1

Cyber Security Vulnerability Analyst Jobs (NOW HIRING)

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team ... Analyze scan results for false positives, document justifications, and prepare deviation requests ...

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team ... Analyze scan results for false positives, document justifications, and prepare deviation requests ...

A Day in the Life of the The Cyber Security Engineer is responsible for the design, implementation ... Drive root cause analysis, blast radius determination, and implementation of corrective and ...

New

Senior Web Vulnerability Analyst

Fort George G Meade, MD ยท On-site

$92K - $107K/yr

Citizen PD Inc International is seeking an experienced and mission-driven Senior Web Vulnerability Analyst to provide Cybersecurity Management support in a U.S. government (DoD) environment

Apply Early

Vulnerability Analyst, Journeyman

Herndon, VA ยท On-site

$80K - $128K/yr

Bachelor's degree in Computer Science, Cybersecurity, Data Science, Information Systems ... Vulnerability Assessment Analyst (Intermediate) Playlist; E3ABR1D731D00BB); OR * Relevant ...

Vulnerability Analyst, Journeyman

Herndon, VA ยท On-site

$80K - $128K/yr

Bachelor's degree in Computer Science, Cybersecurity, Data Science, Information Systems ... Vulnerability Assessment Analyst (Intermediate) Playlist; E3ABR1D731D00BB); OR * Relevant ...

next page

Showing results 1-20

Cyber Security Vulnerability Analyst information

See salary details

$43K

$99.4K

$150K

How much do cyber security vulnerability analyst jobs pay per year?

As of Jul 2, 2026, the average yearly pay for cyber security vulnerability analyst in the United States is $99,400.00, according to ZipRecruiter salary data. Most workers in this role earn between $79,500.00 and $115,500.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Cyber Security Vulnerability Analyst, and why are they important?

To thrive as a Cyber Security Vulnerability Analyst, you need a solid understanding of network security, vulnerability assessment methodologies, and a background in information technology or computer science. Familiarity with tools like Nessus, Qualys, and Metasploit, as well as certifications such as CompTIA Security+ or CEH, is highly beneficial. Strong analytical thinking, attention to detail, and effective communication skills help analysts identify risks and convey findings to both technical and non-technical stakeholders. These skills ensure vulnerabilities are accurately discovered, prioritized, and addressed to protect organizational assets from cyber threats.

What is the difference between Cyber Security Vulnerability Analyst vs Penetration Tester?

AspectCyber Security Vulnerability AnalystPenetration Tester
CertificationsCompTIA Security+, CEH, CISSPOSCP, CEH, GPEN
Work EnvironmentAnalyzes systems for vulnerabilities, reports findingsSimulates attacks to test security defenses
Employer & Industry UsageCommon in IT security teams across various industriesOften hired for security assessments and audits

While both roles focus on cybersecurity, a Cyber Security Vulnerability Analyst primarily identifies and reports vulnerabilities, whereas a Penetration Tester actively exploits weaknesses to test security measures. The analyst's role is more about assessment and documentation, while the tester simulates real-world attacks to evaluate defenses.

What does a Cyber Security Vulnerability Analyst do?

A Cyber Security Vulnerability Analyst is responsible for identifying, assessing, and prioritizing security vulnerabilities in computer systems, networks, and software. They use specialized tools to scan for weaknesses, analyze security risks, and recommend mitigation strategies to protect against cyber threats. Their work is crucial in helping organizations prevent data breaches and maintain strong security postures by proactively addressing potential points of exploitation.

What are some common challenges faced by Cyber Security Vulnerability Analysts when prioritizing vulnerabilities for remediation?

Cyber Security Vulnerability Analysts often face the challenge of balancing limited resources with the need to address a high volume of vulnerabilities. Prioritization must consider factors like the severity of the vulnerability, the criticality of affected systems, and potential business impact. Analysts work closely with IT and development teams to ensure patches and mitigations are deployed effectively, often under tight deadlines and with evolving threat landscapes. Communication and collaboration skills are essential, as conveying risk to non-technical stakeholders is a key part of the role.
More about Cyber Security Vulnerability Analyst jobs
What cities are hiring for Cyber Security Vulnerability Analyst jobs? Cities with the most Cyber Security Vulnerability Analyst job openings:
Infographic showing various Cyber Security Vulnerability Analyst job openings in the United States as of June 2026, with employment types broken down into 40% Full Time, 58% Part Time, and 2% Contract. Highlights an 93% Physical, 3% Hybrid, and 4% Remote job distribution, with an average salary of $99,400 per year, or $47.8 per hour.
NIH - Vulnerability Analyst

NIH - Vulnerability Analyst

cFocus Software Incorporated

Bethesda, MD โ€ข Remote

Full-time

Posted 2 days ago

Be an early applicant


Job description

cFocus Software seeks a Vulnerability Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
  • Public Trust Clearance
  • B.S. Computer Science, Information Technology, or a related field
  • 7+ years with vulnerability assessments or vulnerability management programs.
  • Experience managing enterprise vulnerability scanning solutions.
  • Experience with penetration testing efforts.
  • Experience supporting Federal cybersecurity programs.
  • Experience with RMF, FISMA, and NIST guidance.
  • Experience developing executive cybersecurity reports.
  • Ability to obtain and maintain NIH suitability/background investigation.

Duties:
  • Direct vulnerability scanning activities across NIH enterprise systems.
  • Develop enterprise vulnerability management strategies.
  • Establish vulnerability assessment priorities based upon risk.
  • Continuously improve enterprise vulnerability management capabilities.
  • Analyze enterprise vulnerability scan results.
  • Perform vulnerability prioritization using risk-based methodologies.
  • Identify critical vulnerabilities requiring immediate remediation.
  • Evaluate exploitability and business impact.
  • Conduct root cause analysis.
  • Validate corrective actions.
  • Track vulnerability trends and recurring issues.
  • Coordinating remediation efforts with System Owners.
  • Tracking remediation progress.
  • Monitoring SLA compliance.
  • Escalating critical vulnerabilities within required timeframes.
  • Validating remediation completion.
  • Supporting risk acceptance processes.
  • Reducing enterprise cybersecurity risk.
  • Monitoring aging vulnerabilities.

Powered by JazzHR

Bg6O1HbTCN