Information Security Analyst I

About Us

Please be aware we have noticed an increase in hiring scams potentially targeting Seismic candidates. Read our full statement on our Careers page.

Seismic, a rapidly growing Forbes Cloud 100 company, is the global leader in enablement, helping organizations engage customers, enable teams, and ignite revenue growth. The Seismic Enablement CloudTM provides continuous guidance to improve behavior, content, and skills to win more deals and deliver better experiences. More than 2,200 organizations around the globe including IBM and American Express have made Seismic their enablement platform of choice. Seismic integrates with business-critical platforms including Microsoft, Salesforce, Google and Adobe. Seismic is headquartered in San Diego, with offices across North America, Europe, Australia and China.

Seismic is committed to building an inclusive workplace that ignites growth for our employees and creates a culture of belonging that allows all employees to be seen and valued for who they are. Learn more about DEI at Seismic here.

Overview

Seismic is a leader in sales enablement technology, delivering integrated solutions that connect marketing, sales, and buyers to drive meaningful engagement. We develop cutting-edge SaaS solutions, ensuring innovation, quality, and global reach to meet our customer needs.

We specialize in delivering modern, scalable, and multi-cloud solutions that empower businesses to succeed in today’s digital era. Leveraging the latest advancements in technology, including Generative AI, we are committed to driving innovation and transforming the way businesses operate. As we embark on an exciting journey of growth and expansion, we are seeking a talented Information Security Analyst to join our team in Hyderabad, India.

Who You Are

You are a highly motivated and detail-oriented security professional with 1-2 years of experience in information security. You possess a strong understanding of security principles and are passionate about identifying and mitigating vulnerabilities. You are a strong communicator and collaborator, with the ability to effectively communicate technical information to both technical and non-technical audiences. You are a quick learner, eager to expand your knowledge in the ever-evolving cybersecurity landscape, and possess a strong work ethic with a focus on continuous improvement.

What You’ll Be Doing

This role is responsible for identifying, assessing and mitigating security vulnerabilities in software applications. They work closely with development teams to integrate security practices into the Software Development Lifecycle (SDLC) and help ensure that applications are secure and compliant with relevant standards and regulations. As part of this role, you will assist with the following:

• Review AppSec (SAST/DAST/SCA/Container/API) vulnerabilities, evaluate risk and verify vulnerabilities
• Respond to customer RFPs within SLAs.
• Proactively review and triage alerts related to our security tool set (CrowdStrike, Netskope, Snyk, Veracode, NoName)
• Communicate with our engineering department on potential risks within their applications, best practices, and fixes.
• Support technical security assessments to ensure services follow secure design principles across our engineering portfolio.
• Work with the security operations team to integrate security tooling into the CI/CD pipeline to automate security testing and vulnerability detection.
• Document and updating information security processes.

What You Bring To The Team

Must Haves

• Minimum 1 –2 years of Information Security experience.
• Knowledge of OWASP Top 10, and related CWEs and CVEs.
• Solid understanding of information security best practices related to:
• Application security
• Cloud security
• GRC
• Ability to read and understand at an analyst level at least one major programming language and framework (C#, .NET, JavaScript, Python, Ruby, Java.)
• Foundational Knowledge with Application Security (Software composition analysis, Static/Dynamic analysis, and API Security)
• Experience with a ticketing tracking system (e.g. Jira)
• Great communication skills, with the ability to collaborate across development, operations, and security teams.
• Highly proficient in spoken and written English
• Completed at least one security certification (e.g. SEC+, ISC2 CC or any others)

Nice To Haves

• Proficiency with a scripting language such as Python, PowerShell or Bash
• Experience with answering Vendor Security Questionnaires
• Experience with an access management solution.
• Threat modeling experience following STRIDE methodology.

What We Have For You

At Seismic, we’re committed to providing benefits and perks for the whole self. To explore our benefits available in each country, please visit the Global Benefits page.

If you are an individual with a disability and would like to request a reasonable accommodation as part of the application or recruiting process, please click here.

Headquartered in San Diego and with employees across the globe, Seismic is the global leader in sales enablement, backed by firms such as Permira, Ameriprise Financial, EDBI, Lightspeed Venture Partners, and T. Rowe Price. Seismic also expanded its team and product portfolio with the strategic acquisitions of SAVO, Percolate, Grapevine6, and Lessonly. Our board of directors is composed of several industry luminaries including John Thompson, former Chairman of the Board for Microsoft.

Seismic is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to gender, age, race, religion, or any other classification which is protected by applicable law.

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.