Vulnerability Management Analyst

The Team

We are seeking a highly skilled and motivated Vulnerability Management Analyst to join American Tower’s corporate Information Security team. The Analyst identifies, prioritizes, validates, and drives the remediation of security exposures across our digital environment. You will play a key role in transforming traditional vulnerability management into a continuous, risk-based, attacker-centric process. By leveraging threat intelligence, automation, and validation techniques, you will help ensure that our organization stays ahead of evolving threats. This position requires a blend of technical expertise, analytical thinking, and cross-functional collaboration to reduce risks and strengthen our overall security posture.

What You Can Offer Us

• Perform continuous asset discovery and vulnerability assessments using tools such as Tenable, Wiz, and MDVM, ensuring comprehensive visibility across cloud, on-premises, and hybrid environments.    
• Leverage threat intelligence, business context, and risk-based prioritization to assess exposures based on exploitability, asset criticality, and potential business impacts.    
• Partner with IT, DevOps, and application teams to coordinate and track the timely remediation of validated threats, ensuring alignment with security policies and service level agreements.    
• Develop and maintain dashboards, metrics, and executive reports to communicate to both technical and non-technical stakeholders exposure trends, remediation progress, and overall risk posture.    
• Stay current with emerging threats, vulnerability trends, and Continuous Threat Exposure Management best practices, continuously refining detection and response strategies to improve organizational resilience.    

What You Need to Succeed

• Bachelor’s degree in computer science or information security, or an equivalent combination of education and work experience.
• Relevant certifications (e.g., CISSP, CEH, Security+, GIAC) preferred.
• 5+ years of cybersecurity, threat and vulnerability management, threat analysis, or other relevant IT experience required.
• Strong understanding of cybersecurity frameworks (e.g., MITRE ATT&CK, NIST CSF, ISO 27001).
• Technical proficiency across operating systems (Windows, Linux), cloud platforms (AWS, Azure), and other environments.
• Experience with vulnerability scanning, asset discovery, and threat validation tools.
• Experience with ticketing platforms like ServiceNow or Jira to manage and track remediation workflows.
• Excellent analytical, communication, and collaboration skills.
• Strong organization, planning, and project management skills; ability to prioritize tasks for yourself and a team to meet requirements and deadlines.
• Ability to work with different functional groups and levels of employees to effectively and professionally achieve results.
• Strong leadership skills; ability to drive and motivate a team to achieve results.

American Tower is a global digital infrastructure company serving customers through tower sites and other real estate solutions that support connectivity and opportunity, focused on achieving our vision of Building a More Connected World. Our success is rooted in the potential of our people and the power of local teams at our offices and sites across 25 countries.

We are one of the largest global Real Estate Investment Trusts (REITs) and a publicly traded (NYSE:AMT), Fortune 500 Company headquartered in Boston, Massachusetts. The next decade will be an exciting time as we evolve our infrastructure to meet tomorrow’s needs and position our people to elevate their impact, their potential, and our shared success. Come grow your career with us!

For more information about how American Tower is building a more connected world, visit americantower.com.

American Tower is proud to be an equal opportunity employer and will not discriminate against an applicant or employee based on age, sex, sexual orientation, gender identity, race, color, creed, religion, national origin or ancestry, citizenship, marital status, familial status, disability, military or veteran status, genetic information, pregnancy, reproductive decisions, or any other characteristic protected under applicable law.