Pioneering trusted medical solutions to improve the lives we touch
Cyber Security Analyst – T3
Location
India
Posted
7 hours ago
Salary
0
Seniority
Senior
Job Description
Cyber Security Analyst – T3
Convatec
• Monitor, assess and respond to cyber security incidents across enterprise environments • Lead incident investigations, root cause analysis and remediation activities • Develop and improve incident response plans, procedures and playbooks • Assess and manage technical vulnerabilities and security risks • Collaborate with SOCs, CSIRTs and business stakeholders on incident management and reporting
Job Requirements
- Min. 5 years of solid experience working in Cyber Security Operations Centre (SOC) environments
- Hands-on expertise in incident response, threat detection and security monitoring
- Strong understanding of cyber threats, attack techniques and vulnerability management
- Experience working with operating systems, networks, cloud platforms and security tools
- Relevant cyber security certifications such as CISSP, CISM, CISA, CySA+ or CASP+
Benefits
- Collaborative environment
- Continuous learning opportunities
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
• plan, implement, upgrade, or monitor security measures for the protection of computer networks and information • specialize in endpoint security, vulnerability management, and application security • ensure that appropriate security controls are in place and safeguard digital files and vital electronic infrastructure • respond to computer security incidents and malware • Windows endpoint administration: Windows patches, 3rd Party Patches, Firewall, Vulnerability management • Manage Active Directory / Group Policy infrastructure • Mobile device management: Encryption, Multi-Factor authentication • Provide computer security consulting support for the university • Monitor security logs on all systems and address any incidents or anomalies recorded • Document computer security and emergency measures, policies, procedures, and testing protocols • Assure end-point protection software is kept current in accordance with departmental policy • Analysis of applications/software/policies in enterprise environment and the effects of workflows to the end-user • Ability to use powershell to automate security processes, parse security logs, and secure the environment • Confer with users to discuss issues such as computer data access needs, security violations, and programming changes • Coordinate implementation of computer system plan with establishment personnel and outside vendors • Monitor use of data files and regulate access to safeguard information in computer files • Desktop architecture • Microsoft Server and Active Directory administration • Group policy management • Building and deploying secure golden OS images
Role Description A fast-growing healthcare services company is undergoing its first SOC 2 audit and building its information security program from the ground up. The organization operates in a HIPAA-compliant, high-trust environment and is now taking on enterprise clients who require formal compliance credentials. We are placing one Security Analyst / Compliance Lead as a dedicated, embedded resource. This person will function as an extension of the internal team — owning day-to-day security operations and SOC 2 evidence collection. This is a hybrid role, not a senior architect or vCISO seat, and it does not involve facing the auditor directly. What You Will Do - Upload and manage security policies within a leading compliance automation platform - Gather, organize, and upload evidence for SOC 2 controls across the defined audit scope - Map evidence to applicable Trust Service Criteria; identify and flag gaps - Support remediation efforts and compensating controls as audit findings surface - Monitor and triage EDR alerts; perform initial investigations on security incidents - Execute incident response procedures in accordance with the client's IR plan - Handle ad hoc security and compliance tasks as directed by client leadership - Support the team in establishing repeatable security processes as the program matures Qualifications - Hands-on experience with SOC 2 compliance — familiarity with Trust Service Criteria, evidence collection, and control mapping - Proficiency with Vanta or a comparable GRC / compliance automation platform - Working knowledge of CrowdStrike or comparable EDR platforms for alert triage and basic incident response - Understanding of HIPAA compliance requirements and high-trust environments - Ability to translate technical security controls into audit-ready documentation - Strong organizational skills — able to independently manage a large volume of evidence across multiple control areas - Available to start mid-July 2026 and commit through December 31, 2026 - U.S.-based, available to work fully remote Preferred Qualifications - Prior experience in a healthcare or health services organization - Familiarity with third-party audit firms and evidence submission processes - Exposure to additional frameworks such as ISO 27001, NIST RMF, GDPR, or PCI DSS - Experience with Azure environments or cloud-hosted infrastructure - Background in GRC (Governance, Risk, and Compliance) in addition to hands-on security operations What This Role Is Not - Not a senior security architect or vCISO seat — this is a mid-level, hybrid role - Not the primary interface with the auditor — client leadership owns that relationship - Not initially scoped for vulnerability management or third-party risk — those may be added as the engagement grows
Analista de Governança – Segurança da Informação SR
SGA TI em NuvemO poder da nuvem é ilimitado. See ahead. Go ahead.
• Conduzir avaliações (*assessments*) de maturidade em cibersegurança e mapeamento de lacunas (*gaps*) utilizando os principais frameworks de mercado. • Traduzir métricas e riscos puramente técnicos para uma linguagem corporativa e executiva acessível, apoiando diretamente a tomada de decisão da alta liderança. • Avaliar a conformidade e a eficácia prática de controles técnicos de segurança em ambientes *Cloud* e *On-premise*, atuando de forma profunda e baseada em evidências (fugindo de questionários superficiais). • Apoiar o ciclo completo de gestão de riscos, elaborando recomendações robustas de tratamento e estruturando fluxos formais de aprovação (incluindo a formalização de aceites de risco com condições e comentários técnicos). • Elaborar, revisar e atualizar políticas, normas e procedimentos de segurança da informação, garantindo que sejam de fato aplicáveis e conectados à realidade das áreas de negócio. • Desenvolver, monitorar e reportar indicadores de desempenho (KPIs) e de risco (KRIs) que demonstrem a evolução real e madura da segurança na companhia. • Apoiar no desenvolvimento de materiais, conteúdos pedagógicos e condução de treinamentos internos para a conscientização de colaboradores nos temas de Segurança da Informação.
Cybersecurity Analyst
CyberMaxxCyberMaxx prevents, detects, and responds to cyberattacks so organizations can have peace of mind.
• Formalize and deliver security product tuning requests to improve detection capabilities and overall efficiency • Develop and maintain incident response use incidents, knowledge base articles, and other relevant documentation • Coordinate basic forensics activities as needed • Conduct after action reviews on high impact and otherwise noteworthy incidents to identify process and human capital improvements • Aid in onboarding and mentoring new team members • Drive and Implement continuous improvement, open communication, and sharing of knowledge • Assist with creation, review, and upkeep of internal documentation • Facilitate reasonable out-of-hours communications such as company email and occasional SOC operations related phone calls to resolve escalated issues • Actively influence team collaboration, cross-training, and documentation • Act as a primary subject matter expert for one or more security products • Act as initial escalation point for complicated or sensitive work • Identify and resolve opportunities to automate repetitive tasks • Proactively propose improvements for how to reduce risk and potential future incidents • Maintain high-level of expertise with products in use and the ability to quickly familiarize with related technologies



