Senior Information Security Analyst

Experience: 5+ years

Qualification: MCA/ BE/ BTech / ME/MTech (Preferably in Comp Sc/IT/ Cybersecurity)

Technical Skills Required

Mandatory:

• Expertise in web, mobile, and API security with a strong understanding of security-by-design principles.
• Proficiency in Python, Ruby, PowerShell, Bash, and Perl for security scripting.
• Solid foundation in network security and secure coding practices.
• 3+ years of experience in source code review and using static & dynamic analysis tools.
• Hands-on experience with security tools like Burp Suite, OWASP ZAP, SonarQube, Snyk, Checkmarx, and vulnerability scanners like Nessus, OpenVAS.
• Familiarity with Metasploit for penetration testing.
• Experience in security architecture reviews and enforcing secure coding guidelines.
• Skilled in incident analysis, root cause analysis, and risk assessment.
• Working knowledge of the STRIDE model and MITRE ATT&CK framework.

Good to have:

• Experience in secure software development in .Net, Node.js, C, C++, and JavaScript.
• Knowledge of mobile security testing (MobSF) and cloud security.
• Familiarity with ISO 27001, industry standards, and product security certifications.
• Experience with threat modeling for VPN, VDI, MFA, and SSO products.

Desirable Certifications:

• Certified Ethical Hacker (CEH)
• Offensive Security Certified Professional (OSCP)
• Certified information systems security professional (CISSP)
• GIAC/GWAPT/GWEB

Soft Skills Required

• Analytical thinking
• Problem solving
• Strong communication skills (written and verbal)
• Attention to detail
• Proactive, self-motivated
• Flexible/adaptable

Role and Responsibilities:

• Lead and manage the application security program, including tools, assessments, and issue resolution.
• Integrate security into CI/CD pipelines and collaborate with development teams.
• Provide security training for developers, project managers, and product managers.
• Work with cross-functional teams to assess and resolve security issues within release cycles.
• Support security certifications like ISO27001, SOC2, CC, FIPS for Accops products.
• Conduct risk assessments, vulnerability analysis, and threat modeling.
• Review application design and architecture for security and compliance.

Founded in 2012, Accops is a leading provider of secure remote access and digital workspace solutions, enabling organizations to maintain control and governance while offering flexibility to work from any device. Accops offers a comprehensive Digital Workspace suite that includes Zero Trust-based Application Access Gateway, End-User Computing (EUC) Virtualization via VDI, robust Identity & Access Management (IAM) solutions such as Multi-Factor Authentication (MFA) and Single Sign-On (SSO), and thin client hardware and software solutions.

Accops addresses modern remote work challenges by delivering secure, instant access to business applications. Its solutions protect against network threats and unauthorized access, critical in today's work-from-anywhere environment. Unlike traditional, multi-product approaches, Accops' pre-integrated suite reduces complexity and deployment time, ensuring faster and more agile implementation.

Headquartered in Pune, Accops has become a significant player in the End-User Computing (EUC) virtualization domain, offering a one-stop solution for organizations seeking to deploy secure remote work infrastructures. Its products, including the Nano OS for secure containerization on BYOD devices, and extensive MFA and SSO capabilities, ensure robust data protection and strong identity management.

Part of Jio Platforms Ltd, Accops continues to innovate and enhance digital workspace solutions with a focus on security, user experience, and operational efficiency.