VM Analyst

Location: City of Edinburgh

VM Analyst page is loaded## VM Analyst locations:
United Kingdom, Edinburgh, SC, Freertime type:
Full time posted on:
Posted Todayjob requisition :
R261050
** About Analog Devices
** Analog Devices, Inc. (NASDAQ:  ) is a global semiconductor leader that bridges the physical and digital worlds to enable breakthroughs at the Intelligent Edge. ADI combines analog, digital, and software technologies into solutions that help drive advancements in digitized factories, mobility, and digital healthcare, combat climate change, and reliably connect humans and the world. With revenue of more than $9 billion in FY24 and approximately 24,000 people globally, ADI ensures today's innovators stay Ahead of What's Possible.

Learn more at  and on  and .#
*
* Job Title:

Vulnerability Analyst
***
* Location:

** UK
* * About Analog Devices (ADI)
** Analog Devices, Inc. (NASDAQ: ADI) is a global semiconductor leader bridging the physical and digital worlds to enable breakthroughs at the Intelligent Edge. ADI combines analog, digital, and software technologies into solutions that help drive technological advancements in industries like healthcare, automotive, industrial automation, and climate sustainability. With $9B+ in annual revenue and a global workforce of 24,000+, ADI ensures today's innovators stay Ahead of What’s Possible.

Learn more at **.
**** Role Overview
** The Vulnerability Analyst is a key role in protecting our enterprise systems, working to identify, assess, and remediate security weaknesses across applications, networks, cloud services, and core infrastructure. You’ll combine hands-on vulnerability assessment with broader risk analysis, cloud security insight, and close collaboration across IT, engineering, and security operations teams.  We’re looking for someone with strong technical depth, clear communication skills, and the ability to turn complex security findings into meaningful business impact.

You’ll be an analytical thinker with solid problem‑solving abilities, attention to detail, and a genuine commitment to strengthening the organisation’s security posture.
** Key Responsibilities
*** Conduct vulnerability assessments, penetration testing, and security reviews across applications, networks, systems, and cloud platforms.
* Utilise industry-standard tools such as Tenable, Wiz, and Horizon3 to identify security weaknesses and produce actionable remediation guidance.
* Perform application‑layer testing to identify threats such as XSS, SQL injection, buffer overflows, API weaknesses, and emerging exploit categories.
* Analyse cyber defence configurations for compliance with policies, standards, and regulatory requirements.
* Perform qualitative and quantitative risk assessments of existing and proposed technologies, with a strong focus on cloud services.
* Evaluate vendor and SaaS security posture, identify inherent risks, and recommend remediation and lifecycle management strategies.
* Develop and maintain processes for continuous risk monitoring, reporting, and compliance validation.
* Act as a security partner to cloud engineering, IT infrastructure, and application development teams.
* Contribute to the development of secure cloud architecture standards and patterns across Azure, M365, AWS, and other platforms.
* Contribute to the creation, review, and maintenance of corporate security policies, controls, and compliance self‑assessments.
* Produce high-quality written reports tailored to technical and executive audiences, summarizing vulnerabilities, risk impact, and recommended remediation strategies.
* Support acquisition integrations from a cloud and infrastructure security perspective.
* Partner with SOC and IR teams to support security investigations, containment, and recovery efforts.  Document root cause, control gaps, and corrective actions to inform future improvements.
** Required Qualifications
*** 3–5+ years of experience in vulnerability assessment, penetration testing, cloud security, or information security engineering.
* Certifications such as CISSP, CISM, CEH, or OSCP are great to have but not essential.
** Required Technical Skills
*** Strong hands-on experience with vulnerability management platforms…