344 Cybersecurity Analyst jobs in Bengaluru

Information Security Analyst / Specialist

We are looking for a detail-oriented Information Security Analyst/Specialist to join our InfoSec team. The ideal candidate will ensure compliance with industry standards, strengthen security operations, manage risks, and collaborate across teams to safeguard our systems and data.

Responsibilities

• Information Security Governance & Compliance
• Manage compliance with ISO 27001:2022 and SOC 2 Type II frameworks.
• Support ITGC audits in collaboration with Finance.
• Conduct internal audits, gap assessments, and evidence collection for certification and surveillance audits.
• Review and update ISMS policies, procedures, and controls regularly.
• Support customer and prospect audits by providing responses, clarifications, and documentation.
• Risk & Threat Management
• Perform application, infrastructure, and vendor risk assessments.
• Conduct third-party/vendor security assessments and track remediation.
• Monitor and ensure closure of audit findings, vulnerabilities, and identified security gaps.
• Security Operations & Monitoring
• Review AWS logs, IAM, RBAC, firewall rules, and other security configurations.
• Conduct monthly/quarterly user access reviews across systems (SSH, RBAC, DB, SaaS).
• Track patch management, antivirus, and endpoint protection compliance.
• Manage SIEM and SAST tools for continuous monitoring.
• Vulnerability & Incident Management
• Coordinate periodic VAPT (Infra, Web, Mobile) with external agencies and internal teams.
• Support remediation, validation, and closure of vulnerabilities.
• Assist in incident response, root cause analysis, and corrective actions.

Skills & Qualifications

• Strong understanding of ISO 27001:2022, SOC 2 Type II, ITGC audits, ISMS policies.
• 2 to 5 Years of relevant experience.
• Experience in VAPT coordination, remediation, and vulnerability management.
• Knowledge of AWS security configurations, IAM, RBAC, firewall rules, and cloud security practices.
• Hands-on experience with SIEM, SAST (SonarQube), endpoint protection, and patch management tools.
• Familiarity with Disaster Recovery, BCP, and backup strategies.
• Analytical & Risk Management Skills
• Proficiency in conducting risk assessments and managing risk treatment plans
• Experience with vendor/third-party assessments and compliance documentation.
• Strong troubleshooting and root cause analysis abilities.
• Preferred Qualifications
• Bachelor’s degree in Computer Science, Information Security, or related field.
• Industry certifications such as ISO 27001 Lead Auditor/Implementer, CISA, CISSP, CISM, CEH, or AWS Security Specialty (preferred but not mandatory).

What will you experience working with our team?

• Career Growth – This role is designed to evolve into a brand leadership position.
• Full Content Lifecycle Exposure – Learn and own the entire journey from content creation to distribution.
• Video & Digital-First Approach – Work in a team that values video storytelling and data-driven narratives.
• Make an Impact – Your content will shape conversations in FMCG distribution and supply chain tech.
• Freedom and Fun - Bizom’s culture is unique, you’ll feel like Schrödinger’s cat, simultaneously immersed in both the thrill of challenges and the excitement of workplace fun.

Why Mobisy?

• We are happy souls, working together and having each other’s back! People, Product, and Profit is our motto.
• Fly beyond your imagination - we believe in giving wings to your passion.
• No Kinder-garden here. We fall, we learn, and we stick together like chewing gum.
• We jam together! Whether it's a code, a pitch or a plan - collaboration is our secret sauce. We win as one.
• Little things add up! We believe in compounding - small efforts every day lead to big, magical outcomes.
• We trust in our association and give free rein to our employees to act, explore, and deliver sustainable results.
• We celebrate success hard - and failures even harder. It’s always a collective win or a collective miss.
• Have buddies, mentors - but be your own boss. It goes hand in hand.
• Know your people. Talk, chat, learn, and share - access anyone in the family, anytime.
• Stay quiet. Stay foolish. We speak up, do the right thing, and always keep our clients and company in mind.
• We roll up our sleeves, get our hands dirty, dream big, and achieve together.

What Will you get while working with Mobisy?

• Work is Fun - We believe work is fun - and we go the extra mile to make sure you enjoy what you do every single day.
• Design Your Own Role - You don’t just fit into a job - we let you shape it. Take up what excites you, and we’ll back you with trust and responsibility.
• Freedom to Own Your Work - Less rules, more trust. You get the freedom to figure things out your way - with the right support when needed.
• Take Full Ownership - It’s your ship. You steer it. You own it. You make things happen.
• Grow into a Leader - This isn’t just a job - it’s your launchpad to becoming a strong, independent leader.
• People Come First - Always. We back our people through thick and thin. That’s our culture.
• Stay Fit & Feel Good - We care about your health - with fitness activities, sports, and regular wellness sessions to keep you balanced.
• Happy Tummy, Happy You - Enjoy fresh, tasty meals every day at our very own in- house cafeteria. We take food seriously!

What will you not get?

• Punch In, Punch Out Culture – We hate login-logout rules. Du-uh, we’re not in school! We care about outcomes, not clock-watching.
• Spoon-Feeding – No hand-holding here. You’ll get all the support you need - but you’re expected to take charge and carve your own path
• Too Many Rules – We don’t overload you with rigid processes. We offer simple guidelines and a helping hand - ownership is all yours.
• Yes-Mam, No-Mam Culture – We respect ideas, not titles. Speak up, challenge, build - no sir/ma’am culture here.
• Blame Games – We own our wins and our misses - together. We don’t point fingers, we fix things

If you find the above details interesting;
we encourage you to apply. We are building a

diverse team whose skills balance and complement one another.

Mobisy Technologies is an equal opportunity employer and we value diversity. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

• Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include:
• Improving incident response times
• Reducing false positives and other extraneous alerts
• Enhancing threat detection capabilities
• Oversee your staff's activities and ensure they focus on the right priorities
• Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators
• Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible
• Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team
• Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences
• Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies.
• Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents.
• Report to the Customer about security operations. This means that you must keep the CISO and Head of security operations informed about everything that’s happening in the operations centre. You can do this by preparing clear and concise reports that highlight key findings, and recommendations about the operations. Your reports will help the customer make informed decisions about security investments and strategies that align with the company's goals.

Role Overview:

We’re hiring a Security Specialist to safeguard our trading infrastructure, data, and systems. The role involves proactive threat monitoring, incident response, security audits, and ensuring regulatory compliance in a fast-paced trading environment.

Key Responsibilities:

• Monitor & Respond to Threats: Continuously track security events across networks, systems, and applications. Investigate and respond to incidents swiftly to minimize risks.
• Infrastructure Security Management: Configure and manage firewalls, IDS/IPS, endpoint protection, and SIEM tools to maintain a secure environment.
• Vulnerability Management: Conduct regular vulnerability assessments, penetration tests, and risk analysis to identify and remediate potential weaknesses.
• Security Audits & Compliance: Perform periodic security audits and ensure adherence to SEBI, NSE/BSE, and exchange-specific cybersecurity regulations.
• Secure DevOps Practices: Work closely with DevOps and engineering teams to integrate security controls within CI/CD pipelines and cloud infrastructure.
• Documentation & Reporting: Maintain detailed security incident reports, audit logs, and risk assessment records for internal review and regulatory submissions.
• User Awareness & Training: Conduct periodic security awareness sessions and phishing simulation exercises for internal teams.

Requirements:

• 3–6 years in information security (fintech/trading preferred).
• Strong knowledge of network, cloud (AWS/GCP), and system security.
• Familiarity with SEBI cybersecurity guidelines a plus.

Employment Type: Full-Time

Experience: 3–6 Years

Location: Bangalore

• Monitor network and system logs for security breaches and anomalies.
• Investigate and respond to security incidents in a timely and effective manner.
• Perform vulnerability assessments and penetration testing.
• Develop and implement security policies, procedures, and controls.
• Manage and configure security tools such as SIEM, IDS/IPS, firewalls, and endpoint protection.
• Analyze threat intelligence and stay updated on the latest cybersecurity threats and trends.
• Collaborate with IT teams to ensure the security of infrastructure and applications.
• Develop and conduct security awareness training for employees.
• Assist in the development and maintenance of incident response and disaster recovery plans.
• Ensure compliance with relevant security standards and regulations.
• Document security procedures and incident reports.
• Provide technical guidance and mentorship to junior security staff.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 5+ years of experience in cybersecurity or a related IT security role.
• In-depth knowledge of network security, system security, and common attack vectors.
• Hands-on experience with SIEM, IDS/IPS, firewalls, and endpoint security solutions.
• Familiarity with security frameworks (NIST, ISO 27001) and compliance requirements.
• Strong analytical and problem-solving skills.
• Relevant certifications such as CISSP, CEH, Security+ are highly desirable.
• Excellent communication and interpersonal skills.
• Ability to work effectively in a hybrid work environment.

• Monitor security infrastructure for threats and anomalies using SIEM and other security tools.
• Investigate security incidents, perform forensic analysis, and provide detailed incident reports.
• Develop and implement incident response plans and playbooks.
• Conduct vulnerability assessments and coordinate penetration testing activities.
• Manage and configure security tools, including firewalls, IDS/IPS, EDR, and antivirus solutions.
• Analyze security logs and network traffic to identify suspicious activities.
• Develop and enforce security policies, standards, and procedures.
• Provide recommendations for security improvements and implement new security technologies.
• Educate employees on cybersecurity best practices and awareness training.
• Stay up-to-date with the latest cybersecurity threats, trends, and technologies.
• Collaborate with IT teams to ensure secure system configurations and deployments.
• Participate in security audits and compliance activities.
• Contribute to threat intelligence gathering and analysis.

• Bachelor's or Master's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 6 years of experience in cybersecurity, with a focus on security operations and incident response.
• Hands-on experience with SIEM, IDS/IPS, EDR, firewalls, and other security technologies.
• Strong understanding of TCP/IP, network protocols, and operating systems (Windows, Linux).
• Experience with scripting languages (e.g., Python, PowerShell) for automation is a plus.
• Knowledge of security frameworks and best practices (NIST, ISO 27001, CIS).
• Relevant certifications such as CISSP, CEH, OSCP, or GIAC are highly desirable.
• Excellent analytical, problem-solving, and critical-thinking skills.
• Strong communication and interpersonal skills, with the ability to explain technical concepts to non-technical audiences.
• Proven ability to work independently and manage time effectively in a remote setting.