Senior Security Analyst

Overview

Assess and manage security risks for web apps, APIs, and cloud infrastructure while ensuring compliance.

Key Responsibilities

• risk assessment
• ci/cd security
• vulnerability management
• key management
• threat modeling
• security monitoring

Tasks

-Conduct regular security risk assessments for web applications, APIs, and underlying cloud infrastructure (AWS preferred). -Promote security awareness across engineering and operations teams through training and sharing of best practices. -Collaborate with development and QA teams to embed secure coding standards and automated security checks into CI/CD pipelines. -Maintain up-to-date security documentation, including risk registers, SOPs, and audit evidence. -Assist with external and internal security audits, preparing evidence and tracking corrective actions to closure. -Support encryption, key management, and API token lifecycle management across development and production environments. -Manage the vulnerability management lifecycle — identify, validate, track, and remediate findings using tools like Snyk, AWS Inspector, or internal scanning utilities. -Conduct periodic access control reviews to uphold the principle of least privilege. -Perform threat modeling, data flow analysis, and impact assessments for new product features and architectural changes with Penetration Testing tools preferably Kalilinux -Ensure compliance with internal ISMS policies and regulatory standards — including encryption, access control, and data retention. -Monitor application and infrastructure security logs and alerts to detect anomalies, respond to incidents, and document root cause analysis.

Requirements

• siem
• devsecops
• iso 27001
• soc 2
• aws
• 5+ years

What You Bring

-Experience with vulnerability management tools, SIEM, and DevSecOps pipelines. -Familiarity with ISO 27001, SOC 2, and GDPR compliance frameworks. -Bachelor’s degree in Computer Science, Information Security, or a related field. -Relevant certifications (e.g., CompTIA Security+, AWS Security Specialty, CEH) are a plus. -5+ years of hands-on experience in cybersecurity, preferably in a SaaS or cloud-based environment. -Strong understanding of cloud security (AWS), OWASP Top 10, and secure SDLC practices.

People Also Searched For

Benefits

-Generous Paid Leaves (Annual, Sick, Compassionate, Local Public, Marriage, Maternity, Paternity, Medical leave) -Company bonus/Profit share. -Medical benefits ( Insurance and Annual Health Check-up) -Additional Benefits (Long Service Awards, Mobile Phone Reimbursement) -Pension and Insurance Policies (Group Term Life Insurance, Group Personal Accident Insurance, Travel Insurance) -Flexible work arrangements for better work-life balance -Training and Development Assistance (Training Sponsorship, On-The-Job Training, Training Programme)

About Dnv

-With over a century of expertise, the company delivers solutions across sectors like Energy, Marine, and Renewables. -Notably involved in high-profile projects like wind farms, maritime safety, and digital transformation in industries. -The company is renowned for setting the highest standards in risk management and developing technology solutions for sustainability. -Its innovations span the digitalization of energy grids to advancing marine safety standards, driving industries forward. -Headquartered in Norway, the company has evolved from a maritime classification society into a multi-sector advisory giant.

Sector Specialisms

Security Clearance

-background checks will be conducted on all final candidates as part of the offer process, per applicable laws.