At a Glance
- Tasks: Lead vulnerability management and collaborate with engineers to fix security risks.
- Company: Join a dynamic tech company focused on security innovation.
- Benefits: Competitive salary, flexible work options, and opportunities for professional growth.
- Other info: Be part of a diverse team with exciting challenges and career advancement.
- Why this job: Make a real impact by securing applications and infrastructure in a fast-paced environment.
- Qualifications: Experience in vulnerability management and coding skills in languages like Java or Python.
The predicted salary is between 50000 - 70000 £ per year.
We're looking for a technical, experienced security analyst who has lived inside vulnerability data, understands how vulnerabilities show up in code and infrastructure, and can work directly with engineering teams to drive remediation—not just report findings. We're looking for someone who is comfortable getting into the details, translating security risk into actionable engineering fixes, and helping teams close real gaps. Should be comfortable operating in a highly diverse, fast-paced environment, and aptitude for being able to find and focus on the most interesting security risks.
Key Responsibilities
- Lead hands-on vulnerability management activities across applications, infrastructure, and cloud environments
- Analyze vulnerability findings and validate exploitability and real-world risk
- Partner directly with software engineers and platform teams to investigate root cause issues in code, dependencies, and configurations
- Recommend and support secure coding and remediation approaches
- Help prioritize remediation efforts based on risk, business impact, and technical feasibility
- Support vulnerability lifecycle management from discovery through closure
- Provide technical guidance on remediation strategies, compensating controls, and risk acceptance where appropriate
- Contribute to improving VM processes, metrics, and reporting for stakeholders
Required Experience & Skills
- Strong hands-on experience in Vulnerability Management (application and/or infrastructure)
- Demonstrated experience working directly with engineers to remediate vulnerabilities
- Ability to read and reason about source code (e.g., Java, Python, JavaScript, C#, etc.)
- Solid understanding of common vulnerability classes (OWASP Top 10, dependency vulnerabilities, misconfigurations)
- Secure coding practices and remediation patterns
- Experience validating findings from scanners rather than relying on tool output alone
- Comfort operating in complex technical environments and explaining risk clearly to technical audiences
Preferred Qualifications
- Experience with SAST, DAST, SCA, or container/cloud security tooling
- Background in software development, DevSecOps, or application security
- Experience integrating security feedback into CI/CD workflows
- Experience in supporting Google security programs
Security Analyst employer: Qualitest Group
As a leading employer in the tech industry, we offer a dynamic and inclusive work environment where security analysts can thrive. Our commitment to employee growth is evident through continuous learning opportunities and direct collaboration with engineering teams, allowing you to make a tangible impact on our security posture. Located in a vibrant area, we provide a unique blend of challenging projects and a supportive culture that values innovation and teamwork.
StudySmarter Expert Advice🤫
We think this is how you could land Security Analyst
✨Tip Number 1
Get your hands dirty! Dive into the technical details of vulnerability management. Familiarise yourself with common vulnerability classes and secure coding practices. This will not only boost your confidence but also show potential employers that you’re ready to tackle real-world challenges.
✨Tip Number 2
Network like a pro! Connect with engineers and security professionals on platforms like LinkedIn. Share your insights on vulnerability management and engage in discussions. This can lead to valuable connections and even job opportunities, so don’t be shy!
✨Tip Number 3
Showcase your skills! Create a portfolio or GitHub repository where you demonstrate your understanding of vulnerability analysis and remediation. Include examples of how you've worked with code and infrastructure to fix security issues. This tangible evidence can set you apart from other candidates.
✨Tip Number 4
Apply through our website! We love seeing passionate candidates who are eager to join our team. Tailor your application to highlight your experience with vulnerability management and your ability to work closely with engineering teams. Let’s get you on board!
We think you need these skills to ace Security Analyst
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role of a Security Analyst. Highlight your hands-on experience with vulnerability management and any direct work you've done with engineers to remediate vulnerabilities. We want to see how your skills align with our needs!
Showcase Your Technical Skills:Don’t just list your skills—demonstrate them! Include specific examples of how you've tackled vulnerabilities in code or infrastructure. If you’ve worked with languages like Java, Python, or JavaScript, let us know how you’ve used them in a security context.
Be Clear and Concise:When writing your application, clarity is key. Use straightforward language to explain your experience and how it relates to the job. We appreciate a well-structured application that gets straight to the point without unnecessary fluff.
Apply Through Our Website:We encourage you to apply through our website for the best chance of getting noticed. It’s super easy, and you’ll be able to showcase your application in the best light. Plus, we love seeing applications come directly from our site!
How to prepare for a job interview at Qualitest Group
✨Know Your Vulnerabilities
Dive deep into common vulnerability classes like the OWASP Top 10. Be ready to discuss how these vulnerabilities manifest in code and infrastructure, and think about real-world examples where you've tackled them.
✨Show Your Technical Skills
Brush up on your coding skills! Be prepared to read and reason about source code in languages like Java, Python, or JavaScript. You might be asked to analyse snippets during the interview, so practice explaining your thought process.
✨Communicate Clearly with Engineers
Demonstrate your ability to partner with engineering teams. Prepare examples of how you've worked directly with developers to remediate vulnerabilities, translating security risks into actionable fixes that they can understand.
✨Prioritisation is Key
Be ready to discuss how you prioritise remediation efforts based on risk and business impact. Think of scenarios where you had to balance technical feasibility with urgency, and share your approach to making those decisions.
