Offensive Security and Vulnerability Management Lead

About Analog Devices

Analog Devices, Inc. (NASDAQ: ADI ) is a global semiconductor leader that bridges the physical and digital worlds to enable breakthroughs at the Intelligent Edge. ADI combines analog, digital, and software technologies into solutions that help drive advancements in digitized factories, mobility, and digital healthcare, combat climate change, and reliably connect humans and the world. With revenue of more than $9 billion in FY24 and approximately 24,000 people globally, ADI ensures today's innovators stay Ahead of What's Possible™. Learn more at www.analog.com and on LinkedIn and Twitter (X).

Offensive Security and Vulnerability Management lead

This is a brand-new role in ADI and we are looking for a passionate and self-driven person to join our Cybersecurity team.  As the Offensive Security and Vulnerability Management lead, you will focus on identifying, testing, and addressing vulnerabilities within software applications, networks, and systems.  You will play a critical role in ensuring the integrity and security of our digital assets through rigorous and methodical testing approaches.  You will work with the Senior Director Cyber Defence to develop a Cyber Testing Strategy and Vulnerability Management program.

Primary Responsibilities

·       Design and agree ADIs Cyber Testing strategy and Vulnerability Management program in partnership with IT and other key stakeholders.

·       Conduct end-to-end testing and comprehensive security assessments - from vulnerability scanning to advanced adversarial simulation

·       Perform External Attack Surface Management (EASM) to identify vulnerabilities and then drive remediation.

·       Prepare audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions.

·       Work closely with IT and software development teams to resolve issues.

·       Mentor less experienced colleagues and line manage our Vulnerability Management Analyst.

·       Maintain third party oversight and manage external testing providers.  Ensure alignment with internal standards and goals.

Essential

·       Hands-on experience within a Global Enterprise in cyber security testing and vulnerability management. 

·       Ability to select and implement cyber security testing and code scanning tools.  Install and maintain tools for use as a shared testing lab by de-centralised teams.

·       Strong instrumentation experience in solution development environments e.g. with SAST, DAST, SBOM.

·       Strong acumen regarding tool choices which carefully considers interoperability across a complex technology footprint (e.g. scanning tools which do not introduce traffic that brings down a server).

·       Knowledge of embedded system security and related secure connectivity is desirable (industrial Internet of Things (IIOT).

·       Cultural and social flexibility across a multi-national organisation.

Qualifications

·       Bachelor’s degree in computer science, information security, or related field.

·       Professional certifications such as OCSP, OSEP, GXPN, CREST or equivalent practical experience.

·       Demonstrable competence with network security protocols and cyber testing tools.

·       Strong understanding of common security frameworks and compliance requirements.

·       Excellent analytical and problem-solving skills.

·       Good oral and written skills in English to be able to successful communicate and collaborate.

#LI-CO1

For positions requiring access to technical data, Analog Devices, Inc. may have to obtain export  licensing approval from the U.S. Department of Commerce - Bureau of Industry and Security and/or the U.S. Department of State - Directorate of Defense Trade Controls.  As such, applicants for this position – except US Citizens, US Permanent Residents, and protected individuals as defined by 8 U.S.C. 1324b(a)(3) – may have to go through an export licensing review process.

Analog Devices is an equal opportunity employer. We foster a culture where everyone has an opportunity to succeed regardless of their race, color, religion, age, ancestry, national origin, social or ethnic origin, sex, sexual orientation, gender, gender identity, gender expression, marital status, pregnancy, parental status, disability, medical condition, genetic information, military or veteran status, union membership, and political affiliation, or any other legally protected group.