFeed CFCO - 1431 Senior Security Analyst | Antal Tech Jobs
Image
Post a Job
Back to Jobs
1 Day ago

CFCO - 1431 Senior Security Analyst

Apply Now
decor
Vashi, MH, India
Information Technology
Full-Time
Softobiz Technologies

Overview

Job Title: Senior Security Analyst
Experience Level: Mid / Senior (5–9 years)
Locations: Hyderabad, Mohali, Kochi
Position: Fulltime

Summary of role
The Senior Security Analyst is accountable for the day-to-day execution of CFCO’s Information Security Management System (ISMS), spanning both technical security assessment and governance, risk and compliance (GRC) activities. The role plays a central operational part in maintaining ISO 27001 certification, running the continuous vulnerability assessment programme, and supporting the broader security operations capability across CFCO and FMG.
Core activities
Technical Security Assessment
  • Manage continuous vulnerability scanning across infrastructure, user identities, and source code using Tenable One, GitHub Enterprise, and Qodo, ensuring scan coverage is maintained and findings are validated.
  • Triage identified vulnerabilities, raise and manage security issues in Jira, assign risk levels, and drive remediation with platform and system owners through to closure.
  • Coordinate the annual external red-team penetration testing engagement — including scoping, vendor liaison, evidence handover, finding management, and post-engagement remediation tracking.
  • Operate the simulated phishing programme through the KnowBe4 platform, covering quarterly campaign design, results analysis, identification of at-risk users, and delivery of targeted follow-up training.
  • Perform first-line triage and investigation of security incidents captured from automated monitoring, manual checks, and user-reported events, working with the Infrastructure and Security Manager on response actions and root cause analysis.
  • Conduct security configuration reviews against the ISMS Secure Configuration, Cryptography, Access Control, Infrastructure Security, and Secure Development standards, and recommend remediation actions.
  • Support the planned SIEM/SOC transition (Immortal Cyber via CFAL), including integration testing, alert tuning, and runbook validation ahead of FY27 cutover.
  • Assess emerging AI-related security risks (data confidentiality and AI-enabled threats) and contribute to the formalisation and enforcement of the AI acceptable use policy.
Governance, Risk and Compliance
  • Support the maintenance of ISO 27001 certification across CFCO and FMG, including continuous evidence collection and control testing within the Vanta platform.
  • Coordinate internal and external ISO 27001 audits, acting as a primary point of contact for auditors during fieldwork and managing the resolution of identified observations.
  • Operate the third-party vendor risk assessment programme — conducting initial and recurring assessments of technology providers in line with the organisation’s risk appetite.
  • Maintain the risk register and supporting documentation for ISMS policies (Risk Management, Operations Security, Third-Party Security, Access Control, Physical Security, Data Classification) and associated standards.
  • Facilitate periodic user access reviews with designated system owners — monthly for critical and high-risk systems, quarterly for medium and low-risk systems — and ensure review evidence is retained.
  • Support BCP and DR testing for operationally critical systems (including email, BOAB, and NetSuite), helping plan, execute, and document the annual testing cycle.
  • Contribute to ISMS Governance Council reporting, including monthly security posture metrics, risk register movements, and assurance activity status.
Skills and Experience
  • 6+ years of progressive experience in information security, with demonstrable depth in technical security assessment.
  • Hands-on experience operating vulnerability management platforms (Tenable, Qualys, Rapid7, or equivalent) and managing remediation workflows in Jira or a comparable ticketing system.
  • Practical experience coordinating external penetration testing engagements and triaging red-team findings.
  • Working knowledge of cloud security on AWS, including assessment of IAM configurations, network security controls, and infrastructure-as-code outputs.
  • Experience operating an ISO 27001-certified ISMS, including evidence preparation, internal audit support, and external audit participation; familiarity with Vanta or a comparable compliance automation platform.
  • Sound understanding of third-party / vendor risk assessment processes and risk register maintenance.
  • Familiarity with phishing simulation and security awareness platforms (KnowBe4 or similar) and end-user behavioural risk analysis.
  • Strong written and verbal communication skills, with the ability to translate technical findings into clear risk and remediation language for system owners and senior stakeholders.
  • Industry-recognised information security certification (CISSP, CISA, CISM, CRISC, CEH, OSCP, or equivalent) is preferred.
Bachelor’s degree in Computer Science, Information Security, or a related discipline.

About Softobiz:
Innovation begins with like-minded people aiming to transform the world together. At Softobiz, we invite you to become a part of an organization that has been helping clients transform their business by fusing insights, creativity, and technology. With a team of 300+ technology enthusiasts, we have been trusted by leading enterprises around the globe for over 12+ years.
At Softobiz, we foster a culture of equality, learning, collaboration, and creative freedom, empowering our employees to grow and excel in their careers. Our technical craftsmen are pioneers in the latest technologies like AI, machine learning, and product development.

Why Should You Join Softobiz?
  • Work with technical craftsmen who are pioneers in the latest technologies.
  • Access training sessions and skill-enhancement courses for personal and professional growth.
  • Be rewarded for exceptional performance and celebrate success through engaging parties.
  • Experience a culture that embraces diversity and creates an inclusive environment for all employees.

Softobiz is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will be afforded equal employment opportunities without discrimination based on race, creed, color, national origin, sex, age, disability, or marital status.

For more information about our solutions and organization, visit www.softobiz.com,
Follow us
on LinkedIn, Twitter, and Facebook for more updates.
Share job
Similar Jobs
View All
1 Day ago
Lead- Devops Engineer
Information Technology
  • Vashi, MH, India
Job Description This role involves the development and application of engineering practice and knowledge in the following technologies: Standards and protocols, application software and embedded software for wireless and satellite...
More info
decor
1 Day ago
Senior AI Data Engineer
Information Technology
  • Vashi, MH, India
Senior AI Data EngineerThis role has been designed as ‘’Onsite’ with an expectation that you will primarily work from an HPE office. Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We...
More info
decor
1 Day ago
Full Stack Developer
Information Technology
  • 70000 - 90000 INR - Monthly
  • Vashi, MH, India
, Job DescriptionWe are looking for a skilled Full Stack Developer with strong experience in frontend and backend development to join our growing technology team. The ideal candidate should have expertise in Angular 18, .NET Core API development, and...
More info
decor
1 Day ago
Technical Lead - Quality Engineering
Information Technology
  • Vashi, MH, India
8-12 years Noida Responsibilities To act as an inspiring System Architect in Quality Engineering Practice by having a thorough understanding of both technologies and processes. Build & implement technical solutions to the QE challenges faced during S...
More info
decor
1 Day ago
DevOps Engineer
Information Technology
  • Vashi, MH, India
Urolime being an expert in Information Technology understands very well how careers evolve and what exactly the aspirations of career seekers are. We need people who are passionate about what they do. Are you passionate about working in a challenging...
More info
decor
1 Day ago
Senior Dot Net Developer
Information Technology
  • 2200000 - 2200000 INR - Yearly
  • Vashi, MH, India
About Strand Life Sciences:Strand is a 24-year-old spin-off from the Indian Institute of Science. We are a cutting-edge Genomics company with a global customer base. We build applications that use DNA sequencing to improve human health. In the proc...
More info
decor
1 Day ago
Lead Software Engineer - Java with Anthropic Claude
Information Technology
  • Vashi, MH, India
EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will c...
More info
decor
1 Day ago
Lead I - .NET Developer
Information Technology
  • Vashi, MH, India
ID: 59177 5 - 7 Years 1 Opening Trivandrum Role description Role Overview We are seeking a versatile Software Developer with strong experience in .NET, Python, and PowerShell scripting to design, develop, automate, and maintain enterprise applica...
More info
decor

Talk to us

Feel free to call, email, or hit us up on our social media accounts.
CONTACT US
Email info@antaltechjobs.in
Social media