Offensive Security & Vulnerability Analyst

What You'll Do

• Conduct vulnerability assessments, penetration testing, and security reviews across applications, networks, systems, and cloud platforms.
• Utilise industry-standard tools such as Tenable, Wiz, and Horizon3 to identify security weaknesses and produce actionable remediation guidance.
• Perform application‑layer testing to identify threats such as XSS, SQL injection, buffer overflows, API weaknesses, and emerging exploit categories.
• Analyse cyber defence configurations for compliance with policies, standards, and regulatory requirements.
• Perform qualitative and quantitative risk assessments of existing and proposed technologies, with a strong focus on cloud services.
• Evaluate vendor and SaaS security posture, identify inherent risks, and recommend remediation and lifecycle management strategies.
• Develop and maintain processes for continuous risk monitoring, reporting, and compliance validation.
• Act as a security partner to cloud engineering, IT infrastructure, and application development teams.
• Contribute to the development of secure cloud architecture standards and patterns across Azure, M365, AWS, and other platforms.
• Contribute to the creation, review, and maintenance of corporate security policies, controls, and compliance self‑assessments.
• Produce high-quality written reports tailored to technical and executive audiences, summarizing vulnerabilities, risk impact, and recommended remediation strategies.
• Support acquisition integrations from a cloud and infrastructure security perspective.
• Partner with SOC and IR teams to support security investigations, containment, and recovery efforts.
• Document root cause, control gaps, and corrective actions to inform future improvements.
• Required Qualifications 3–5+ years of experience in vulnerability assessment, penetration testing, cloud security, or information security engineering.
• Certifications such as CISSP, CISM, CEH, or OSCP are great to have but not essential.
• Required Technical Skills Strong hands-on experience with vulnerability management platforms (e.g., Tenable, Wiz, Horizon3).
• Proficiency with penetration testing tools, network analysis utilities, and application security testing methods.
• Solid understanding of cloud architecture and security across Azure, M365, and AWS.
• Familiarity with identity and access management, SSO/OAuth/SAML, and compliance frameworks (ISO, SOC2, CSA).
• Knowledge of Windows and Linux OS internals, networking protocols, and secure configuration practices.
• Ability to analyse and document vulnerabilities, risks, and remediation plans with clarity and precision.
• Why Join Us? Work with cutting-edge security tools and technologies in a dynamic, innovative environment.
• Play a meaningful role in shaping and strengthening the security posture of a global enterprise.
• Competitive salary, benefits, and continuous professional development opportunities.
• A collaborative culture that values integrity, innovation, and work-life balance. #LI-TK1 For positions requiring access to technical data, Analog Devices, Inc. may have to obtain export licensing approval from the U.S.
• Department of Commerce - Bureau of Industry and Security and/or the U.S.
• Department of State - Directorate of Defense Trade Controls.
• As such, applicants for this position – except US Citizens, US Permanent Residents, and protected individuals as defined by 8 U.S.C. 1324b(a)(3) – may have to go through an export licensing review process.
• We foster a culture where everyone has an opportunity to succeed regardless of their race, color, religion, age, ancestry, national origin, social or ethnic origin, sex, sexual orientation, gender, gender identity, gender expression, marital status, pregnancy, parental status, disability, medical condition, genetic information, military or veteran status, union membership, and political affiliation, or any other legally protected group.
• Job Req Type: Experienced Required Travel: Yes, 10% of the time Shift Type: 1st Shift/Days