Analyst II, Cybersecurity

About The Position

Requirements

• Strong analytical capability, able to interpret vulnerability data, assess risk, and translate findings into clear remediation priorities.
• Effective coordination and stakeholder management, combining structured project-management discipline with the ability to drive cross-team remediation.
• Clear, outcome-focused communicator who can articulate technical risk and remediation expectations to both technical and non-technical audiences.
• Strong hands-on technical skills, including the ability to write, troubleshoot, and interpret SQL queries for data validation, enrichment, and vulnerability reporting, practical experience using security tools such as Nmap for network discovery and evidence gathering, familiarity with packet analysis, log interrogation, and basic scripting (e.g., Python, PowerShell) to automate tasks, validate findings, and support investigative work, understanding of core security principles such as authentication, access control, encryption, and common vulnerability classes (e.g., misconfigurations, insecure services, outdated components), enabling deeper analysis and high-quality remediation guidance.
• Broad security and infrastructure understanding (Windows, Linux, cloud, networking) with familiarity in threat-intelligence concepts and vulnerability-management tooling; security certifications highly beneficial.
• Solid understanding of vulnerability-management processes and threat-intelligence concepts, with the ability to connect exploitation trends to prioritization decisions; industry security certifications (e.g., Security+, CySA+, GSEC, CEH, or similar) strongly beneficial.

Nice To Haves

• Experience analyzing vulnerabilities at a deeper technical level, including understanding exploit mechanics, common weakness classes (OWASP, CWE), misconfiguration patterns, and how attacker tradecraft influences real-world risk.
• Understanding of secure architecture principles and common enterprise technology stacks (e.g., identity systems, container platforms, cloud security controls), enabling more informed discussions with engineering teams and stronger prioritization decisions.
• Ability to perform low-level investigative tasks such as packet inspection, log correlation, protocol analysis, or basic reverse-engineering to validate findings and support incident response when required.

Responsibilities

• Analyze, triage, and prioritize reported vulnerabilities, ensuring alignment with Attack Surface Management Leadership (ASM-L) scoring and imminent-risk criteria.
• Coordinate remediation efforts across business units and technology teams, driving clear ownership, tracking progress, and ensuring required actions are completed within policy driven security level agreements (SLA).
• Manage stakeholder communication and escalation, you will be responsible for providing timely updates, risk context, and impact summaries to leadership and technical owners.
• Support rapid response activities during critical or high-risk vulnerability events, including security incident creation, emergency change requests driven from security incidents, and cross-team coordination with internal security teams.
• Validate vulnerability findings and ensure accurate asset alignment, investigating ownership gaps, configuration database mismatches, and scanning discrepancies to maintain attack-surface visibility.
• Contribute to sustainability and risk-reduction reporting, monitoring aging vulnerabilities, identifying systemic issues, and driving continuous improvement initiative.

Benefits

• A multifaceted job with a high degree of responsibility and a broad spectrum of opportunities.
• A modern, international work environment and a dedicated and motivated team.
• The chance to work on some of the most challenging, relevant issues in financial services & technology.
• A work environment built on collaboration, flexibility and respect.
• Varied and challenging work to help you grow your technical skillset.