Position Summary

Effectual is seeking a

Associate

Business Analyst to support vulnerability management, application security, and research initiatives for a leading technology organization. This role will work closely with cloud vulnerability backlog triage, bug bounty program operations, basic code scanning analysis, and integration of AI-powered security tooling. The

Associate

Business Analyst will provide hands-on exposure to modern cloud security operations, vulnerability assessment practices, and research workflows.

This position is well-suited for candidates looking to grow into cloud security, application security, or vulnerability management roles.

Essential Duties and Responsibilities

Assistwith triage of cloud and application vulnerabilities within vulnerability management platforms

Review scanning results (e.g.,Snyk,SemGrep,CodeScanner, etc.) and perform initial categorization and validation

Participate in backlog review efforts, tagging issues, prioritizing work, and tracking remediation status

Maintain dashboards and reporting on vulnerability metrics, trends, and backlog reduction

Support senior analysts in conducting research on emerging threats, vulnerability patterns, and exploit techniques

Assistin the rollout and usage of AI-enhanced tools (e.g., Goose, Maze)

Prepare documentation, update SOPs, andmaintainticket hygiene in Jira and internal systems

Collaborate with engineering and security teams to follow up on remediation plans

Qualifications

Foundational understanding of vulnerability management concepts, CVSS scoring, and common security testing practices

Familiarity with cloud technologies (AWS preferred) and modern application architectures

Ability to analyze data sets, triage issues, andmaintaindetailed documentation

Strong written communication skills, especially around security findings

Interest in application security, cloud security, or bug bounty research

Ability to work cross-functionally with development and security teams

Nice-to-Have Skills and Experience

Exposure to code scanning tools such asSnyk, SonarQube,Checkmarx, Veracode, or similar

Familiarity with CVE databases, OWASP Top 10, or basic threat modeling

Experience with Python, bash, or basic scripting toassistin automation

Prior internship or experience in a SOC, vulnerability research team, or cloud security environment

Company Offered Benefits

Full-time employees are eligible toparticipatein our employee benefit programs:

Medical, dental, and vision health insurances,

Short term disability, long termdisabilityand life insurances,

401k with Company match

Paid time off (PTO) (120 hoursPTO thataccrueover one year)

Paid time off for major holidays (14 daysper year)

These and any other employee benefit offerings are subject tomanagement’sdiscretion and may change at any time.

Physical Demands and Work Environment

The work isgenerally performedin an office environment.Physical demands include sitting, keyboarding, verbal communication, writtencommunication.Employeesare occasionally required tostand; walk; reach with hands and arms; climb or balance; and stoop, kneel, crouch, or crawl. The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodation may be made to enable individuals with disabilities to perform the functions.

Salary Range for thisposition:$70,000-$80,000

"Salary ranges provided are for informational purposes only and may vary depending on factors such as experience, qualifications, and geographic location. The final salary offer will be determined based on the candidate's skills and alignment with the rolerequirements."

This job description may not be inclusive of all assigned duties, responsibilities, or aspects of the job described, and may beamendedanytimeat the sole discretion of the Employer. Duties and responsibilities are subject topossible modificationtoreasonably accommodateindividuals with disabilities. To perform this job successfully, the incumbents willpossessthe skills, aptitudes, and abilities to perform each duty proficiently. This document does not create an employment contract, implied or otherwise, other than an “at will” relationship. Effectual Inc.is an EEO employer and does not discriminateon the basis ofany protected classification in its hiring,promoting, or any other job-related opportunity.

Meet JobCopilot: Your Personal AI Job Hunter