Offensive Security & Vulnerability Analyst in Edinburgh

About Analog Devices: Analog Devices, Inc. (NASDAQ: ADI) is a global semiconductor leader that bridges the physical and digital worlds to enable breakthroughs at the Intelligent Edge. ADI combines analog, digital, and software technologies into solutions that help drive advancements in digitized factories, mobility, and digital healthcare, combat climate change, and reliably connect humans and the world.

Role Overview: The Vulnerability Analyst is a key role in protecting our enterprise systems, working to identify, assess, and remediate security weaknesses across applications, networks, cloud services, and core infrastructure. You will combine hands‐on vulnerability assessment with broader risk analysis, cloud security insight, and close collaboration across IT, engineering, and security operations teams. We are looking for someone with strong technical depth, clear communication skills, and the ability to turn complex security findings into meaningful business impact.

Key Responsibilities:

• Conduct vulnerability assessments, penetration testing, and security reviews across applications, networks, systems, and cloud platforms.
• Utilise industry‐standard tools such as Tenable, Wiz, and Horizon3 to identify security weaknesses and produce actionable remediation guidance.
• Perform application‐layer testing to identify threats such as XSS, SQL injection, buffer overflows, API weaknesses, and emerging exploit categories.
• Analyse cyber defence configurations for compliance with policies, standards, and regulatory requirements.
• Perform qualitative and quantitative risk assessments of existing and proposed technologies, with a strong focus on cloud services.
• Evaluate vendor and SaaS security posture, identify inherent risks, and recommend remediation and lifecycle management strategies.
• Develop and maintain processes for continuous risk monitoring, reporting, and compliance validation.
• Act as a security partner to cloud engineering, IT infrastructure, and application development teams.
• Contribute to the development of secure cloud architecture standards and patterns across Azure, M365, AWS, and other platforms.
• Contribute to the creation, review, and maintenance of corporate security policies, controls, and compliance self‐assessments.
• Produce high‐quality written reports tailored to technical and executive audiences, summarising vulnerabilities, risk impact, and recommended remediation strategies.
• Support acquisition integrations from a cloud and infrastructure security perspective.
• Partner with SOC and IR teams to support security investigations, containment, and recovery efforts.
• Document root cause, control gaps, and corrective actions to inform future improvements.

Required Qualifications:

• 3–5+ years of experience in vulnerability assessment, penetration testing, cloud security, or information security engineering.
• Certifications such as CISSP, CISM, CEH, or OSCP are great to have but not essential.

Required Technical Skills:

• Strong hands‐on experience with vulnerability management platforms (e.g., Tenable, Wiz, Horizon3).
• Proficiency with penetration testing tools, network analysis utilities, and application security testing methods.
• Solid understanding of cloud architecture and security across Azure, M365, and AWS.
• Familiarity with identity and access management, SSO/OAuth/SAML, and compliance frameworks (ISO, SOC2, CSA).
• Knowledge of Windows and Linux OS internals, networking protocols, and secure configuration practices.
• Ability to analyse and document vulnerabilities, risks, and remediation plans with clarity and precision.

Why Join Us?

• Work with cutting‐edge security tools and technologies in a dynamic, innovative environment.
• Play a meaningful role in shaping and strengthening the security posture of a global enterprise.
• Competitive salary, benefits, and continuous professional development opportunities.
• A collaborative culture that values integrity, innovation, and work‐life balance.

Analog Devices is an equal‐opportunity employer. We foster a culture where everyone has an opportunity to succeed regardless of their race, color, religion, age, ancestry, national origin, social or ethnic origin, sex, sexual orientation, gender, gender identity, gender expression, marital status, pregnancy, parental status, disability, medical condition, genetic information, military or veteran status, union membership, and political affiliation, or any other legally protected group.