TransUnion's Job Applicant Privacy Notice
What We'll Bring:
We are seeking a security analyst to join CIBIL Information Security team to support annual penetration testing, ongoing vulnerability assessments, and application security scanning across our environment. The role will collaborate closely with development teams to embed DevSecOps practices, drive timely remediation of vulnerabilities, and ensure compliance with regulatory and threat‑intelligence advisories. Responsibilities include maintaining security baselines for infrastructure and leveraging tools such as Rapid7, Burp Suite, Checkmarx, and Seeker to strengthen our overall security posture.What You'll Bring:
Support the annual penetration testing program for both existing systems and new go‑live applications, ensuring timely remediation of identified risks.
Execute periodic internal and external vulnerability assessment (VA) scans, analyze discovered vulnerabilities, and provide clear reporting to stakeholders for timely closure.
Support Static Application Security Testing (SAST) and Interactive Application Security Testing (IAST) scans, driving application teams to identify, prioritize, and resolve security weaknesses.
Collaborate with development teams to embed security controls into CI/CD pipelines (DevSecOps) and promote secure coding practices across the SDLC.
Support regulatory and compliance-driven security advisories, ensuring vulnerabilities identified through external mandates are remediated within required timelines.
Assist in remediation activities triggered by threat intelligence and VTM advisories, including evaluation of reported exploits, zero-day vulnerabilities, and their applicability to the organization.
Conduct periodic security baseline reviews for network devices, operating systems, and infrastructure components to ensure configuration compliance.
Utilize and maintain proficiency with key security tools such as Rapid7, Burp Suite, Checkmarx, and Seeker, using them to strengthen the organization’s vulnerability management and application security posture.
Impact You'll Make:
- Maintain and enhance dashboards, reporting mechanisms, and metrics for vulnerability management, providing leadership with visibility into risk trends, remediation progress, and compliance adherence.
- Assist in establishing and continuously improving secure coding standards, development guidelines, and security guardrails aligned with industry best practices.
- Contribute to audit and compliance programs (e.g., ISO, SOC 2, regulatory reviews) by providing evidence, documentation, and remediation tracking for security‑related controls.
- Stay updated with emerging threats, new tools, and evolving security techniques, advising teams on adoption of modern, efficient, and scalable security practices.
TransUnion Job Title
Analyst, InfoSec Risk Management & Governance