Analyst II - Information Security

We are looking for a motivated professional with 2 to 3 years of experience to join our Hyderabad team as an Associate Engineer supporting Google SecOps Engineering activities. In this role, you will execute a variety of cross-domain security tasks including internal and external audits, customer assurance, vulnerability assessments, and red teaming exercises, working under the guidance of supervisors and leads. You will help ensure compliance with standards such as ISO 27001, ISO 22301, and ISO 27701, support audit preparations, perform security assessments, and contribute to information security awareness initiatives. This position offers a valuable opportunity to build expertise in cybersecurity while collaborating within a dynamic team environment.

Key Responsibilities

- Execute assigned tasks across multiple domains such as Business Continuity Management System (BCMS), risk assessment, incident management, HITRUST, SOC, customer assurance, data privacy, vulnerability assessment, and red teaming with minimal supervision.
- Assist leads in conducting internal and external audits to verify compliance with ISO standards and business-specific requirements.
- Prepare audit and security assessment reports, track findings, and follow up to ensure timely closure of audit items.
- Evaluate IT controls and support risk assessment and mitigation efforts.
- Facilitate preparatory sessions and collect evidence for external audits.
- Participate in Capture The Flag (CTF) or bug bounty activities to enhance security skills.
- Support customer discussions to clarify and document security requirements effectively.
- Perform security assessments and prepare detailed technical reports within deadlines.
- Contribute to automation initiatives and information security awareness programs.
- Assist in establishing tracking and reporting strategies for security activities.
- Support execution of responsibilities across multiple locations as required.

Required Qualifications

- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Electronics and Communication Engineering, or related fields.
- 2 to 3 years of relevant experience in information security, risk management, or related domains.
- Strong understanding of information security concepts, business continuity, data privacy, vulnerability assessment, red teaming, and compliance standards including ISO 27001, ISO 22301, and ISO 27701.
- Familiarity with security controls, standard SDLC, project management life cycles, and operations of functional units such as HR, REFM, IT, and Finance.
- Hands-on experience with security testing tools like RSA Archer, Burp Suite, Nessus, Nmap, Genymotion, Postman, MobSF, and Drozer.
- Proficiency in Linux commands and scripting languages such as Shell Script and Python.
- Excellent verbal and written communication skills, capable of engaging both technical and non-technical stakeholders.
- Strong analytical thinking, attention to detail, and a customer-oriented mindset.
- Ability to prioritize tasks, resolve issues efficiently, and collaborate effectively within teams.
- Commitment to continuous learning, demonstrated by completing at least one certification and four training sessions annually related to information or cybersecurity.

Preferred Qualifications and Benefits

- Certifications such as CEH, ECSS, CND, or OSWE are advantageous.
- Specialization in one security domain (Web, Network, API, or Mobile) with the ability to identify false positives in automated scan results.
- Basic scripting knowledge in Python, PowerShell, or Bash.
- Familiarity with cloud platforms, preferably Google Cloud Platform (GCP), with optional exposure to AWS or Azure.
- Understanding of APIs, authentication mechanisms, and service accounts.
- Awareness of SIEM platforms like Splunk, QRadar, Elastic, LogRhythm, or Sumo Logic.
- Hands-on experience with Google SecOps tools including Chronicle SIEM and Google SOAR.
- Opportunity to gain practical experience in log onboarding, integration validation, ingestion health checks, and documentation support.
- Career growth potential into roles such as SIEM Engineer, SOAR Engineer, or Cloud Security Engineer.
- A learning-focused environment with mentorship from experienced security engineers.

UST is a global digital transformation solutions provider with over 20 years of experience partnering with leading companies worldwide. With more than 30,000 employees across 30 countries, UST drives innovation and agility to create meaningful impact through technology and purpose-driven collaboration. Join us to be part of a forward-thinking organization committed to shaping the future of cybersecurity.