HMH
Lead Information Security Analyst
🇮🇳 PUNE, Maharashtra
🕑 Full-Time
💰 TBD
💻 Cybersecurity
🗓️ November 21st, 2025
Edtech.com's Summary
- Design and implementation of secure cloud architectures in AWS, Azure, and GCP.
- Management of cloud security services including IAM, VPC, S3, KMS, and containerized environments.
- Development and enforcement of cloud security policies and golden images.
- Automation of security workflows using Python, Java, PowerShell, and Bash scripting.
- Conduct vulnerability assessments with tools like SAST, DAST, IAST, RASP, and WAF.
- Ensure compliance with standards such as GDPR, HIPAA, SOC 2, PCI DSS, ISO27001, and SOX.
- Required skills include cloud security, application security, infrastructure management, scripting, web development frameworks (React, Angular, NodeJS, Spring), SIEM tools (Datadog, Splunk), and AI/automation concepts.
- Preferred experience with agile development, secure software design for web applications, Web Content Management frameworks, and security frameworks (CIS, NIST, ISO 27001).
- Collaboration with teams including Engineering, DevOps, Legal, and Risk.
- Supporting security incident triage, forensic investigations, and compliance audits.
Lead Information Security Analyst Full Description
HMH is a learning technology company committed to delivering connected solutions that engage learners, empower educators and improve student outcomes. As a leading provider of K-12 core curriculum, supplemental and intervention solutions, and professional learning services, HMH partners with educators and school districts to uncover solutions that unlock students' potential and extend teachers' capabilities.
HMH serves more than 50 million students and 4 million educators in 150 countries. HMH Technology India Pvt. Ltd. is our technology and innovation arm in India focused on developing novel products and solutions using cutting-edge technology to better serve our clients globally. HMH aims to help employees grow as people, and not just as professionals. For more information, visit www.hmhco.com
We are seeking a Senior Security Analyst with strong hands-on experience in cloud security, application security, web-based development, scripting, and AI/automation concepts. This role combines responsibilities across cloud infrastructure, secure software development, and application security. The ideal candidate will be adept at designing and implementing advanced security solutions, identifying vulnerabilities, and collaborating with cross-functional teams to enhance security posture across the organization.
Key Responsibilities:
- Design and implement secure cloud architectures (AWS, Azure, GCP).
- Secure services like IAM, VPC, S3, KMS, and containerized environments.
- Develop and enforce cloud security policies and golden images.
- Implement encryption strategies and monitor environments using tools like ORCA, SIEM, CSPM, CWPP.
- Ensure compliance with GDPR, HIPAA, SOC 2, PCI DSS, ISO27001, and SOX.
- Collaborate with Engineering, DevOps, Legal, and Risk teams.
- Automate security workflows using Python, Java, PowerShell, Bash.
- Lead application security remediation and incident response.
- Address OWASP vulnerabilities and conduct forensic investigations.
- Perform vulnerability assessments using SAST, DAST, IAST, RASP, WAF.
- Advocate for secure SDLC practices and developer training.
- Monitor cloud and on-prem infrastructure for security threats.
- Support and implement controls for third-party attestations.
Required Qualifications:
- 5+ years in cloud security, application security, and infrastructure management.
- Strong scripting and automation skills (Python, PowerShell, Shell/BASH, Terraform).
- Proficiency in web development frameworks (React, Angular, NodeJS, Spring, MVC, HTML, CSS).
- Experience with vulnerability tools (SAST, DAST, IAST, RASP, WAF).
- Familiarity with Kubernetes, microservices, DevSecOps tools.
- Understanding of encryption, authentication, and IAM.
- Experience with SIEM tools (Datadog, Splunk, Sumo Logic, Kibana).
- Knowledge of AI/ML and automation in security workflows.
- Strong communication and stakeholder engagement skills.
Preferred:
- Experience in agile development environments.
- Prior experience in secure software design for externally facing web applications
- Experience with Web Content Management frameworks.
- Familiarity with security frameworks (CIS, NIST, ISO 27001).
- Exposure to third-party risk assessments and compliance audits.
- Hands-on experience with JIRA, Confluence, and documentation of security processes.
- Ability to support security incident triage, root cause analysis, and post-incident reviews.
HMH Technology Private Limited is an Equal Opportunity Employer and considers applicants for all positions without regard to race, colour, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. We are committed to creating a dynamic work environment that values diversity and inclusion, respect and integrity, customer focus, and innovation. For more information, visit https://careers.hmhco.com/. Follow us on Twitter, Facebook, LinkedIn, and YouTube.
Similar Jobs
Database Analyst
Missouri State University
🇺🇸 Springfield, MO
Cybersecurity Analyst- McCrary
Auburn University
🇺🇸 Auburn, AL
IT Security Architect
Montana State University
🇺🇸 Bozeman, MT
Solutions Architect I
Liberty University
🇺🇸 Remote - US
Identity & Access Management Specialists
University of Utah
🇺🇸 Hybrid - Salt Lake City, UT
