Vulnerability Analyst

We're building a Vulnerability Analyst to join our Global Vulnerability Management Team. As a Vulnerability Analyst, you'll be responsible for reducing risk to Cboe's global IT infrastructure by executing and continuously improving the Vulnerability Management Program using a risk-based vulnerability management (RBVM) approach. You'll analyze vulnerability scan results, assess risk within the context of the enterprise environment, and coordinate remediation with global infrastructure and application teams.

Requirements

• Experience in information security, with a minimum of 1 year in security or a security-adjacent role, 1 year in core IT roles such as system or network administration
• Hands-on user level experience with a vulnerability management and cloud/SaaS security tooling, including platforms such as Qualys, Tenable, Rapid7, Wiz, Reco, Obsidian, AppOmni, and Aqua
• Scripting and automation skills using Python
• AI usage skills to supercharge productivity such as Copilot and code creation tooling like Claude Code, Cursor or equivalent
• Solid systems use background, including Linux/Unix and Windows environments, as well as experience with configuring and debugging network devices
• Understanding of security vulnerabilities, threats, and attack techniques
• Experience creating reporting visualizations using tools such as Power BI, Sigma, Snowflake
• Strong English communication skills, with the ability to clearly and professionally convey technical risk, remediation guidance, and impact analysis to both technical teams and key stakeholders
• Availability to participate in a 24/7 on-call rotation and periodic flexibility in working hours to accommodate collaboration with a global team
• Bachelor's degree in Cybersecurity, Computer Science, Engineering or other technical field
• Centralized System Administration experience in Windows, Linux, Network or Firewall management
• Experience using Atlassian Jira and Confluence, including workflow design and automation, to track vulnerabilities, remediation efforts, and security initiatives
• Proven ability to script and automate tasks
• Information security certifications such as GPEN, Security+, CISSP, OSCP, CEH, LPT
• Experience writing and leveraging AI tooling to solve problems creatively and efficiently

Benefits

• Fair and competitive salary and incentive compensation packages
• Generous paid time off, including vacation, personal days, sick days and annual community service days
• Flexible, hybrid work environment
• Health, dental and vision benefits, including access to telemedicine and mental health services
• 2:1 401(k) match, up to 8% match immediately upon hire
• Discounted Employee Stock Purchase Plan
• Tax Savings Accounts for health, dependent and transportation
• Employee referral bonus program
• Volunteer opportunities to help you give back to your communities
• Complimentary lunch, snacks and coffee in any Cboe office
• Paid Tuition assistance and education opportunities
• Paid parental leave and fertility benefits
• On-site gyms and discounts to other fitness centers
• Paid Time Off