Security Analyst – Enterprise Vulnerability Management Job Description: 

Location: Bangalore 

Position Type: Full-time 

Experience Level: Minimum 3-6 years 

 

Meet Landmark Digital – we’re part of the Landmark Group, one of the largest retail and hospitality organisations in the Middle East, North Africa, and India. We’re guardians of the group’s digital arm which encompasses of Enterprise & E-commerce Tech, Product Management, User Design, Omni Operations, Customer Experience, Loyalty, Content Production, Studio, Growth and MarTech, Finance and HR functions. With a futuristic outlook we strive to make the digital experience of our customers seamless. 

Headquartered in Dubai, UAE, we’re currently driving the digital experience for 8 industry-leading brands in 8 geographies, and rapidly expanding our footprint across new territories and functions. Join us, and you’ll be part of the Middle East’s biggest bricks-to-clicks success story, that registers over 100% growth year-on-year.

Agile work culture: Within the digital function, you’ll be hands-on from day one, working in squads to make independent decisions and game-changing contributions that directly impact millions of customers. You’ll collaborate every day with teammates from 20+ nationalities, across Dubai, India, Europe and the US.

Space for excellence: Landmark Digital has a dedicated and growing software development centre in Bangalore, India, where we incubate, design and optimise our products and experiences. We also offer the option to work remotely for certain key roles.

Focus on learning and growth: Excellent remuneration and perks are part of the package, but we also budget ample time and resources for training and upskilling

Job Description: 
We are seeking an experienced and motivated Cybersecurity Specialist with a strong background in penetration testing, red teaming, DevSecOps practices, and vulnerability management. This individual will be a hands-on contributor responsible for identifying vulnerabilities, simulating real-world attacks, and integrating security throughout our development processes. The ideal candidate will possess a blend of technical expertise, analytical skills, and the ability to take initiative. 

Key Responsibilities: 

• Conduct comprehensive penetration tests and red team assessments to identify vulnerabilities and weaknesses across various systems and applications. 

• Develop and execute advanced attack simulations and methodologies to evaluate the security posture of the organization. 

• Collaborate with development teams to integrate security practices seamlessly into the Software Development Life Cycle (SDLC) through DevSecOps initiatives. 

• Manage the vulnerability scanning and management process using tools such as Qualys, Tenable, and other industry-standard solutions, ensuring timely remediation of identified vulnerabilities across the IT landscape. 

• Utilize Static Application Security Testing (SAST) tools, including Veracode, Snyk, and other relevant solutions, to enhance application security throughout the development process. 

• Analyze security assessments and present findings to stakeholders, providing actionable recommendations for risk reduction. 

• Engage in security research to stay current with emerging trends, threat intelligence, and vulnerabilities in technologies relevant to the organization. 

• Take ownership of assigned tasks and projects, demonstrating accountability and a results-driven approach. 

• Proactively identify areas for improvement in existing security processes and tools, and initiate projects to enhance overall security posture. 

• Mentor junior team members and share knowledge on best practices, tools, and methodologies in cybersecurity. 

• Serve as a liaison between technical and non-technical teams to promote security awareness and practices across the organization. 

Qualifications: 

• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent work experience. 

• Minimum of 3  years of experience in cybersecurity, with a focus on penetration testing, red teaming, DevSecOps, and vulnerability management. 

• Proven experience with penetration testing tools (e.g., Burp Suite, Kali Linux) and methodologies (e.g., OWASP Top Ten, MITRE ATT&CK Framework). 

• Experience managing vulnerabilities using tools such as Qualys, Tenable, or similar vulnerability management solutions. 

• Familiarity with DevSecOps tools and practices (e.g., CI/CD pipelines, security scanning tools). 

• Strong knowledge of operating systems (Linux, Windows) and networking protocols. 

• Experience with cloud security principles and technologies (AWS, Azure, GCP). 

• Excellent problem-solving skills and the ability to think critically in high-pressure situations. 

• Strong communication and interpersonal skills with the ability to work collaboratively in a team-oriented environment. 

• Relevant cybersecurity certifications (e.g., PNPT, CPPT, OSCP, CEH, etc.) are a plus.