Senior Cybersecurity Analyst

About The Position

Requirements

• 7+ years of experience in cybersecurity, application security, or software supply chain security.
• Hands-on experience with SBOMs, OSS scanning tools, and vulnerability management.
• Experience with JFrog or Sonatype artifact repository platforms.
• Strong background in cloud-native security and automation.
• Programming: Python; npm / Node.js ecosystems
• Cloud & Platforms: AWS, Kubernetes, SQL
• OSS & Supply Chain: JFrog Artifactory/Xray, Sonatype Nexus/Lifecycle
• Reporting & Monitoring: Amazon QuickSight, Prometheus
• Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
• Knowledge of OWASP, NIST, and secure SDLC practices.
• Strong communication and cross-functional collaboration skills.

Nice To Haves

• Security certifications (CISSP, CSSLP, etc.) are a plus

Responsibilities

• Generate and analyze SBOMs and conduct OSS security assessments using tools like Snyk and Syft.
• Evaluate and onboard security tools through POCs.
• Build and operate cloud-based data pipelines to identify vulnerabilities, license risks, and supply chain threats.
• Develop dashboards and reports to communicate security risk to engineering teams and leadership.
• Design and integrate OSS security tooling, including JFrog Artifactory/Xray or Sonatype Nexus/Lifecycle.
• Partner with engineering teams to guide secure open-source usage and remediation.
• Support incident response efforts, including zero-day vulnerability management.
• Create OSS security standards, documentation, and training materials.