1

Cyber Security Vulnerability Analyst Jobs (NOW HIRING)

Vulnerability Analyst, Senior

Herndon, VA ยท On-site

$104K - $166K/yr

Oversee analysis of vulnerability outputs (ACAS, Forescout, STIG findings, etc.) to adjudicate risk ... Bachelor's degree in Computer Science, Cybersecurity, Data Science, Information Systems ...

Vulnerability Analyst, Senior

Herndon, VA ยท On-site

$104K - $166K/yr

Oversee analysis of vulnerability outputs (ACAS, Forescout, STIG findings, etc.) to adjudicate risk ... Bachelor's degree in Computer Science, Cybersecurity, Data Science, Information Systems ...

Vulnerability Analyst, Senior

Herndon, VA ยท On-site

$104K - $166K/yr

Oversee analysis of vulnerability outputs (ACAS, Forescout, STIG findings, etc.) to adjudicate risk ... Bachelor's degree in Computer Science, Cybersecurity, Data Science, Information Systems ...

Vulnerability Analyst, Journeyman

Herndon, VA ยท On-site

$80K - $128K/yr

Bachelor's degree in Computer Science, Cybersecurity, Data Science, Information Systems ... Vulnerability Assessment Analyst (Intermediate) Playlist; E3ABR1D731D00BB); OR * Relevant ...

next page

Showing results 1-20

Cyber Security Vulnerability Analyst information

See salary details

$43K

$99.4K

$150K

How much do cyber security vulnerability analyst jobs pay per year?

As of Jul 2, 2026, the average yearly pay for cyber security vulnerability analyst in the United States is $99,400.00, according to ZipRecruiter salary data. Most workers in this role earn between $79,500.00 and $115,500.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Cyber Security Vulnerability Analyst, and why are they important?

To thrive as a Cyber Security Vulnerability Analyst, you need a solid understanding of network security, vulnerability assessment methodologies, and a background in information technology or computer science. Familiarity with tools like Nessus, Qualys, and Metasploit, as well as certifications such as CompTIA Security+ or CEH, is highly beneficial. Strong analytical thinking, attention to detail, and effective communication skills help analysts identify risks and convey findings to both technical and non-technical stakeholders. These skills ensure vulnerabilities are accurately discovered, prioritized, and addressed to protect organizational assets from cyber threats.

What is the difference between Cyber Security Vulnerability Analyst vs Penetration Tester?

AspectCyber Security Vulnerability AnalystPenetration Tester
CertificationsCompTIA Security+, CEH, CISSPOSCP, CEH, GPEN
Work EnvironmentAnalyzes systems for vulnerabilities, reports findingsSimulates attacks to test security defenses
Employer & Industry UsageCommon in IT security teams across various industriesOften hired for security assessments and audits

While both roles focus on cybersecurity, a Cyber Security Vulnerability Analyst primarily identifies and reports vulnerabilities, whereas a Penetration Tester actively exploits weaknesses to test security measures. The analyst's role is more about assessment and documentation, while the tester simulates real-world attacks to evaluate defenses.

What does a Cyber Security Vulnerability Analyst do?

A Cyber Security Vulnerability Analyst is responsible for identifying, assessing, and prioritizing security vulnerabilities in computer systems, networks, and software. They use specialized tools to scan for weaknesses, analyze security risks, and recommend mitigation strategies to protect against cyber threats. Their work is crucial in helping organizations prevent data breaches and maintain strong security postures by proactively addressing potential points of exploitation.

What are some common challenges faced by Cyber Security Vulnerability Analysts when prioritizing vulnerabilities for remediation?

Cyber Security Vulnerability Analysts often face the challenge of balancing limited resources with the need to address a high volume of vulnerabilities. Prioritization must consider factors like the severity of the vulnerability, the criticality of affected systems, and potential business impact. Analysts work closely with IT and development teams to ensure patches and mitigations are deployed effectively, often under tight deadlines and with evolving threat landscapes. Communication and collaboration skills are essential, as conveying risk to non-technical stakeholders is a key part of the role.
More about Cyber Security Vulnerability Analyst jobs
What cities are hiring for Cyber Security Vulnerability Analyst jobs? Cities with the most Cyber Security Vulnerability Analyst job openings:
Infographic showing various Cyber Security Vulnerability Analyst job openings in the United States as of June 2026, with employment types broken down into 40% Full Time, 58% Part Time, and 2% Contract. Highlights an 93% Physical, 3% Hybrid, and 4% Remote job distribution, with an average salary of $99,400 per year, or $47.8 per hour.

Mainframe Vulnerability Analyst (Senior)

A3T (Agil3 Technology Solutions)

Ogden, UT โ€ข On-site

Full-time

Posted 2 days ago


Job description

Job Summary:
Agil3 Technology Solutions (A3T) is a fast-growing firm specializing in IT/Digital Modernization, Cyber Security, NextGen IT, and Emerging Technology services. The Mainframe Vulnerability Analyst serves as a technical specialist for mainframe assets, responsible for identifying and mitigating security vulnerabilities in the mainframe environment and ensuring compliance with security guides.
Responsibilities:
โ€ข Serve as a technical specialist for mainframe assets (e.g., IBM z/OS with ACF2, RACF, or TSS).
โ€ข Review, identify, and report problems with the installation and operation of mainframe systems and potential security vulnerabilities.
โ€ข Identify, monitor, analyze, and report on the status of mainframe vulnerabilities.
โ€ข Assess, audit, and validate compliance with relevant mainframe SRGs and STIGs.
โ€ข Determine the impact and risk of change requests affecting mainframe security.
โ€ข Recommend security countermeasures to mitigate identified mainframe risks.
โ€ข Provide recommendations for vulnerability analysis, deficiency resolution, and secure implementation.
Qualifications:
Required:
โ€ข Bachelor's degree or equivalent work experience.
โ€ข Current DoD 8570/8140 compliant certification.
โ€ข Five or more years of relevant/recent experience with Mainframe IBM z/OS ACF2, RACF, and/or TSS and cybersecurity.
โ€ข Three or more years of relevant/recent experience with Microsoft Office products.
โ€ข Secret security clearance.
Company:
Agil3Tech founding principles bring over 35 years of experience in federal government service, contract administration, Command, Control, Communications, Computers, and Information Management (C4IM), and highly sought after information systems Cyber Security expertise. Founded in 2012, the company is headquartered in Falls Church, USA, with a team of 51-200 employees. The company is currently Growth Stage.