Sr. Analyst, Information Security

Analog Devices•Wilmington, MA

2d•$102,786 - $141,357•Onsite

About The Position

Analog Devices, Inc. (NASDAQ: ADI ) is a global semiconductor leader that bridges the physical and digital worlds to enable breakthroughs at the Intelligent Edge. ADI combines analog, digital, and software technologies into solutions that help drive advancements in digitized factories, mobility, and digital healthcare, combat climate change, and reliably connect humans and the world. With revenue of more than $9 billion in FY24 and approximately 24,000 people globally, ADI ensures today's innovators stay Ahead of What's Possible™. Learn more at www.analog.com and on LinkedIn and Twitter (X). We are seeking a Vulnerability Analyst to support the secure U.S. Government enclave. In this role, you will identify, assess, and help remediate vulnerabilities across systems, applications, networks, and cloud workloads operating in a regulated, high‑assurance environment. This position requires solid technical expertise, strong analytical skills, clear communication, and the ability to work within a controlled enclave that adheres to U.S. Government security, compliance, and data‑handling requirements. You will help ensure that mission‑critical systems remain secure, compliant, and resilient, contributing directly to the protection of national‑level data and infrastructure while working with modern technologies across a complex global enterprise.

Requirements

U.S. Citizenship (required) — due to access to controlled government systems and data.
Ability to work on‑site within a controlled U.S. Government enclave environment as required.
3–5+ years of experience in vulnerability management, penetration testing, cloud security, or defensive cybersecurity roles.
Hands-on experience with VM platforms (Tenable, Wiz, Horizon3).
Strong understanding of security testing techniques and network/application exploitation pathways.
Knowledge of cloud security across Azure, M365, and AWS.
Familiarity with IAM technologies, SSO/OAuth/SAML, and compliance frameworks (ISO, SOC2, CSA).
Strong understanding of Windows/Linux internals and secure network architectures.

Nice To Haves

Experience with handling Controlled Unclassified Information (CUI), ITAR/EAR‑restricted data, or similar categories is a plus.
Relevant certifications beneficial: CISSP, CISM, CEH, OSCP.

Responsibilities

Perform vulnerability assessments, configuration reviews, and penetration testing across enclave systems, networks, and cloud‑connected components.
Use industry-standard VM tools (Tenable, Wiz, Horizon3) to identify and validate vulnerabilities and misconfigurations.
Conduct application and API security testing to identify risks such as SQL injection, XSS, buffer overflows, insecure APIs, and emerging exploit classes.
Execute all assessment work in accordance with enclave‑specific security boundaries, data‑handling procedures, and federal cybersecurity controls (e.g., FedRAMP High, NIST 800‑53)
Maintain strict compliance with enclave audit logging, privileged access procedures, and secure workstation requirements.
Conduct qualitative and quantitative risk assessments for enclave technologies, including mission systems, vendor integrations, and cloud services.
Collaborate closely with SOC and IR teams on enclave security events, investigation, containment, and after‑action reviews.
Identify root cause, control gaps, and feasible remediation within enclave constraints.
Monitor vulnerability lifecycle progress, ensuring remediation aligns with government SLAs and compliance requirements.
Partner with cloud engineering and infrastructure teams to evaluate secure architectures across Azure, M365, AWS, and enclave‑approved cloud services.
Assist with secure cloud onboarding, enclave migration efforts, IAM requirements, and STIG/secure baseline hardening.
Produce high‑quality written reports for technical, executive, and government stakeholders.
Support audit readiness, enclave compliance reviews, and documentation of security policies, deviations, and corrective actions.