1

Contract Vulnerability Analyst Jobs (NOW HIRING)

This position is contingent upon contract award *** Overview SOSi is seeking a Risk and Vulnerability Analyst II to support vulnerability assessment and risk analysis activities in alignment with our ...

next page

Showing results 1-20

Contract Vulnerability Analyst information

See salary details

$31K

$73.3K

$130K

How much do contract vulnerability analyst jobs pay per year?

As of Jul 8, 2026, the average yearly pay for contract vulnerability analyst in the United States is $73,261.00, according to ZipRecruiter salary data. Most workers in this role earn between $52,500.00 and $87,000.00 per year, depending on experience, location, and employer.

What are some common challenges faced by Contract Vulnerability Analysts, and how can they overcome them?

Contract Vulnerability Analysts often face challenges such as rapidly changing threat landscapes and the need to quickly adapt to new security vulnerabilities in client environments. They must balance multiple client projects and prioritize tasks based on risk and impact. Success in this role requires strong communication skills to clearly explain technical findings to non-technical stakeholders and collaborate with both internal security teams and client IT departments. Building efficient workflows, staying updated with the latest security tools, and participating in regular training can help analysts stay ahead of threats and deliver impactful results.

What is a Contract Vulnerability Analyst?

A Contract Vulnerability Analyst is a cybersecurity professional who is hired on a contractual basis to identify, assess, and report security vulnerabilities within an organization's systems, networks, or applications. Their main role is to help companies find and address security weaknesses before attackers can exploit them. They often use various tools and methodologies to conduct vulnerability assessments, penetration testing, and security audits. Contract Vulnerability Analysts typically work for a set period or on a specific project, providing expert guidance to enhance the organization's security posture.

What is the difference between Contract Vulnerability Analyst vs Security Analyst?

AspectContract Vulnerability AnalystSecurity Analyst
CertificationsCompTIA Security+, CEH, CISSP (preferred)CompTIA Security+, CISSP, CISA
Work EnvironmentContract-based, project-specific roles, often remote or on-siteFull-time, in-house or remote security teams within organizations
Industry UsageIT security firms, consulting companies, tech organizationsCorporate, government, financial institutions
Search & Comparison IntentFocus on vulnerability assessment, penetration testing, security gapsBroader security management, incident response, policy enforcement

The Contract Vulnerability Analyst primarily focuses on identifying and mitigating security vulnerabilities through assessments and testing, often working on a contractual basis. In contrast, a Security Analyst typically handles ongoing security monitoring, incident response, and policy implementation within an organization. While both roles require similar certifications and work in the cybersecurity field, their scope and employment structure differ significantly.

What are the key skills and qualifications needed to thrive as a Contract Vulnerability Analyst, and why are they important?

To thrive as a Contract Vulnerability Analyst, you need a strong background in cybersecurity principles, vulnerability assessment methodologies, and relevant certifications such as CEH or CompTIA Security+. Familiarity with vulnerability scanning tools like Nessus, Qualys, or OpenVAS, as well as experience with common operating systems and network protocols, is typically required. Analytical thinking, attention to detail, and strong communication skills help analysts effectively identify, prioritize, and report vulnerabilities to stakeholders. These skills are crucial for ensuring organizational security and compliance while minimizing risk in dynamic contract-based environments.
More about Contract Vulnerability Analyst jobs
What cities are hiring for Contract Vulnerability Analyst jobs? Cities with the most Contract Vulnerability Analyst job openings:
What are the most commonly searched types of Vulnerability Analyst jobs? The most popular types of Vulnerability Analyst jobs are:
What states have the most Contract Vulnerability Analyst jobs? States with the most job openings for Contract Vulnerability Analyst jobs include:
What job categories do people searching Contract Vulnerability Analyst jobs look for? The top searched job categories for Contract Vulnerability Analyst jobs are:
System Vulnerability Analyst 3

System Vulnerability Analyst 3

iNovex Information Systems

Annapolis, MD โ€ข On-site

$153K - $202K/yr

Full-time

Medical, Dental, Vision, Retirement, PTO

Re-posted 25 days ago


Job description

Job Brief
Vulnerability, exploit, attack
Job Description
Are you VIGILANT about your career? RealmOne definitely is!
RealmOne was built on the principle that people matter first and foremost. We believe in providing a strong work/life balance by investing in our employees and encouraging professional and personal growth. We do this by offering exceptional benefits, flexible schedules, and the tools necessary to achieve success through paid training, mentoring, and the opportunity to work alongside top-notch industry professionals.
Join us on this journey as we execute this mission-critical contract providing high-end analytics and data science services within the REALM of cybersecurity.
Your effort and expertise are crucial to the success and execution of this impactful mission. This opportunity supports a team of Data Scientists, Cryptologic Computer Scientists, Cryptanalytic Computer Scientists, Cryptologic Cyber Planners, Intrusion Analysts, Protocol Analysts, Signals Analysts and Reverse Engineers, responsible for improving, protecting, and defending our Nation's Security.
Job Description:
  • We are looking for a System Vulnerability Analyst to identify vulnerabilities of and attacks to the design and operation of a system (H/W, S/W, personnel, procedures, logistics, and physical security) by relating vulnerabilities and attacks to effects on operations and missions supported by those systems. You will compare and contrast various system attack techniques and develop operationally effective countermeasures. You will also produce formal and informal reports, briefings, and perspectives of actual and potential attacks against the systems or missions being studied.

The Level 3 System Vulnerability Analyst shall possess the following capabilities:
  • The ability to exploit captured media and/or investigate computer security incidents in order to derive useful intelligence and/or enable mitigation of network vulnerabilities.
  • Relevant experience must be in the design/development of computer or information systems, programming, computer/network security, vulnerability analysis, penetration testing, computer forensics, and/or systems engineering.

Qualifications:
  • Doctoral degree with 4 years of relevant experience.
  • Master's degree with 6 years of relevant experience.
  • Bachelor's Degree with 8 years of relevant experience.
  • Associates degree with 10 years of relevant experience.
  • Degree must be in Computer Science or a related field (e.g. General Engineering, Computer Engineering, System Engineering, Mathematics, Computer Forensics, Cyber Security, Information Technology, Information Assurance, and Information Security.
  • Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis Course), Undergraduate Cyber Training (UCT), Network Warfare Bridge Course (NWBC)/Intermediate Network Warfare Training (INWT), Cyber Defense Operations will be considered towards the relevant experience required (i.e. 20-24 weeks course will count as 6 months of experience, 10-14 weeks will count as 3 months or experience).

Certifications Required:
  • Information Assurance Certification may be required.

Position requires active Security Clearance with appropriate Polygraph
Pay Range: 153,000-202,000
The RealmOne pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Our approach to crafting offers considers various factors to establish an equitable and competitive compensation package. These considerations include, but are not limited to, the extent and intricacy of the role's responsibilities, the candidate's educational background, their work experience, and the specific competencies crucial for success in the role.
RealmOne Benefits:
  • Healthcare Coverage + Insurance: Medical: Three (3) rich healthcare options through CareFirst with 100% or majority company-paid premiums. Tax-advantaged health savings account available with generous employer contribution. Dental + Vision: 100% employer-paid for employees and family with buy-up option available.
  • Retirement + Savings: 401K - 10% TOTAL CONTRIBUTION - 5% safe harbor - 5% annual profit share. Immediate vested, no match required!
  • Paid Time Off + More: 4 weeks starting PTO - 11 federal holidays + 2 floating holidays - Paid hours for company-required training.
  • Career Growth + Development: Access to FREE 24/7 learning via Udemy - Opportunities to participate in tech councils, industry initiatives, etc. - $7,500 annual Educational & Professional Development Assistance.
  • MORE BENEFITS...FOR EVERY LIFESTYLE! - Paid parental leave - Adoption assistance - Annual swag drops - Flexible work schedules - -Generous referral bonus program - Employee appreciation + family-friendly corporate events ...and much more.

ABOUT US
  • RealmOne is a mid-sized science and technology company dedicated to solving our customers' toughest mission challenges.
  • Headquartered in Columbia, MD., RealmOne supplies advanced cybersecurity, data science and software engineering services and products to customers in the Government and commercial sectors.
  • RealmOne delivers encompassing mission assurance and critical systems support to government customers across various U.S. locations to include Colorado, Georgia, Hawaii, Texas, Utah, and Virginia.
  • RealmOne has earned numerous awards, including being named a Top Workplace by the Baltimore Sun. With more than 30+ active contracts, 12 of which are prime, RealmOne stands as a premier innovator supporting the Government and Department of Defense, with team members located nationwide.

Disclaimer: Benefits packages offered by RealmOne are subject to variation and may differ based on work location, clearance level, and other eligibility criteria. Specific eligibility, availability, and scope of benefits are not guaranteed, may differ from those generally described, and remain subject to modification at the sole discretion of the company.