Jobs · Sales · Illinois

Sr. Vulnerability Analyst

Cboe Global Markets · Chicago, IL · 2 wk ago
HybridSales$122k–$157k/yrFull-time

About the role

The Global Vulnerability Management team is hiring a Sr Vulnerability Analyst to join a highly talented, dynamic and energetic team that’s passionate about attack surface reduction and contributing measurably to Cboe’s mission of Building Trusted Markets.

Responsibilities

  • Reduces risk to Cboe’s global IT infrastructure by executing and continuously improving the Vulnerability Management Program using a risk-based vulnerability management (RBVM) approach.
  • Analyzes vulnerability scan results, assesses risk within the context of the enterprise environment, and coordinates remediation with global infrastructure and application teams.
  • Serves as a senior technical escalation point for vulnerability-related security tickets, providing authoritative guidance on prioritization, remediation, and risk acceptance.
  • Designs, operates, and maintains the vulnerability scanning and assessment infrastructure, ensuring comprehensive coverage, reliability, and alignment with security architecture standards.
  • Drives automation and integration efforts to improve the efficiency, scalability, and accuracy of vulnerability detection, analysis, remediation tracking, and reporting.
  • Normalizes and integrates data from multiple security and infrastructure technologies to enable streamlined analysis, reporting, and response.
  • Partners cross-functionally with infrastructure, application, and platform teams to ensure effective vulnerability remediation, policy compliance, and continuous improvement of security controls.
  • Evaluates emerging vulnerabilities, threats, and security technologies, and assesses their relevance and impact to the organization’s security posture.
  • Continuously assesses the effectiveness of vulnerability management processes and controls, recommending and implementing improvements based on the evolving threat landscape and organizational needs.
  • Leads vulnerability management discussions with technical stakeholders and presents risk, trends, and escalation items to management and executive audiences.
  • Acting as a senior technical leader within the security team by mentoring and coaching junior staff, documenting standards and procedures, and sharing deep technical and organizational knowledge.

Requirements

  • Senior-level experience in information security, with a minimum of 5 years in security, or 3 years in security plus 2–3 years in core IT roles such as system or network administration, and a strong emphasis on engineering and operational security.
  • Hands-on expert level experience with vulnerability management and cloud/SaaS security tooling, including platforms such as Qualys, Tenable, Rapid7, Wiz, Reco, Obsidian, AppOmni, and Aqua, with the ability to install, configure, and operate platforms of this type in an enterprise environment.
  • Strong, practically-used scripting and automation skills, using Python to automate security operations, integrate tools, and perform data analysis.
  • Advanced AI usage skills to supercharge productivity including chatbots such as Copilot or ChatGPT, but also demonstrated success with code and workflow creation tooling like Claude Code, Cursor, N8N.
  • Solid systems and identity administration background, including Linux/Unix and Windows environments, Active Directory, and Entra ID, as well as experience with managed network devices.
  • Familiarity with the Microsoft Security stack, including Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, Purview DLP, and Intune.
  • Deep understanding of security vulnerabilities, threats, and attack techniques, with at least 2 years of experience in vulnerability monitoring, threat detection, event monitoring, or incident response.
  • Experience using Atlassian Jira and Confluence, including workflow design and automation, to track vulnerabilities, remediation efforts, and security initiatives.
  • Experience creating reporting visualizations using tools such as Power BI, Sigma, Snowflake.
  • Strong English communication skills, with the ability to clearly and professionally convey technical risk, remediation guidance, and impact analysis to both technical teams and key stakeholders.
  • Demonstrated ability and willingness to mentor junior team members, sharing technical expertise, operational knowledge, and best practices.
  • Availability to participate in a 24/7 on-call rotation and periodic flexibility in working hours to accommodate collaboration with a global team.

Qualifications

  • Bachelor's degree in Cybersecurity, Computer Science, Engineering or other technical field.
  • Centralized System Administration experience in Windows, Linux, Network or Firewall management.
  • Proven ability to script and automate tasks.
  • Information security certifications such as GPEN, Security+, CISSP, OSCP, CEH, LPT.
  • Experience writing and leveraging AI tooling to solve problems creatively and efficiently.

Skills

  • Senior-level experience in information security.
  • Hands-on expert level experience with vulnerability management and cloud/SaaS security tooling.
  • Advanced AI usage skills.
  • Solid systems and identity administration background.
  • Familiarity with the Microsoft Security stack.
  • Experience with Atlassian Jira and Confluence.
  • Experience creating reporting visualizations.
  • Strong communication skills.
  • Mentoring and coaching junior team members.
  • Availability to participate in a 24/7 on-call rotation and periodic flexibility in working hours.

Benefits and Perks

  • Fair and competitive salary and incentive compensation packages with an upside for overachievement.
  • Generous paid time off, including vacation, personal days, sick days and annual community service days.
  • Flexible, hybrid work environment.
  • Health, dental and vision benefits, including access to telemedicine and mental health services.
  • 2:1 401(k) match, up to 8% match immediately upon hire.
  • Discounted Employee Stock Purchase Plan.
  • Tax Savings Accounts for health, dependent and transportation.
  • Employee referral bonus program.
  • Paid parental leave and fertility benefits.
  • On-site gyms and discounts to other fitness centers.
  • Paid Time Off.

Similar jobs

Sr. Vulnerability Analyst

Henry Ford HealthDetroit, MI· 2 mo ago
Business Developmentapply on henryford.referrals.selectminds.com