Information Security Analyst

About the role

The Cyber Security Analyst (Defensive Security) supports the organisation's security architecture and infrastructure protection functions. Working under senior security architects and engineers, the role offers hands‑on exposure to cloud security, endpoint protection, secure software development lifecycle (SDLC) practices and security monitoring in a fast‑paced Fintech environment.

Key responsibilities

• Assist senior architects in documenting and maintaining security architecture designs, ensuring alignment with standards and regulatory requirements.
• Help review system designs and configurations against established security baselines and flag gaps for senior review.
• Monitor cloud environments (GCP/AWS) for misconfigurations using Cloud Security Posture Management tools.
• Support review of cloud infrastructure configurations (Terraform, Kubernetes) and track CI/CD pipeline security findings.
• Integrate and operate security tools within CI/CD pipelines (SAST, DAST, dependency scanning) and triage scan results.
• Participate in source code review activities, flagging common vulnerability patterns such as OWASP Top 10.
• Execute predefined vulnerability assessment test cases for web, mobile and API services under senior guidance.

Required profile

• Enthusiastic about building a career in defensive security.
• Comfortable working under the guidance of senior architects and engineers.
• Ability to operate in a fast‑paced Fintech environment.

Required skills

• GCP and AWS cloud platforms.
• Infrastructure‑as‑Code tools such as Terraform and container orchestration with Kubernetes.
• CI/CD pipeline concepts and security testing tools (SAST, DAST, dependency scanning).
• Understanding of OWASP Top 10 vulnerabilities.
• Experience with vulnerability assessment and basic penetration testing.
• Familiarity with security monitoring, incident response and endpoint protection solutions.
• Knowledge of cloud security posture management (CSPM) practices.