Security Analyst, Incident Response & Vulnerability Management

Overview

The Eclipse Foundation is one of the world’s largest open source software foundations, with a proven track record of enabling developer-focused open source innovation earned over 19 years. The Foundation is the home of numerous industry-leading projects and collaborations including Adoptium, Software Defined Vehicle, Eclipse IDE, IOT and Jakarta EE. Supported by over 350 members globally, the Foundation has an established international reach and reputation.

We are looking for a junior-to-mid-level Security Analyst to join our Security Team. This role will focus primarily on incident response and vulnerability management, including the responsible use of automation and AI-assisted workflows where they improve accuracy, consistency, or efficiency.

Working closely with the Head of Security, you will help monitor, investigate, document, and respond to security issues affecting Eclipse Foundation systems, services, and open source projects. You will also support vulnerability management activities by reviewing findings, helping prioritize remediation, coordinating with internal and external teams, and tracking issues through to resolution.

This role is complementary to our AI-assisted vulnerability management engineering work. You will not be expected to design large-scale AI security pipelines. Instead, you will help operate and support incident response and vulnerability management workflows, using security tooling, automation, and AI-assisted approaches responsibly as part of day-to-day security operations.

You will not be expected to handle major incidents alone. This is a hands-on role for someone with solid security fundamentals, careful documentation habits, good judgment, and a willingness to learn while working across technical and organizational boundaries.

This is an initial 12-month fixed-term role, fully remote and open to candidates located in the European Union, Canada, and the United States
. Depending on organizational needs, funding, performance, and mutual fit, there may be an opportunity for renewal or transition to an ongoing/permanent position.

• Monitor, triage, and investigate security alerts, events, reports, and potential incidents.
• Assist with initial analysis, evidence gathering, containment coordination, documentation, and post-incident follow-up.
• Help maintain and improve incident response procedures, playbooks, templates, checklists, and related documentation.
• Review vulnerability scan results and security reports, validate findings, assess potential impact, and help prioritize remediation.
• Track vulnerabilities and remediation work across teams, ensuring issues are clearly documented and followed through to closure.
• Work with internal stakeholders, project teams, and other collaborators to communicate findings, risks, and recommended remediation steps in a clear and practical way.
• Help identify contributing factors behind incidents or recurring vulnerabilities and suggest practical improvements.
• Assist with access reviews, security assessments, risk reviews, and related operational security tasks.
• Contribute to improvements in security tooling, automation, reporting, dashboards, and operational workflows.
• Help promote a security-aware culture through practical guidance, documentation, and collaboration with technical and non-technical teams.

Day-to-day work may include reviewing vulnerability scanner output, preparing incident notes, following up on remediation tasks, reviewing evidence, updating playbooks, helping maintain security dashboards, and supporting teams in understanding what action is needed to address security risks.

Success in this role means helping the Eclipse Foundation operate incident response and vulnerability management workflows in a consistent, reliable, and well-documented way. You will be successful if security alerts, incidents, and vulnerability findings are triaged carefully, documented clearly, followed up appropriately, and tracked through to resolution. You will help ensure that stakeholders understand what action is needed, that sensitive information is handled responsibly, and that security processes become easier to repeat and improve over time.

This role does not require deep expertise in every security domain from day one. Success depends on sound judgment, attention to detail, clear communication, willingness to learn, and the ability to ask for help when needed.

A degree in cybersecurity, computer science, information technology, or a related field is welcome but not required. We value equivalent practical experience, professional training, and relevant certifications.

This role is suitable for someone with early-to-mid career experience in security operations, incident response, vulnerability management, IT security, or a related area. We do not expect candidates to have deep expertise in every area. We are looking for someone with solid fundamentals, good judgment,…