Role Overview:
The Senior Information Security Analyst will be responsible for safeguarding the organization’s information systems, network infrastructure, and data from security threats, vulnerabilities, and incidents. This role involves monitoring and analyzing security events, conducting vulnerability assessments, and driving continuous improvements in security posture. The Senior Information Security Analyst will work closely with various teams to enhance security operations and contribute to securing the organization’s digital assets.
Key Responsibilities:
Security Event Analysis & Incident Response:
- Analyze security events from multiple sources (SIEM, IPS/IDS, firewalls, etc.) to identify the root cause of incidents and determine the appropriate mitigation actions.
- Continuously monitor network and firewall activity to detect anomalous behavior, intrusion attempts, and potential security risks.
- Lead incident response efforts, applying containment and eradication strategies to minimize the impact of security incidents.
- Perform post-incident analysis to understand attack vectors, improve defenses, and provide actionable insights for future prevention.
System & Network Security:
- Evaluate and analyze security configurations of network and system components to ensure they are hardened against known threats and vulnerabilities.
- Perform proactive vulnerability assessments, penetration tests, and risk assessments on internal systems, applications (web, mobile, APIs), and third-party services to identify potential weaknesses.
- Collaborate with cross-functional teams to remediate identified vulnerabilities and ensure system compliance with security standards and policies.
Security Improvement & Innovation:
- Identify opportunities to innovate and enhance the organization’s security posture by researching emerging technologies, security trends, and best practices.
- Recommend new tools, technologies, and processes to improve threat detection, prevention, and response capabilities.
- Drive the adoption of new security measures and processes to continuously improve the overall security program.
Vendor Risk Management:
- Assess and evaluate third-party vendors and service providers against the organization’s security requirements.
- Conduct periodic vendor security reviews and audits to ensure compliance with security standards and identify potential security risks associated with third-party relationships.
- Collaborate with the procurement and legal teams to ensure security controls are embedded into contracts and vendor agreements.
Security Awareness & Training:
- Contribute to the development of security training materials and programs for staff, ensuring they understand and comply with security best practices and organizational policies.
- Mentor and guide junior security analysts, providing leadership and support in incident response, vulnerability management, and security operations.
Reporting & Documentation:
- Generate detailed security incident reports, post-mortem analysis, and vulnerability assessments for internal stakeholders.
- Maintain comprehensive documentation of security incidents, changes, and improvements made to the security environment.
Requirements
- Education: Bachelor’s degree in Information Security, Computer Science, or a related field.
- Experience:
- 3+ years of experience in information security, with a strong background in security event analysis, incident response, vulnerability management, and risk assessment.
- Skills:
- Strong analytical and problem-solving skills, with the ability to quickly identify and mitigate security threats.
- Excellent communication skills, with the ability to convey complex technical information to non-technical stakeholders.
- Familiarity with security regulatory compliance standards
- Knowledge of network security principles, intrusion detection/prevention, and firewalls.
- Ability to work in a fast-paced environment and handle multiple priorities simultaneously.
Preferred Qualifications:
- Certifications:
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- CEH (Certified Ethical Hacker)
Benefits
Why join Kuda?
At Kuda, our people are the heart of our business, so we prioritize their welfare. We offer a wide range of competitive benefits in areas including but not limited to:
💜A great and upbeat work environment populated by a multinational team
👴Pension
📈Career development & growth
😁Competitive annual leave plus bank holidays
🎁Competitive paid time off (Parental, Moving day, Birthday, Study leave etc)
💯Group life insurance
💖Medical insurance
🎁Well-fare package (Wedding, Compassionate and etc)
✅Perkbox
🏃♀️Goalr - employee wellness app
🥇Award winning L&D training
💒 We are advocates of work-life balance, working in a hybrid in office schedule
Kuda is proud to be an equal-opportunity employer. We value diversity and anyone seeking employment at Kuda is considered based on merit, qualifications, competence and talent.
We don’t regard colour, religion, race, national origin, sexual orientation, ancestry, citizenship, sex, marital or family status, disability, gender, or any other legally protected status. If you have a disability or special need that requires accommodation, please let us know.