Information Security Specialist

Client : UKJob Title: Lead Security Analyst Experience : 10 plus years of experiencePackage : LKR 700K or aboveOpportunity - (1 Opening)Location : ColomboWork Hrs : Sri Lankan Working HoursAbout the RoleAs a Senior Security Analyst, you will lead threat detection, incident response, and the implementation of security tools and frameworks to enhance organizational security. Collaborating with the IT Security Manager and development teams, you will assess incidents, guide secure coding practices, and ensure applications follow security-by-design principles.Mandatory Skill ( 100% hands on experience ) Microsoft Sentinel (Azure Sentinel)SAST / DAST (Static Application Security Testing / Dynamic Application Security Testing)Code Scanning (Application Security Scanning) / SEC OPS / Secure Dev PracticesPenetration TestingSecurity Standards – ISOIAM (Identity and Access Management) Cloud – AzureOAuth (Open Authorization) / Tokenization /SSDOther skills Key ResponsibilitiesDesign, implement, and maintain security tools and processes to strengthen CLIENT’s overall security posture.Provide expert guidance on secure coding and architecture throughout the software development lifecycle.Conduct security reviews of software releases to ensure compliance with CLIENT’s security standards.Act as an escalation point for complex security incidents, providing technical leadership and support.Develop and maintain security policies, SOPs, and documentation governing information security practices.Collaborate with IT teams to remediate findings from vulnerability assessments, penetration tests, and audits.Analyze vulnerabilities to assess potential impact and prioritize risk mitigation.Stay abreast of emerging cybersecurity threats and technologies, recommending proactive improvements.Support incident management by assessing reported issues, determining risk, and guiding effective resolution.Skills & CompetenciesStrong analytical and problem-solving skills to assess and resolve complex security challenges.Proven leadership in guiding and mentoring junior analysts during incident investigations.Expertise in security monitoring, detection, and incident response to mitigate threats effectively.Hands-on proficiency with SIEM tools (e.g., Azure Sentinel) for rule configuration and incident correlation.Experience in vulnerability management and risk mitigation across systems and networks.In-depth understanding of secure software development and security-by-design principles.Qualifications & Experience10+ years of experience in the Cybersecurity industry, with a strong background in security operations, monitoring, and risk management.Proficient in Windows and Active Directory administration, including Azure Active Directory.Hands-on experience with Microsoft Office 365 and Azure environments, including security configuration and management.Strong understanding of networking concepts, including TCP/IP and other common network protocols.Experience with Secure Access Service Edge (SASE) solutions — Cato Networks preferred, though not mandatory.Familiarity with established security standards and frameworks (e.g., ISO 27001, NIST, CIS).Microsoft certifications (such as AZ-500, SC-200, or MS-500) are advantageous but not required.