Vulnerability Analyst (U.S. Government Secure Enclave)Department: Cybersecurity - Cyber Defense & Testing
Location: MA, USA
Role OverviewWe are seeking a Vulnerability Analyst to support the secure U.S. Government enclave. In this role, you will identify, assess, and help remediate vulnerabilities across systems, applications, networks, and cloud workloads operating in a regulated, high-assurance environment. This position requires solid technical expertise, strong analytical skills, clear communication, and the ability to work within a controlled enclave that adheres to U.S. Government security, compliance, and data-handling requirements. You will help ensure that mission-critical systems remain secure, compliant, and resilient, contributing directly to the protection of national-level data and infrastructure while working with modern technologies across a complex global enterprise.
Key Responsibilities - Perform vulnerability assessments, configuration reviews, and penetration testing across enclave systems, networks, and cloud-connected components.
- Use industry-standard VM tools (Tenable, Wiz, Horizon3) to identify and validate vulnerabilities and misconfigurations.
- Conduct application and API security testing to identify risks such as SQL injection, XSS, buffer overflows, insecure APIs, and emerging exploit classes.
- Execute all assessment work in accordance with enclave-specific security boundaries, data-handling procedures, and federal cybersecurity controls (e.g., FedRAMP High, NIST 800-53)
- Maintain strict compliance with enclave audit logging, privileged access procedures, and secure workstation requirements.
- Conduct qualitative and quantitative risk assessments for enclave technologies, including mission systems, vendor integrations, and cloud services.
- Collaborate closely with SOC and IR teams on enclave security events, investigation, containment, and after-action reviews.
- Identify root cause, control gaps, and feasible remediation within enclave constraints.
- Monitor vulnerability lifecycle progress, ensuring remediation aligns with government SLAs and compliance requirements.
- Partner with cloud engineering and infrastructure teams to evaluate secure architectures across Azure, M365, AWS, and enclave-approved cloud services.
- Assist with secure cloud onboarding, enclave migration efforts, IAM requirements, and STIG/secure baseline hardening.
- Produce high-quality written reports for technical, executive, and government stakeholders.
- Support audit readiness, enclave compliance reviews, and documentation of security policies, deviations, and corrective actions.
U.S. Government Secure Enclave RequirementsCandidates must meet all U.S. Government eligibility requirements for working within a secure enclave, including:
Mandatory Eligibility- U.S. Citizenship (required) - due to access to controlled government systems and data.
- Ability to work on-site within a controlled U.S. Government enclave environment as required.
- Experience with handling Controlled Unclassified Information (CUI), ITAR/EAR-restricted data, or similar categories is a plus.
Required Qualifications- 3-5+ years of experience in vulnerability management, penetration testing, cloud security, or defensive cybersecurity roles.
- Relevant certifications beneficial: CISSP, CISM, CEH, OSCP.
Required Technical Skills- Hands-on experience with VM platforms (Tenable, Wiz, Horizon3).
- Strong understanding of security testing techniques and network/application exploitation pathways.
- Knowledge of cloud security across Azure, M365, and AWS.
- Familiarity with IAM technologies, SSO/OAuth/SAML, and compliance frameworks (ISO, SOC2, CSA).
- Strong understanding of Windows/Linux internals and secure network architectures.
For positions requiring access to technical data, Analog Devices, Inc. may have to obtain export licensing approval from the U.S. Department of Commerce - Bureau of Industry and Security and/or the U.S. Department of State - Directorate of Defense Trade Controls. As such, applicants for this position - except US Citizens, US Permanent Residents, and protected individuals as defined by 8 U.S.C. 1324b(a)(3) - may have to go through an export licensing review process.
Job Req Type: Experienced
Required Travel: Yes, 10% of the time
Shift Type: 1st Shift/Days
The expected wage range for a new hire into this position is $102,786 to $141,357.
- Actual wage offered may vary depending on work location, experience, education, training, external market data, internal pay equity, or other bona fide factors.
- This position qualifies for a discretionary performance-based bonus which is based on personal and company factors.
- This position includes medical, vision and dental coverage, 401k, paid vacation, holidays, and sick time, and other benefits.
