Security Analyst, Incident Response & Vulnerability Management

Overview The Eclipse Foundation is one of the world’s largest open source software foundations, with a proven track record of enabling developer-focused open source innovation earned over 19 years. The Foundation is the home of numerous industry-leading projects and collaborations including Adoptium, Software Defined Vehicle, Eclipse IDE, IOT and Jakarta EE. Supported by over 350 members globally, the Foundation has an established international reach and reputation. The Role We are looking for a junior-to-mid-level Security Analyst to join our Security Team. This role will focus primarily on incident response and vulnerability management, including the responsible use of automation and AI-assisted workflows where they improve accuracy, consistency, or efficiency. Working closely with the Head of Security, you will help monitor, investigate, document, and respond to security issues affecting Eclipse Foundation systems, services, and open source projects. You will also support vulnerability management activities by reviewing findings, helping prioritize remediation, coordinating with internal and external teams, and tracking issues through to resolution. This role is complementary to our AI-assisted vulnerability management engineering work. You will not be expected to design large-scale AI security pipelines. Instead, you will help operate and support incident response and vulnerability management workflows, using security tooling, automation, and AI-assisted approaches responsibly as part of day-to-day security operations. You will not be expected to handle major incidents alone. This is a hands-on role for someone with solid security fundamentals, careful documentation habits, good judgment, and a willingness to learn while working across technical and organizational boundaries. Location and Term This is an initial 12-month fixed-term role, fully remote and open to candidates located in the European Union, Canada, and the United States . Depending on organizational needs, funding, performance, and mutual fit, there may be an opportunity for renewal or transition to an ongoing/permanent position. Responsibilities Monitor, triage, and investigate security alerts, events, reports, and potential incidents. Assist with initial analysis, evidence gathering, containment coordination, documentation, and post-incident follow-up. Help maintain and improve incident response procedures, playbooks, templates, checklists, and related documentation. Review vulnerability scan results and security reports, validate findings, assess potential impact, and help prioritize remediation. Track vulnerabilities and remediation work across teams, ensuring issues are clearly documented and followed through to closure. Work with internal stakeholders, project teams, and other collaborators to communicate findings, risks, and recommended remediation steps in a clear and practical way. Help identify contributing factors behind incidents or recurring vulnerabilities and suggest practical improvements. Assist with access reviews, security assessments, risk reviews, and related operational security tasks. Contribute to improvements in security tooling, automation, reporting, dashboards, and operational workflows. Help promote a security-aware culture through practical guidance, documentation, and collaboration with technical and non-technical teams. Day-to-Day Work Day-to-day work may include reviewing vulnerability scanner output, preparing incident notes, following up on remediation tasks, reviewing evidence, updating playbooks, helping maintain security dashboards, and supporting teams in understanding what action is needed to address security risks. Success in This Role Success in this role means helping the Eclipse Foundation operate incident response and vulnerability management workflows in a consistent, reliable, and well-documented way. You will be successful if security alerts, incidents, and vulnerability findings are triaged carefully, documented clearly, followed up appropriately, and tracked through to resolution. You will help ensure that stakeholders understand what action is needed, that sensitive information is handled responsibly, and that security processes become easier to repeat and improve over time. This role does not require deep expertise in every security domain from day one. Success depends on sound judgment, attention to detail, clear communication, willingness to learn, and the ability to ask for help when needed. Education A degree in cybersecurity, computer science, information technology, or a related field is welcome but not required. We value equivalent practical experience, professional training, and relevant certifications. This role is suitable for someone with early-to-mid career experience in security operations, incident response, vulnerability management, IT security, or a related area. We do not expect candidates to have deep expertise in every area. We are looking for someone with solid fundamentals, good judgment, careful documentation habits, and a willingness to learn. Desired Skills and Experience We are looking for someone who is curious, pragmatic, and service-oriented. The successful candidate will be comfortable investigating technical issues, asking thoughtful questions, documenting work carefully, and helping others understand and address security risks. This role requires someone who can operate with a high level of trust, communicate calmly during security events, and balance security priorities with the realities of a collaborative, mission-driven open source environment. You should be comfortable working with distributed teams and contributing to a culture where security enables participation, transparency, and resilience. Must-have Early-to-mid career experience in security operations, incident response, vulnerability management, IT security, or a related area. Practical experience investigating security alerts, events, vulnerability reports, or security issues and documenting findings clearly. Familiarity with vulnerability management processes, including reviewing findings, assessing impact, helping prioritize remediation, and tracking issues to closure. Working knowledge of core security concepts such as incident response, vulnerability management, identity and access management, endpoint security, cloud security, network security, and secure configuration. Familiarity with security tools such as vulnerability scanners, ticketing systems, or similar technologies. Ability to communicate security risks and remediation guidance clearly to both technical and non-technical stakeholders. Strong documentation skills, attention to detail, and ability to produce clear incident notes, reports, and process documentation. Ability to work independently in a fully remote environment while collaborating effectively with distributed teams. Sound judgment, discretion, and the ability to handle sensitive information responsibly. Strong written and spoken communication skills in English. Nice-to-have Familiarity with open source software communities, open source development practices, or software supply-chain security. Familiarity with Git, GitHub or GitLab, pull requests, issue tracking, and CI/CD workflows. Experience working in or with nonprofit, foundation, open source, research, standards, or community-driven technology environments. Experience with scripting or automation using Python, Bash, or similar tools. Practical experience using LLMs or AI-assisted tools for security research, documentation, triage, or developer productivity. Experience improving incident response or vulnerability management workflows. Familiarity with CVE processes, security advisories, SBOMs, or software supply-chain security tools. Working Style We are looking for someone who values practical impact, clear communication, and steady execution. You should be comfortable working with incomplete information, asking for help when needed, documenting your work carefully, and helping teams understand and address security risks. This role requires good judgment, discretion with sensitive information, and the ability to balance security priorities with the realities of a collaborative open source environment. Compensation and Benefits We offer highly competitive compensation along with a comprehensive benefits package. We thank all applicants for their interest; however, only those to be interviewed will be contacted. For more information about Eclipse Foundation, please visit our website at Accessibility Eclipse respects the dignity and independence of people with disabilities, and is committed to providing accommodation and support to persons with disabilities throughout any recruitment process, once made aware of a need for accommodation. If you require any special accommodation or support during the recruitment process, please indicate in your email to us. #J-18808-Ljbffr Eclipse Foundation, Inc.