1

Contract Vulnerability Analyst Jobs in Riverside, CA

This position is contingent upon contract award and position availability. Selected candidates will ... with vulnerability management timelines and documented approvals. - Document rollback and ...

This position is contingent upon contract award and position availability. Selected candidates will ... vulnerability management, compliance tracking, or IT security support functions - Basic ...

IT Security Engineer

Irvine, CA · On-site

$45 - $52.27/hr

Irvine, CA (onsite) Contract: 12+ Month Schedule: Monday-Friday 8:30am-5:30pm, In Office Korean ... Monitor and analyze security events, logs, and alerts using tools like Splunk or Sentinel to detect ...

IT Director

Irvine, CA · On-site

$140K - $175K/yr

Scope, contract and oversee any MSP/MSSP projects such as acquisition network integration * and ... Develop reporting and business analytics capabilities in collaboration with operational leaders.

Senior Software Engineer

Irvine, CA · On-site

$131K - $173K/yr

... contract Visa- USC/ GC HM Notes: Previous subs only had experience at the application layer/app ... analysis and threat modeling. • Perform OS‑level verification and validation following IEC ...

Contract Vulnerability Analyst information

See Riverside, CA salary details

$32.3K

$76.4K

$135.6K

How much do contract vulnerability analyst jobs pay per year?

As of Jul 13, 2026, the average yearly pay for contract vulnerability analyst in Riverside, CA is $76,431.00, according to ZipRecruiter salary data. Most workers in this role earn between $54,800.00 and $90,800.00 per year, depending on experience, location, and employer.

What are some common challenges faced by Contract Vulnerability Analysts, and how can they overcome them?

Contract Vulnerability Analysts often face challenges such as rapidly changing threat landscapes and the need to quickly adapt to new security vulnerabilities in client environments. They must balance multiple client projects and prioritize tasks based on risk and impact. Success in this role requires strong communication skills to clearly explain technical findings to non-technical stakeholders and collaborate with both internal security teams and client IT departments. Building efficient workflows, staying updated with the latest security tools, and participating in regular training can help analysts stay ahead of threats and deliver impactful results.

What is a Contract Vulnerability Analyst?

A Contract Vulnerability Analyst is a cybersecurity professional who is hired on a contractual basis to identify, assess, and report security vulnerabilities within an organization's systems, networks, or applications. Their main role is to help companies find and address security weaknesses before attackers can exploit them. They often use various tools and methodologies to conduct vulnerability assessments, penetration testing, and security audits. Contract Vulnerability Analysts typically work for a set period or on a specific project, providing expert guidance to enhance the organization's security posture.

What is the difference between Contract Vulnerability Analyst vs Security Analyst?

AspectContract Vulnerability AnalystSecurity Analyst
CertificationsCompTIA Security+, CEH, CISSP (preferred)CompTIA Security+, CISSP, CISA
Work EnvironmentContract-based, project-specific roles, often remote or on-siteFull-time, in-house or remote security teams within organizations
Industry UsageIT security firms, consulting companies, tech organizationsCorporate, government, financial institutions
Search & Comparison IntentFocus on vulnerability assessment, penetration testing, security gapsBroader security management, incident response, policy enforcement

The Contract Vulnerability Analyst primarily focuses on identifying and mitigating security vulnerabilities through assessments and testing, often working on a contractual basis. In contrast, a Security Analyst typically handles ongoing security monitoring, incident response, and policy implementation within an organization. While both roles require similar certifications and work in the cybersecurity field, their scope and employment structure differ significantly.

What are the key skills and qualifications needed to thrive as a Contract Vulnerability Analyst, and why are they important?

To thrive as a Contract Vulnerability Analyst, you need a strong background in cybersecurity principles, vulnerability assessment methodologies, and relevant certifications such as CEH or CompTIA Security+. Familiarity with vulnerability scanning tools like Nessus, Qualys, or OpenVAS, as well as experience with common operating systems and network protocols, is typically required. Analytical thinking, attention to detail, and strong communication skills help analysts effectively identify, prioritize, and report vulnerabilities to stakeholders. These skills are crucial for ensuring organizational security and compliance while minimizing risk in dynamic contract-based environments.
What are the most commonly searched types of Vulnerability Analyst jobs in Riverside, CA? The most popular types of Vulnerability Analyst jobs in Riverside, CA are:
What are popular job titles related to Contract Vulnerability Analyst jobs in Riverside, CA? For Contract Vulnerability Analyst jobs in Riverside, CA, the most frequently searched job titles are:
What job categories do people searching Contract Vulnerability Analyst jobs in Riverside, CA look for? The top searched job categories for Contract Vulnerability Analyst jobs in Riverside, CA are:
What cities near Riverside, CA are hiring for Contract Vulnerability Analyst jobs? Cities near Riverside, CA with the most Contract Vulnerability Analyst job openings:
Patching Analyst

Patching Analyst

Maximus

Pomona, CA • On-site

Full-time

Medical, Life, Retirement, PTO

Posted 10 days ago


Maximus rating

6.9

Company rating: 6.9 out of 10

Based on 293 frontline employees who took The Breakroom Quiz

253rd of 449 rated business services


Job description

Description & Requirements

Maximus is a trusted federal partner supporting mission‑critical programs across national security, defense, and public service delivery. Our work focuses on sustaining, operating, and improving essential government systems and services, with proven operational excellence, and a commitment to mission success for our customers.

Joining Maximus means becoming part of a collaborative, mission‑driven organization where teamwork, accountability, and professional growth are core to how we operate. We invest in our workforce through training, education, and career development, empowering professionals to deliver high‑impact solutions while contributing to outcomes that matter at a national scale.

This position is contingent upon contract award and position availability. Selected candidates will receive a contingent offer of employment, which will become final only upon successful contract award to Maximus, availability of the position, and receipt of authorization to proceed.

The Patching Analyst position provides enterprise-level patch tracking, compliance reporting, and audit support across on‑premises, cloud, and hybrid environments.

Ability to obtain and maintain a Public Trust is required. An active Public Trust and/or DHS suitability is preferred. Must be a U.S. Citizen without dual citizenship.

Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS116, P2, Band 5

Job-Specific Essential Duties and Responsibilities:

- Document, track, and report patching activities through established change and release management processes.

- Produce recurring patch compliance reports, audit artifacts, dashboards, and metrics supporting monthly reporting and auditability requirements.

- Maintain patch status dashboards, exception tracking logs, and remediation timelines across all supported environments (on‑prem, cloud, hybrid).

- Track remediation deadlines and exceptions, ensuring alignment with vulnerability management timelines and documented approvals.

- Document rollback and contingency procedures to support recovery in the event of patch or upgrade failure.

- Communicate planned patching activities, impacts, and downtime to stakeholders in advance, supporting operational awareness and coordination.

- Ensure reporting and documentation support compliance, audit readiness, and traceability across monthly operational cycles.

Job-Specific Minimum Requirements:

- Ability to obtain and maintain a Public Trust is required. An active Public Trust and/or DHS suitability is preferred. Must be a U.S. Citizen without dual citizenship

- Bachelor’s degree in Information Technology, Cybersecurity, Information Systems, or a related field (or equivalent experience).

- 3+ years supporting IT operations, patch management, vulnerability management, or compliance reporting in an enterprise environment.

- Experience documenting and tracking patching activities through change/release processes.

- Strong understanding of patch compliance reporting, audit artifacts, and remediation tracking.

- Experience producing dashboards, metrics, and compliance reports for operational and audit use.

- Familiarity with IT environments spanning on‑premises, cloud, and hybrid platforms.

- Ability to maintain detailed documentation supporting compliance and auditability.

- Experience working within federal IT environments (policies, controls, reporting).

Preferred Skills and Qualifications:

- Experience with enterprise ITSM tools (e.g., ServiceNow) for change, release, and reporting.

- Familiarity with vulnerability management concepts (CVEs, remediation timelines, exceptions).

- Strong written communication skills for compliance documentation and audit support.

- Experience supporting endpoint or user services teams in large-scale environments.

#techjobs #clearance #LI-Remote #veteranspage

Minimum Requirements

TCS116, P2, Band 5

EEO Statement

Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics.

Pay Transparency

Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances.

Accommodations

Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at applicantaccom@maximus.com .


What Maximus employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom