Vulnerability Analyst (U.S. Government Secure Enclave)

What You'll Do

• Perform vulnerability assessments, configuration reviews, and penetration testing across enclave systems, networks, and cloud‑connected components.
• Use industry-standard VM tools (Tenable, Wiz, Horizon3) to identify and validate vulnerabilities and misconfigurations.
• Conduct application and API security testing to identify risks such as SQL injection, XSS, buffer overflows, insecure APIs, and emerging exploit classes.
• Execute all assessment work in accordance with enclave‑specific security boundaries, data‑handling procedures, and federal cybersecurity controls (e.g., FedRAMP High, NIST 800‑53) Maintain strict compliance with enclave audit logging, privileged access procedures, and secure workstation requirements.
• Conduct qualitative and quantitative risk assessments for enclave technologies, including mission systems, vendor integrations, and cloud services.
• Collaborate closely with SOC and IR teams on enclave security events, investigation, containment, and after‑action reviews.
• Identify root cause, control gaps, and feasible remediation within enclave constraints.
• Monitor vulnerability lifecycle progress, ensuring remediation aligns with government SLAs and compliance requirements.
• Partner with cloud engineering and infrastructure teams to evaluate secure architectures across Azure, M365, AWS, and enclave‑approved cloud services.
• Assist with secure cloud onboarding, enclave migration efforts, IAM requirements, and STIG/secure baseline hardening.
• Produce high‑quality written reports for technical, executive, and government stakeholders.
• Support audit readiness, enclave compliance reviews, and documentation of security policies, deviations, and corrective actions.
• Government Secure Enclave Requirements Candidates must meet all U.S.
• Government eligibility requirements for working within a secure enclave, including: Mandatory Eligibility U.S.
• Citizenship (required) — due to access to controlled government systems and data.
• Ability to work on‑site within a controlled U.S.
• Government enclave environment as required.
• Experience with handling Controlled Unclassified Information (CUI), ITAR/EAR‑restricted data, or similar categories is a plus.
• Required Qualifications 3–5+ years of experience in vulnerability management, penetration testing, cloud security, or defensive cybersecurity roles.
• Relevant certifications beneficial: CISSP, CISM, CEH, OSCP.
• Required Technical Skills Hands-on experience with VM platforms (Tenable, Wiz, Horizon3).
• Strong understanding of security testing techniques and network/application exploitation pathways.
• Knowledge of cloud security across Azure, M365, and AWS.
• Familiarity with IAM technologies, SSO/OAuth/SAML, and compliance frameworks (ISO, SOC2, CSA).
• Strong understanding of Windows/Linux internals and secure network architectures.
• For positions requiring access to technical data, Analog Devices, Inc. may have to obtain export licensing approval from the U.S.
• Department of Commerce - Bureau of Industry and Security and/or the U.S.
• Department of State - Directorate of Defense Trade Controls.
• As such, applicants for this position – except US Citizens, US Permanent Residents, and protected individuals as defined by 8 U.S.C. 1324b(a)(3) – may have to go through an export licensing review process.
• We foster a culture where everyone has an opportunity to succeed regardless of their race, color, religion, age, ancestry, national origin, social or ethnic origin, sex, sexual orientation, gender, gender identity, gender expression, marital status, pregnancy, parental status, disability, medical condition, genetic information, military or veteran status, union membership, and political affiliation, or any other legally protected group.
• EEO is the Law: Notice of Applicant Rights Under the Law .
• Job Req Type: Experienced Required Travel: Yes, 10% of the time Shift Type: 1st Shift/Days The expected wage range for a new hire into this position is $102,786 to $141,357.
• Actual wage offered may vary depending on work location , experience, education, training, external market data, internal pay equity, or other bona fide factors.
• This position qualifies for a discretionary performance-based bonus which is based on personal and company factors.
• This position includes medical, vision and dental coverage, 401k, paid vacation, holidays, and sick time , and other benefits.