Cybersecurity Analyst

We are looking for a motivated Junior Cyber Security Analyst to join our Product Security team. This role is ideal for someone early in their cybersecurity career who is eager to develop hands-on skills in application security, vulnerability management, and secure software development. You will work closely with security champions across development teams, helping identify, assess, and track vulnerabilities while supporting the secure delivery of our products.

• Collaborate with security champions to review, triage, prioritize, and track application vulnerabilities.
• Support application vulnerability management, ensuring findings are recorded, assigned, and remediated within agreed SLAs.
• Perform and assist in interpreting results from Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA).
• Validate vulnerabilities, confirm impact, and coordinate with developers for remediation.
• Document security issues, processes, and developer guidance in an accessible format.
• Participate in security-related project reviews and architecture discussions.
• Help educate developers on secure coding practices through workshops, documentation, or ad-hoc support.
• Stay informed on emerging vulnerabilities, tools, and trends in application security.
• Contribute to incident response, risk management, compliance, and security tool integration within Clarivate’s cloud and on-prem environments.

• Foundational knowledge of application security principles and common vulnerabilities (e.g., OWASP Top 10).
• Understanding of vulnerability management processes and common scoring systems (e.g., CVSS).
• Ability to read and understand code (experience with at least one language such as Java, JavaScript, Python, or C#).
• Basic knowledge of SAST, DAST, and SCA tools and workflows.
• Familiarity with version control systems (e.g., Git).
• Basic understanding of HTTP / HTTPS protocols and web application architecture.
• Strong communication skills and ability to work with cross-functional teams.
• Exposure to security tools such as Veracode, Nucleus, SonarQube, Burp Suite, or OWASP ZAP.
• Familiarity with CI / CD pipelines and integrating security testing.
• Awareness of cloud platforms (AWS, Azure, GCP) and related security practices.
• Basic understanding of container security (Docker, Kubernetes).
• Relevant entry-level certifications (e.g., Security+, eJPT, or equivalent) are a plus.

Our Cybersecurity team is spread across the world, with members in North America, Europe, and Asia. The Cybersecurity Analyst role will be part of the Security Engineering & Operations pillar, which focuses on security monitoring, incident response, and risk mitigation strategies. This position will report to the Cybersecurity Manager based in North America and will collaborate closely with other security teams, product teams, and internal stakeholders to support our security initiatives and maintain a strong security posture.

This is a full-time permanent position (40 hours per week), working on a hybrid model (2-3 days per week on site) from our Barcelona office.

• 30 working days of vacation
• Private Health and Life & Disability insurance
• Tax-free benefits (Ticket Restaurant scheme, kindergarten, and transport cards)
• Volunteering community with 40 paid hours of volunteering time
• A chance to grow your cybersecurity career in a global company

At Clarivate, we are committed to providing equal employment opportunities for all qualified persons with respect to hiring, compensation, promotion, training, and other terms, conditions, and privileges of employment. We comply with applicable laws and regulations governing non-discrimination in all locations.

Clarivate is a global leader in trusted and transformative intelligence. We bring together enriched data, insights, analytics and workflow solutions, grounded in deep domain expertise across the spectrum of knowledge, research and innovation.

For more information, please visit