Cybersecurity Analyst

Jensen Hughes

12h

About The Position

Throughout our worldwide network of experts, clients and communities, Jensen Hughes is renowned for its leadership in fire protection engineering, a legacy upheld since 1939. Today, their expertise spans security and risk-based fields, including accessibility consulting, risk analysis, process safety, forensic investigations, security risk consulting, emergency management, and digital innovation. Engineers and consultants collaborate to solve complex safety and security challenges, mitigating risks that threaten lives, property, and reputations. For over 80 years, Jensen Hughes has been dedicated to making the world safe, secure, and resilient through technology, expertise, and industry-leading research. The company fosters a culture of trust, integrity, and professional growth by prioritizing its employees, valuing their unique perspectives and talents, and supporting career development through Global Employee Networks. Jensen Hughes is hiring a Cybersecurity Analyst with a primary focus on Vulnerability Management. This role is responsible for driving the execution, cadence, and effectiveness of the organization’s vulnerability management program. Additionally, the analyst will support broader cybersecurity functions such as endpoint security, identity governance, compliance support, and security operations. This is a hands-on execution role emphasizing discipline, consistency, and accountability to contribute to the overall security posture.

Requirements

3–6 years of experience in cybersecurity, with strong focus on vulnerability management
Hands-on experience with: Rapid7, CrowdStrike, or similar tools
Strong understanding of: CVSS scoring, Vulnerability lifecycle, Patch management processes
Experience working with IT teams to drive remediation
Strong attention to detail and follow-through

Nice To Haves

Experience in compliance-driven environments (CMMC, NIST)
Familiarity with: Windows and Linux systems, Azure / AWS environments
Exposure to endpoint security and identity/access controls

Responsibilities

Operate vulnerability management tools
Run and manage regular vulnerability scans across infrastructure, endpoints, and applications
Analyze and prioritize vulnerabilities using CVSS and business context
Maintain a consistent vulnerability management cadence (weekly/monthly cycles)
Drive reduction of critical and high-risk vulnerabilities
Partner with IT, Cloud, and Enterprise Applications teams to drive remediation
Assign and track vulnerabilities to system owners
Follow up on remediation based on defined SLAs
Escalate overdue or high-risk vulnerabilities
Improve remediation turnaround times
Maintain dashboards and reports for vulnerability status
Provide structured updates on: Open vulnerabilities, SLA adherence, Remediation progress
Support executive reporting with clear summaries
Support endpoint security monitoring and enforcement
Assist with identity and access reviews
Participate in basic security incident triage (as needed)
Support implementation of security controls across systems
Support vulnerability-related compliance activities (CMMC, NIST)
Assist with evidence collection and audit readiness
Ensure vulnerability data aligns with compliance requirements
Establish and maintain a repeatable vulnerability management lifecycle
Improve data accuracy and tracking discipline
Reduce backlog of aged vulnerabilities
Identify opportunities to improve patching and remediation processes