Analyst Sr., Vulnerability Reporting

The purpose of this position is for a highly skilled and experienced Senior Vulnerability Management Analyst to join our Information Security team. The ideal candidate will be responsible for identifying and assessing vulnerabilities across our IT infrastructure. This role requires a deep understanding of cybersecurity principles, strong analytical skills, and the ability to work collaboratively with various teams to enhance our security posture.

Essential Functions:

• Develop and track key performance indicators (KPIs) to measure the effectiveness of the vulnerability management program

• Generate regular reports on the status of vulnerabilities and remediation efforts

• Ensure tools are properly configured and integrated with other security and IT systems

• Conduct regular vulnerability assessments using tools such as Qualys

• Collaborate with IT and development teams to ensure timely remediation of identified vulnerabilities

Knowledge, Skills & Abilities:

• Scope:  The Senior Vulnerability Management Reporting Analyst serves as a key contributor within the organization’s Cybersecurity and Risk Management function, transforming complex vulnerability data into clear, actionable insights that guide strategic decisions across both shoreside operations and the global fleet. Operating as a subject‑matter expert, the role collaborates with IT, Security Operations, Infrastructure, Compliance, and Fleet Technology teams to ensure consistent reporting, accurate risk visibility, and effective prioritization of remediation efforts. With enterprise‑wide reach and influence, the analyst strengthens the organization’s overall security posture by maintaining a unified reporting framework, improving data quality, and enabling leadership at all levels to understand and act on emerging risks that impact global operations and critical assets.

• Problem solving: The core problem this new role is designed to solve is the lack of clear, consistent, and actionable visibility into the organization’s vulnerability posture across both shore and fleet environments. Right now, vulnerability data often lives in multiple systems, is interpreted differently by different teams, and doesn’t always translate into meaningful insights that drive timely remediation or informed decision‑making. By centralizing reporting, standardizing metrics, and elevating analysis, the Senior Vulnerability Management Reporting Analyst closes the gap between raw technical data and the strategic understanding leaders need to manage cyber risk effectively across a global, highly distributed operation.

• Impact: This role creates a ripple effect across the entire organization because it finally gives the business a unified, trustworthy view of cyber risk something that has been difficult to achieve across diverse shore and fleet environments. By elevating the quality, consistency, and clarity of vulnerability reporting, the role enables leaders to make faster, more informed decisions, helps technical teams prioritize the right remediation work, and strengthens compliance efforts across global operations. It reduces blind spots, improves coordination between departments, and ultimately raises the organization’s overall security maturity. The impact is enterprise‑wide: better risk visibility, stronger protection of critical assets, and a more resilient business.

• Leadership: This position will need to have strong leadership skills to be able to work with multiple different brands but will have no direct reports.

For all roles:

• Knowledge:  Understanding of workplace policies and procedures / Familiarity with team collaboration tools and techniques.

• Skills:  Strong time management and organizational skills

• Abilities:  Ability to maintain reliable and consistent attendance / Capacity to be punctual and meet deadlines / Ability to collaborate effectively with colleagues and work as part of a team / Demonstrated professionalism in all interactions and tasks.

Qualifications:

• Extensive experience with vulnerability management platforms (e.g., Qualys, Tenable, Rapid7) 

• Strong understanding of cybersecurity principles, threat landscapes, and risk‑management frameworks 

• Proficiency in data analysis and reporting tools such as Power BI, Tableau, Excel, or Splunk 

• Ability to interpret complex technical data and translate it into meaningful insights for non‑technical audiences 

• Familiarity with cloud environments, enterprise IT infrastructure, and OT/ICS environments (especially relevant for fleet operations)

• Demonstrated ability to build dashboards, KPIs, and standardized reporting frameworks 

• Experience performing trend analysis, risk scoring, and data quality validation 

• Strong attention to detail and ability to identify patterns, anomalies, and emerging risks 

• Ability to prioritize vulnerabilities based on business impact, exploitability, and operational context

• Experience working with IT, Security Operations, Infrastructure, Compliance, and operational technology teams

• 5–7+ years of experience in cybersecurity, vulnerability management, risk analysis, or related fields 

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or equivalent experience 

• Relevant certifications such as Security+, CySA+, CEH, GSEC, or other GIAC certifications (preferred but not required)

• Ability to operate independently at a senior level and make informed recommendations 

• Experience improving processes, standardizing reporting, and driving continuous improvement 

• Comfort working in a global, distributed environment with both shore and fleet operations

• Ability to influence without authority and drive alignment across diverse stakeholders 

• Strong communication skills, including the ability to brief senior leadership and simplify complex topics

Travel:  No or very little travel likely

Work Conditions: Work primarily in a climate-controlled environment with minimal safety/health hazard potential.

Physical Demands: Must be able to remain in a stationary position at a desk and/or computer for extended periods of time. 

This position is classified as “in-office.”  As an in-office role, it requires employees to work from a designated Carnival office in South Florida Monday through Thursday each week. Employees may work from their homes on Fridays.  Candidates must be located in (or willing to relocate to) the Miami/Ft. Lauderdale area. 

Offers to selected candidates will be made on a fair and equitable basis, taking into account specific job-related skills and experience.   

At Carnival, your total rewards package is much more than your base salary. All non-sales roles participate in an annual cash bonus program, while sales roles have an incentive plan. Director and above roles may also be eligible to participate in Carnival’s discretionary equity incentive plan. Plus, Carnival provides comprehensive and innovative benefits to meet your needs, including: 

• Health Benefits: 
  • Cost-effective medical, dental and vision plans 
  • Employee Assistance Program and other mental health resources 
  • Additional programs include company paid term life insurance and disability coverage  
• Financial Benefits: 
  • 401(k) plan that includes a company match 
  • Employee Stock Purchase plan 
• Paid Time Off 
  • Holidays – All full-time and part-time with benefits employees receive days off for 8 company-wide holidays, plus 2 additional floating holidays to be taken at the employee’s discretion.  
  • Vacation Time – All full-time employees at the manager and below level start with 14 days/year; director and above level start with 19 days/year.  Part-time with benefits employees receive time off based on the number of hours they work, with a minimum of 84 hours/year.  All employees gain additional vacation time with further tenure. 
  • Sick Time – All full-time employees receive 80 hours of sick time each year.  Part-time with benefits employees receive time off based on the number of hours they work, with a minimum of 60 hours each year.   
• Other Benefits 
  • Complementary stand-by cruises, employee discounts on confirmed cruises, plus special rates for family and friends 
  • Personal and professional learning and development resources including tuition reimbursement  
  • On-site Fitness center at our Miami campus 

#Corp

#LI-HybridRemote

#LI-SH1