1

Contract Vulnerability Analyst Jobs in Rochester, NY

... vulnerability management and compliance activities, including remediation coordination and ... and analysis of response activities. Job-Specific Minimum Requirements: - Ability to document ...

Cyber Security Tutor

Rochester, NY · Remote

$18 - $40/hr

Deep knowledge of network security, cryptography, threat analysis, vulnerability assessment ... Varsity Tutors does not contract in: Alaska, California, Colorado, Delaware, Hawaii, Maine, New ...

Contract Vulnerability Analyst information

See Rochester, NY salary details

$30.6K

$72.3K

$128.3K

How much do contract vulnerability analyst jobs pay per year?

As of Jul 17, 2026, the average yearly pay for contract vulnerability analyst in Rochester, NY is $72,284.00, according to ZipRecruiter salary data. Most workers in this role earn between $51,800.00 and $85,800.00 per year, depending on experience, location, and employer.

What are some common challenges faced by Contract Vulnerability Analysts, and how can they overcome them?

Contract Vulnerability Analysts often face challenges such as rapidly changing threat landscapes and the need to quickly adapt to new security vulnerabilities in client environments. They must balance multiple client projects and prioritize tasks based on risk and impact. Success in this role requires strong communication skills to clearly explain technical findings to non-technical stakeholders and collaborate with both internal security teams and client IT departments. Building efficient workflows, staying updated with the latest security tools, and participating in regular training can help analysts stay ahead of threats and deliver impactful results.

What is a Contract Vulnerability Analyst?

A Contract Vulnerability Analyst is a cybersecurity professional who is hired on a contractual basis to identify, assess, and report security vulnerabilities within an organization's systems, networks, or applications. Their main role is to help companies find and address security weaknesses before attackers can exploit them. They often use various tools and methodologies to conduct vulnerability assessments, penetration testing, and security audits. Contract Vulnerability Analysts typically work for a set period or on a specific project, providing expert guidance to enhance the organization's security posture.

What is the difference between Contract Vulnerability Analyst vs Security Analyst?

AspectContract Vulnerability AnalystSecurity Analyst
CertificationsCompTIA Security+, CEH, CISSP (preferred)CompTIA Security+, CISSP, CISA
Work EnvironmentContract-based, project-specific roles, often remote or on-siteFull-time, in-house or remote security teams within organizations
Industry UsageIT security firms, consulting companies, tech organizationsCorporate, government, financial institutions
Search & Comparison IntentFocus on vulnerability assessment, penetration testing, security gapsBroader security management, incident response, policy enforcement

The Contract Vulnerability Analyst primarily focuses on identifying and mitigating security vulnerabilities through assessments and testing, often working on a contractual basis. In contrast, a Security Analyst typically handles ongoing security monitoring, incident response, and policy implementation within an organization. While both roles require similar certifications and work in the cybersecurity field, their scope and employment structure differ significantly.

What are the key skills and qualifications needed to thrive as a Contract Vulnerability Analyst, and why are they important?

To thrive as a Contract Vulnerability Analyst, you need a strong background in cybersecurity principles, vulnerability assessment methodologies, and relevant certifications such as CEH or CompTIA Security+. Familiarity with vulnerability scanning tools like Nessus, Qualys, or OpenVAS, as well as experience with common operating systems and network protocols, is typically required. Analytical thinking, attention to detail, and strong communication skills help analysts effectively identify, prioritize, and report vulnerabilities to stakeholders. These skills are crucial for ensuring organizational security and compliance while minimizing risk in dynamic contract-based environments.
What are the most commonly searched types of Vulnerability Analyst jobs in Rochester, NY? The most popular types of Vulnerability Analyst jobs in Rochester, NY are:
What are popular job titles related to Contract Vulnerability Analyst jobs in Rochester, NY? For Contract Vulnerability Analyst jobs in Rochester, NY, the most frequently searched job titles are:
What cities near Rochester, NY are hiring for Contract Vulnerability Analyst jobs? Cities near Rochester, NY with the most Contract Vulnerability Analyst job openings:
Security Operations Shift Lead

Security Operations Shift Lead

MAXIMUS

Rochester, NY • On-site

Other

Medical, Life, Retirement, PTO

Re-posted 6 days ago


Maximus rating

6.9

Company rating: 6.9 out of 10

Based on 294 frontline employees who took The Breakroom Quiz

254th of 451 rated business services


Job description

Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS056, T2, Band 5
Job-Specific Essential Duties and Responsibilities:
- Provide advanced support for cybersecurity operations, executing complex containment, remediation, and risk reduction activities across enterprise IT and OT environments.
- Perform escalation-level response actions, including coordinating and executing directed cyber activities.
- Lead and support containment and restoration efforts during security incidents, ensuring timely resolution and stabilization of affected systems.
- Ensure all response actions are fully documented, supporting auditability, traceability, and effective knowledge transfer across teams.
- Coordinate with cross-functional technical teams to execute remediation actions across infrastructure, applications, cloud platforms, and network environments.
- Support vulnerability management and compliance activities, including remediation coordination and alignment with federal cybersecurity guidance.
- Assist in managing incident response workflows, ensuring actions align with established procedures, priorities, and response timelines.
- Monitor security events and tools, perform advanced triage, and escalate or act on findings as appropriate.
- Contribute to operational reporting and provide input into performance tracking, risk posture, and security metrics.
- Support continuous improvement of cybersecurity processes and operational effectiveness through feedback and analysis of response activities.
Job-Specific Minimum Requirements:
- Ability to document actions and maintain audit-ready records and knowledge transfer artifacts.
- Experience supporting cross-platform environments, including cloud, infrastructure, and network systems.
- Familiarity with security monitoring tools, incident tracking systems, and escalation processes.
- Ability to operate in a 24/7 environment with time-sensitive response requirements.
- Ability to obtain and maintain a Public Trust is required. An active Public Trust and/or DHS suitability is preferred. Must be a U.S. Citizen without dual citizenship
Minimum Education requirement:
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience)
Years of Required Work-Related Experience:
- 4+ years of experience in cybersecurity operations, incident response, or enterprise security support roles
Preferred Skills and Qualifications:
- Experience supporting enterprise-scale cybersecurity operations environments
- Familiarity with incident response coordination and escalation procedures
- Knowledge of vulnerability management and compliance frameworks
- Experience working across hybrid environments (cloud, infrastructure, network)
- Strong documentation and reporting skills for audit and compliance support
- Ability to operate effectively in high-pressure, time-sensitive environments
#techjobs #clearance #veteranspage #LI-Remote

Minimum Requirements
TCS056, T2, Band 5
#TSTECH
EEO Statement
Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics.
Pay Transparency
Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances.
Accommodations
Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at applicantaccom@maximus.com.
Minimum Salary
$
60,000.00
Maximum Salary
$
100,000.00


What Maximus employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom