Cybersecurity Analyst

Company Overview

Throughout our worldwide network of experts, clients and communities, we are renowned for our leadership in fire protection engineering – a legacy of responsibility we have proudly upheld since 1939. Today, our expertise extends broadly across closely related security and risk-based fields – from accessibility consulting and risk analysis to process safety, forensic investigations, security risk consulting, emergency management, digital innovation and more.

Our engineers and consultants collaborate to solve complex safety and security challenges, ensuring our clients can protect what matters most. For over 80 years, we have helped mitigate risks that threaten lives, property and reputations. Through technology, expertise and industry-leading research, we remain dedicated to our purpose of making our world safe, secure and resilient.

At Jensen Hughes, we believe that creating and sustaining a culture of trust, integrity and professional growth starts with putting our people first. Our employees are our greatest strength, and we value the unique perspectives and talents they bring to our organization. 

Our wide range of Global Employee Networks connect people from across the organization, supporting career development and providing forums for individuals to share experiences on topics they're passionate about. Together, we are cultivating a connected culture where everyone has the opportunity to learn, grow and succeed together.

Job Overview

We are hiring a Cybersecurity Analyst with a primary focus on Vulnerability Management, responsible for driving the execution, cadence, and effectiveness of the organization’s vulnerability management program.

In addition to this core responsibility, the role will support broader cybersecurity functions including endpoint security, identity governance, compliance support, and security operations. This is a hands-on execution role focused on discipline, consistency, and accountability while contributing to the overall security posture.

Responsibilities

Vulnerability management (primary focus)

• Operate vulnerability management tools
• Run and manage regular vulnerability scans across infrastructure, endpoints, and applications
• Analyze and prioritize vulnerabilities using CVSS and business context
• Maintain a consistent vulnerability management cadence (weekly/monthly cycles)
• Drive reduction of critical and high-risk vulnerabilities

Remediation coordination & follow-through

• Partner with IT, Cloud, and Enterprise Applications teams to drive remediation
• Assign and track vulnerabilities to system owners
• Follow up on remediation based on defined SLAs
• Escalate overdue or high-risk vulnerabilities
• Improve remediation turnaround times

Reporting & program visibility

• Maintain dashboards and reports for vulnerability status
• Provide structured updates on:
  • Open vulnerabilities
  • SLA adherence
  • Remediation progress
• Support executive reporting with clear summaries

Security operations support (secondary scope)

• Support endpoint security monitoring and enforcement
• Assist with identity and access reviews
• Participate in basic security incident triage (as needed)
• Support implementation of security controls across systems

Compliance & audit support

• Support vulnerability-related compliance activities (CMMC, NIST)
• Assist with evidence collection and audit readiness
• Ensure vulnerability data aligns with compliance requirements

Program discipline & improvement

• Establish and maintain a repeatable vulnerability management lifecycle
• Improve data accuracy and tracking discipline
• Reduce backlog of aged vulnerabilities
• Identify opportunities to improve patching and remediation processes

Requirements and Qualifications

Must-have qualifications:

• + 3–6 years of experience in cybersecurity, with strong focus on vulnerability management
• Hands-on experience with: o
  • Rapid7, CrowdStrike, or similar tools
• Strong understanding of:
  • CVSS scoring
  • Vulnerability lifecycle
  • Patch management processes
• Experience working with IT teams to drive remediation
• Strong attention to detail and follow-through

Preferred qualifications

• Experience in compliance-driven environments (CMMC, NIST)
• Familiarity with:
  • Windows and Linux systems
  • Azure / AWS environments
• Exposure to endpoint security and identity/access controls

Key outcomes

• Consistent and predictable vulnerability management cadence
• Reduction in critical and high-risk vulnerabilities
• Improved SLA adherence for remediation
• Clear and accurate vulnerability reporting
• Reduced backlog of aged vulnerabilities
• Increased contribution to overall cybersecurity operations

#LI-KV1