Associate Business Analyst

Position Summary 

Effectual is seeking an Associate Business Analyst to support vulnerability management, application security, and research initiatives for a leading technology organization. This role will work closely with cloud vulnerability backlog triage, bug bounty program operations, basic code scanning analysis, and integration of AI-powered security tooling. The Associate Business Analyst will provide hands-on exposure to modern cloud security operations, vulnerability assessment practices, and research workflows. 

This position is well-suited for candidates looking to grow into cloud security, application security, or vulnerability management roles. 

Essential Duties and Responsibilities 

• Assist with triage of cloud and application vulnerabilities within vulnerability management platforms  

• Review scanning results (e.g., Snyk, SemGrep, CodeScanner, etc.) and perform initial categorization and validation 

• Participate in backlog review efforts, tagging issues, prioritizing work, and tracking remediation status  

• Maintain dashboards and reporting on vulnerability metrics, trends, and backlog reduction  

• Support senior analysts in conducting research on emerging threats, vulnerability patterns, and exploit techniques  

• Assist in the rollout and usage of AI-enhanced tools (e.g., Goose, Maze)  

• Prepare documentation, update SOPs, and maintain ticket hygiene in Jira and internal systems  

• Collaborate with engineering and security teams to follow up on remediation plans 

Qualifications 

• Foundational understanding of vulnerability management concepts, CVSS scoring, and common security testing practices  

• Familiarity with cloud technologies (AWS preferred) and modern application architectures  

• Ability to analyze data sets, triage issues, and maintain detailed documentation  

• Strong written communication skills, especially around security findings  

• Interest in application security, cloud security, or bug bounty research  

• Ability to work cross-functionally with development and security teams 

Nice-to-Have Skills and Experience 

• Exposure to code scanning tools such as Snyk, SonarQube, Checkmarx, Veracode, or similar  

• Familiarity with CVE databases, OWASP Top 10, or basic threat modeling  

• Experience with Python, bash, or basic scripting to assist in automation  

• Prior internship or experience in a SOC, vulnerability research team, or cloud security environment 

Company Offered Benefits 

Full-time employees are eligible to participate in our employee benefit programs: 

• Medical, dental, and vision health insurances, 

• Short term disability, long term disability and life insurances, 

• 401k with Company match 

• Paid time off (PTO) (120 hours PTO that accrue over one year) 

• Paid time off for major holidays (14 days per year) 

• These and any other employee benefit offerings are subject to management’s discretion and may change at any time.  

Physical Demands and Work Environment  

The work is generally performed in an office environment.  Physical demands include sitting, keyboarding, verbal communication, written communication.  Employees are occasionally required to stand; walk; reach with hands and arms; climb or balance; and stoop, kneel, crouch, or crawl. The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodation may be made to enable individuals with disabilities to perform the functions. 

Salary Range for this position: $70,000-$80,000 

"Salary ranges provided are for informational purposes only and may vary depending on factors such as experience, qualifications, and geographic location. The final salary offer will be determined based on the candidate's skills and alignment with the role requirements." 

This job description may not be inclusive of all assigned duties, responsibilities, or aspects of the job described, and may be amended anytime at the sole discretion of the Employer. Duties and responsibilities are subject to possible modification to reasonably accommodate individuals with disabilities. To perform this job successfully, the incumbents will possess the skills, aptitudes, and abilities to perform each duty proficiently. This document does not create an employment contract, implied or otherwise, other than an “at will” relationship. Effectual Inc. is an EEO employer and does not discriminate on the basis of any protected classification in its hiring, promoting, or any other job-related opportunity.