We are looking for a motivated Junior Cyber Security Analyst to join our Product Security team. This role is ideal for someone early in their cybersecurity career who is eager to develop hands-on skills in application security, vulnerability management, and secure software development. You will work closely with security champions across development teams, helping identify, assess, and track vulnerabilities while supporting the secure delivery of our products.
About You – experience, education, skills, and accomplishments
* Foundational knowledge of application security principles and common vulnerabilities (e.g., OWASP Top 10).
* Understanding of vulnerability management processes and common scoring systems (e.g., CVSS).
* Ability to read and understand code (experience with at least one language such as Java, JavaScript, Python, or C#).
* Basic knowledge of SAST, DAST, and SCA tools and workflows.
* Familiarity with version control systems (e.g., Git).
* Basic understanding of HTTP/HTTPS protocols and web application architecture.
* Strong communication skills and ability to work with cross-functional teams.
It would be great if you also had.. .
* Exposure to security tools such as Veracode, Nucleus, SonarQube, Burp Suite, or OWASP ZAP.
* Familiarity with CI/CD pipelines and integrating security testing.
* Awareness of cloud platforms (AWS, Azure, GCP) and related security practices.
* Basic understanding of container security (Docker, Kubernetes).
* Relevant entry-level certifications (e.g., Security+, eJPT, or equivalent) are a plus.
What will you be doing in this role?
* Collaborate with security champions to review, triage, prioritize, and track application vulnerabilities.
* Support application vulnerability management, ensuring findings are recorded, assigned, and remediated within agreed SLAs.
* Perform and assist in interpreting results from Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA).
* Validate vulnerabilities, confirm impact, and coordinate with developers for remediation.
* Document security issues, processes, and developer guidance in an accessible format.
* Participate in security-related project reviews and architecture discussions.
* Help educate developers on secure coding practices through workshops, documentation, or ad-hoc support.
* Stay informed on emerging vulnerabilities, tools, and trends in application security.
Product you will be developing
The Cybersecurity Analyst will work within Clarivate's global security team, focusing on Security Engineering & Operations, Product Security, Security Architecture, and Governance, Risk & Compliance. You will contribute to incident response, risk management, compliance, and security tool integration while ensuring best practices are followed across our cloud and on-prem environments.
About the Team
Our Cybersecurity team is spread across the world, with members in North America, Europe, and Asia. The Cybersecurity Analyst role will be part of the Security Engineering & Operations pillar, which focuses on security monitoring, incident response, and risk mitigation strategies.
This position will report to the Cybersecurity Manager based in North America and will collaborate closely with other security teams, product teams, and internal stakeholders to support our security initiatives and maintain a strong security posture.
Hours of Work
This is a full-time permanent position (40 hours per week), working on a hybrid model (2-3 days per week on site) from our Barcelona office.
What we can offer
* 30 working days of vacation
* Private Health and Life & Disability insurance
* Tax-free benefits (Ticket Restaurant scheme, kindergarten, and transport cards)
* Volunteering community with 40 paid hours of volunteering time
* A chance to grow your cybersecurity career in a global company
At Clarivate, we are committed to providing equal employment opportunities for all qualified persons with respect to hiring, compensation, promotion, training, and other terms, conditions, and privileges of employment. We comply with applicable laws and regulations governing non-discrimination in all locations.