Cyber Security Senior Analyst - NIST Barometer Assessments, Application security, Network security

• Cyber Security Senior Analyst
• Experience: 5-6 years
• Location :- Bangalore
• Technical round managerial round( face to face )
• Skills :- NIST Barometer Assessments , GRC Reporting , Cyber security basics , Application security , who has experience in managing Cyber related Audits , ASA , Security by design and Data Security.

JD highlevel
Experience: 5-6 years
Key Responsibilities:
Support the day-to-day operational InfoSec activities for a customer unit, aligned to SG global standards and security policies.
Perform risk analysis of new business processes and solutions, providing practical security recommendations.
Conduct and support Application Sensitivity Assessments (ASA) and Secure by Design (SBD) evaluations.
Conduct Application Security Assessments (ASA) and monitor compliance based on application risk ratings.
Collaborate with Application owners to complete Secure by Design (SBD) process prior to production deployment.
Support the Entity ISOs and Application Owners & Managers for compliance to meet Group KRIs by providing expertise support, collaborative follow-ups.
Ensure adherence to industry standards such as NIST, ISO/IEC 27034, OWASP Top10, etc and regulatory requirements such as GDPR, AAS.
Collaborate with development Teams to embed security best practices into software development life cycle (SDLC)
Manage and respond to Information Security Incidents, in collaboration with internal and global teams.
Perform RAF (Risk Acceptance Framework) and exception management workflows.
Deliver and support security awareness programs, including sessions and campaign planning.
Liaise with application, infrastructure, and business teams to drive Infrastructure/Hardening and application security control implementations.
Prepare inputs for internal and external audits; support evidence collection and closure of findings.
Required Skills and Experience:
5-6 years of experience in Information Security, with a strong focus on GRC and operational security.
Sound understanding of application security, foundational security controls, risk management, and audit processes.
Strong understanding & Working knowledge of ASA/SBD assessments, TPRM processes, and Risk awareness delivery.
Strong analytical and communication skills with the ability to evaluate risk and recommend controls quickly.
Identify & evaluate security risks & report appropriately.
Coordinate with LOD2 to review/create policies, standards & Procedures.
Familiarity with security standards/frameworks (e.g., ISO 27001, NIST, CIS).