Senior Executive 2 - Info Sec

Bangalore, Karnataka
Permanent
Full-time

1 day ago
Apply easily

At FYERS, we are redefining the investing experience with cutting-edge, technology-driven platforms. As a fast-growing financial services company, we place cybersecurity at the core of our mission—safeguarding client trust, ensuring business resilience, and staying ahead of regulatory requirements. We are looking for a passionate and skilled information Security Analyst/ Incident Response specialist to be a key player in strengthening our security operations, compliance, and governance. This is your chance to work on high-impact security initiatives while being part of an agile, innovation-driven culture.Key Responsibilities:

Monitor, investigate, and respond to security alerts from SIEM, IDS/IPS, EDR/XDR, SASE, phishing analysis, brand monitoring, and dark web monitoring tools.

Perform real-time monitoring and proactive threat hunting to detect malicious activities and anomalies.

Differentiate between genuine incidents and false positives through correlation of multi-source logs.

Escalate critical incidents promptly, assist in containment, and document observations for RCA and reporting.

Create and maintain Incident Response SOPs, playbooks, and run-books for crisis management.

Prepare incident reports with actionable remediation steps.

Configure, fine-tune, and optimize security tools (SIEM, IDS/IPS, EDR/XDR, AV, DLP) to enhance detection accuracy.

Stay abreast of emerging threats, adversary TTPs, and evolving attack techniques.

Support compliance with ISO/IEC 27001, SEBI CSCRF, and DPDPA through documentation, evidence collection, and audits.

Conduct and support internal audits; assist during external audits.

Maintain policies, regulatory evidence, and training documentation.

Perform vendor due diligence, risk assessments, and vendor risk management as per SEBI and regulatory norms.

Maintain IT/InfoSec risk registers, dashboards, and compliance reports.

Assist in drafting and updating cybersecurity policies, standards, and guidelines aligned with ISO/IEC 27001 & SEBI CSCRF.

Participate in governance meetings, compliance automation initiatives, and process improvement efforts.

Conduct employee security awareness programs, phishing simulations, and engagement activities.

Qualifications:

4–8 years of experience in security analysis, incident response, or threat detection.

Strong knowledge of networking, operating systems (Windows/Linux/macOS), log analysis, and ITIL processes.

Familiarity with SIEM platforms, malware analysis, cloud security models, and governance frameworks (ISO 27001, SEBI CSCRF, DPDPA).

Preferred Certifications: ISO 27001 LA/LI, CompTIA Security+, CEH, CHFI, CCNA, or equivalent.

Proven expertise in incident response, threat detection, and hunting.

Hands-on experience with SIEM, EDR/XDR, and log analysis across IT and cloud environments.

Prior exposure to BFSI/fintech sector security requirements (preferred).

Experience handling critical incidents and RCA documentation.

Good to Have :

Active participation in threat intelligence communities or open-source contributions.

Scripting/automation skills (Python, PowerShell, etc.).

SOAR/UEBA tuning and automation experience.

FYERS Securities