Apply now »

Security Analyst

Date:  2 Jun 2026
Company:  Qualitest Group
Country/Region:  GB

We’re looking for a technical, experienced security analyst who has lived inside vulnerability data, understands how vulnerabilities show up in code and infrastructure, and can work directly with engineering teams to drive remediation—not just report findings. We’re looking for someone who is comfortable getting into the details,translating security risk into actionable engineering fixes, and helping teams close real gaps. Should be comfortable operating in a highly diverse, fast-paced environment, and aptitude for being able to find and focus on the most interesting security risks. 

 

Key Responsibilities:

 

  • Lead hands-on vulnerability management activities across applications, infrastructure,and cloud environments
  • Analyze vulnerability findings and validate exploitability and real-world risk
  • Partner directly with software engineers and platform teams to investigate root cause issues in code, dependencies, and configurations
  • Recommend and support secure coding and remediation approaches
  • Help prioritize remediation efforts based on risk, business impact, and technical feasibility
  • Support vulnerability lifecycle management from discovery through closure
  • Provide technical guidance on remediation strategies, compensating controls, and risk acceptance where appropriate
  • Contribute to improving VM processes, metrics, and reporting for stakeholders

 

Required Experience & Skills:

 

  • Strong hands-on experience in Vulnerability Management (application and/orinfrastructure)
  • Demonstrated experience working directly with engineers to remediate vulnerabilities
  • Ability to read and reason about source code (e.g., Java, Python, JavaScript, C#, etc.)

 

Solid understanding of:

 

  • Common vulnerability classes (OWASP Top 10, dependency vulnerabilities,misconfigurations)
  • Secure coding practices and remediation patterns
  • Experience validating findings from scanners rather than relying on tool output alone
  • Comfort operating in complex technical environments and explaining risk clearly to technical audiences

 

Preferred Qualifications:

 

  • Experience with SAST, DAST, SCA, or container/cloud security tooling
  • Background in software development, DevSecOps, or application security
  • Experience integrating security feedback into CI/CD workflows
  • Experience in supporting Google security programs

Apply now »