Analyst Sr., Vulnerability Reporting

The purpose of this position is for a highly skilled and experienced Senior Vulnerability Management Analyst to join our Information Security team. The ideal candidate will be responsible for identifying and assessing vulnerabilities across our IT infrastructure. This role requires a deep understanding of cybersecurity principles, strong analytical skills, and the ability to work collaboratively with various teams to enhance our security posture.

Essential Functions:

* Develop and track key performance indicators (KPIs) to measure the effectiveness of the vulnerability management program

* Generate regular reports on the status of vulnerabilities and remediation efforts

* Ensure tools are properly configured and integrated with other security and IT systems

* Conduct regular vulnerability assessments using tools such as Qualys

* Collaborate with IT and development teams to ensure timely remediation of identified vulnerabilities

Knowledge, Skills & Abilities:

* Scope:
The Senior Vulnerability Management Reporting Analyst serves as a key contributor within the organization's Cybersecurity and Risk Management function, transforming complex vulnerability data into clear, actionable insights that guide strategic decisions across both shoreside operations and the global fleet. Operating as a subject‑matter expert, the role collaborates with IT, Security Operations, Infrastructure, Compliance, and Fleet Technology teams to ensure consistent reporting, accurate risk visibility, and effective prioritization of remediation efforts.

With enterprise‑wide reach and influence, the analyst strengthens the organization's overall security posture by maintaining a unified reporting framework, improving data quality, and enabling leadership at all levels to understand and act on emerging risks that impact global operations and critical assets.

* Problem solving:
The core problem this new role is designed to solve is the lack of clear, consistent, and actionable visibility into the organization's vulnerability posture across both shore and fleet environments. Right now, vulnerability data often lives in multiple systems, is interpreted differently by different teams, and doesn't always translate into meaningful insights that drive timely remediation or informed decision‑making. By centralizing reporting, standardizing metrics, and elevating analysis, the Senior Vulnerability Management Reporting Analyst closes the gap between raw technical data and the strategic understanding leaders need to manage cyber risk effectively across a global, highly distributed operation.

* Impact:
This role creates a ripple effect across the entire organization because it finally gives the business a unified, trustworthy view of cyber risk something that has been difficult to achieve across diverse shore and fleet environments. By elevating the quality, consistency, and clarity of vulnerability reporting, the role enables leaders to make faster, more informed decisions, helps technical teams prioritize the right remediation work, and strengthens compliance efforts across global operations.

It reduces blind spots, improves coordination between departments, and ultimately raises the organization's overall security maturity. The impact is enterprise‑wide: better risk visibility, stronger protection of critical assets, and a more resilient business.

* Leadership:
This position will need to have strong leadership skills to be able to work with multiple different brands but will have no direct reports.

For all roles:

* Knowledge:
Understanding of workplace policies and procedures / Familiarity with team collaboration tools and techniques.

* Skills:

Strong time management and organizational skills

* Abilities:
Ability to maintain reliable and consistent attendance / Capacity to be punctual and meet deadlines / Ability to collaborate effectively with colleagues and work as part of a team / Demonstrated professionalism in all interactions and tasks.

Qualifications:

* Extensive experience with vulnerability management platforms (e.g., Qualys, Tenable, Rapid7)

* Strong understanding of cybersecurity principles, threat landscapes, and risk‑management…