2

Remote Vulnerability Analyst Jobs in Virginia (NOW HIRING)

How you'll make an Impact As a Vulnerability Management Analyst, you support Security Engineers by ... This is a hybrid-remote role with approximately 5% on-site work at client sites throughout the US ...

iOS Vulnerability Researcher

Arlington, VA · Remote

$59.50 - $82/hr

... analysis techniques. * You'll develop Proof-of-Concepts for vulnerabilities identified. * You'll ... This is a remote role so the successful candidate can be based anywhere in the USA, or indeed the ...

Herndon, VA 20171 (Remote) Employment Type: FTE + Benefits Client is supporting the FedRAMP and ... Configuration, Execution and Analysis of vulnerability scans * Ability to interpret and assess ...

FTE + Benefits Remote: 80% (4 days a week) Client supports the FedRAMP and FISMA authorization(s ... Configuration, Execution and Analysis of vulnerability scans * Ability to interpret and assess ...

FTE + Benefits Remote: 80% (4 days a week) Supports the FedRAMP and FISMA authorization(s) of new ... Configuration, Execution and Analysis of vulnerability scans * Ability to interpret and assess ...

FTE + Benefits Remote: 80% (4 days a week) Client supports the FedRAMP and FISMA authorization(s ... Configuration, Execution and Analysis of vulnerability scans * Ability to interpret and assess ...

FTE + Benefits Remote: 80% (4 days a week) Supports the FedRAMP and FISMA authorization(s) of new ... Configuration, Execution and Analysis of vulnerability scans * Ability to interpret and assess ...

Patching Analyst

VA · On-site +1

General information Job Posting Title Patching Analyst Date Tuesday, June 9, 2026 City Remote ... with vulnerability management timelines and documented approvals. - Document rollback and ...

next page

Showing results 1-20

Remote Vulnerability Analyst information

What is a Remote Vulnerability Analyst?

A Remote Vulnerability Analyst is a cybersecurity professional who identifies, assesses, and helps mitigate security vulnerabilities in an organization's digital systems, typically while working from a remote location. They analyze networks, applications, and other IT assets to find weaknesses that could be exploited by cyber attackers. Their responsibilities often include conducting vulnerability scans, reviewing security reports, and collaborating with IT teams to recommend solutions. This role is crucial for proactively protecting sensitive data and ensuring the overall security posture of an organization.

What are the key skills and qualifications needed to thrive as a Remote Vulnerability Analyst, and why are they important?

To thrive as a Remote Vulnerability Analyst, you need a strong understanding of cybersecurity principles, vulnerability assessment methodologies, and relevant security frameworks, typically backed by a degree in cybersecurity or related field. Familiarity with tools such as Nessus, Qualys, Burp Suite, and certifications like CEH or CompTIA Security+ are commonly required. Analytical thinking, attention to detail, and effective remote communication are essential soft skills for success in this position. These skills and qualities are crucial for accurately identifying and mitigating security risks, ensuring the protection of organizational assets in a remote work environment.

What is the difference between Remote Vulnerability Analyst vs Remote Security Analyst?

AspectRemote Vulnerability AnalystRemote Security Analyst
CertificationsCompTIA Security+, CEH, OSCPCompTIA Security+, CISSP, CEH
Work EnvironmentRemote, cybersecurity teams, vulnerability managementRemote, security operations centers, incident response
Industry UsageIT, cybersecurity firms, large enterprisesIT, government, financial institutions

Remote Vulnerability Analysts focus on identifying and assessing security weaknesses in systems, while Remote Security Analysts handle broader security monitoring, incident response, and policy enforcement. Both roles require similar certifications and often work remotely within cybersecurity teams, but their core responsibilities differ in scope and focus.

What are some common challenges faced by Remote Vulnerability Analysts and how can they be addressed?

Remote Vulnerability Analysts often encounter challenges such as maintaining effective communication with on-site teams, staying updated with rapidly evolving security threats, and managing multiple vulnerability assessments simultaneously. To overcome these, it's important to utilize collaborative tools, participate in regular virtual meetings, and stay engaged with industry news and professional development. Building strong relationships with other cybersecurity professionals and leveraging automation tools can also help streamline workflows and ensure timely vulnerability remediation.
What are the most commonly searched types of Vulnerability Analyst jobs in Virginia? The most popular types of Vulnerability Analyst jobs in Virginia are:
What are popular job titles related to Remote Vulnerability Analyst jobs in Virginia? For Remote Vulnerability Analyst jobs in Virginia, the most frequently searched job titles are:
What job categories do people searching Remote Vulnerability Analyst jobs in Virginia look for? The top searched job categories for Remote Vulnerability Analyst jobs in Virginia are:
What cities in Virginia are hiring for Remote Vulnerability Analyst jobs? Cities in Virginia with the most Remote Vulnerability Analyst job openings:
Infographic showing various Remote Vulnerability Analyst job openings in Virginia as of June 2026, with employment types broken down into 73% Full Time, 24% Part Time, and 3% Contract. Highlights an 48% Physical, 3% Hybrid, and 49% Remote job distribution.
Vulnerability Analyst (Remote)

Vulnerability Analyst (Remote)

Oxley Enterprises, Inc.

Stafford, VA • Remote

$90K - $118K/yr

Full-time

Medical, Dental, Vision, Life, Retirement

Posted 3 days ago


Job description

The following states/districts are excluded from this job ad: AK, CA, CO, CT, DC, HI, LA, MA, MN, MO, NE, NV, NH, NJ, NM, NY, ND, OR, PR, RI, VT, WA, WY

Future Need - Actively Interviewing

Location: Remote in any United States jurisdiction not excluded from this job advertisement.

Defend the security posture of a mission-critical Department of Veterans Affairs (VA) cloud platform. As a Vulnerability Analyst, you will conduct continuous vulnerability scanning across hundreds of applications and drive remediation within defined timelines on Amazon Web Services (AWS) GovCloud.

Position Description: The Vulnerability Analyst conducts ad-hoc, prescribed, and recurring vulnerability scans across infrastructure, containers, applications, and code repositories, coordinating remediation with Operations and Engineering teams.

Minimum/General Experience: 5 years of experience in vulnerability management or security scanning

Minimum Education: Bachelor's Degree in cybersecurity, information technology, or related field; CompTIA Security+ or Global Information Assurance Certification (GIAC) Enterprise Vulnerability Assessor (GEVA) (preferred)

Essential Skills/Qualifications:

  • Expert experience conducting ad-hoc, prescribed, and recurring vulnerability scans using Nessus or equivalent scanning tools
  • Expert ability to document and report scan findings in accordance with established processes
  • Excellent experience supporting routine vulnerability scanning of infrastructure, containers, applications, and code repositories
  • Excellent ability to track, report, and ensure remediation of vulnerabilities
  • Excellent knowledge of Continuous Monitoring system security reporting tools
  • Above average ability to support penetration testing, red team activities, and independent security assessments
  • Above average experience validating security control effectiveness through automated testing and configuration validation
  • Experience supporting a federal agency
  • Excellent verbal and written communication skills

General Physical Requirements needed to perform the essential functions of this job may vary based on the location of the assignment.

  • Assignment Location - Remote
  • Sedentary Work - Exerting up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects.
  • Typing, communicating, repetitive motions.
  • Close visual acuity to prepare and analyze data, view computer monitors and read. May need to view presentation screens and other visual aids in a virtual setting.
  • Inside environmental conditions with protection from outside elements.

Security: Active Federal Civilian Public Trust clearance

  • U.S. Citizenship or Permanent Resident that has lived in the United States for at least 3 years

Federal Civilian Public Trust Consists of a review of up to but not limited to:

  • Covers 10 year period and in some instances lifetime events
  • OPM Security Investigations Index (SII)
  • DOD Defense Central Investigations Index (DCII)
  • National Agency Check (NAC) records
  • FBI name check
  • FBI fingerprint check
  • Credit report check
  • Written inquiries to previous employers and references listed on the application for employment
  • Potential interviews with the subject, spouse, neighbors, supervisor, coworkers
  • Law enforcement check
  • Court records check
  • Education check - Attendance and Degrees

Acceptable Credentials

Tasks/activities include, but are not limited to:

  • Conducts ad-hoc, prescribed, and recurring vulnerability scans for platform and all hosted applications
  • Reports scan results to Operations and Engineering team members
  • Conducts patch management, configuration changes, corrective actions, or Plan of Action and Milestones (POA&M) creation
  • Documents and reports scan findings in accordance with VA RMF and POA&M processes including uploading scan results to the appropriate scan repository
  • Performs upkeep of the Continuous Monitoring system security reporting tool and provides high-level reporting to portfolio Information System Owners
  • Ensures routine vulnerability scanning of infrastructure, containers, applications, and code repositories across production, staging, and sandbox environments
  • Tracks, reports, and ensures remediation of vulnerabilities within defined timelines coordinating with Operations and Engineering teams
  • Supports penetration testing, red team activities, and independent security assessments as required
  • Validates security control effectiveness through automated testing, configuration validation, and periodic assessments
  • Contributes vulnerability remediation status summaries to the monthly RMF, security, and Authorization to Operate (ATO) status report

Compensation & Benefits: The annual projected pay range for this position is $90,897 - $118,016 with consideration being given to various factors including but not limited to qualifications, experience, job responsibilities, and geographic location.

Oxley Enterprises, Inc. offers a full array of benefits including:

  • Medical, dental, vision and prescription drug coverage for you and your family.
  • Life Insurance, short-term disability and long-term disability paid for by the Company.
  • Supplemental coverages including Accident, Critical Illness, and Hospital.
  • Additional Life insurance coverage for you and your dependents.
  • 401k plan with various options to select based on your retirement goals.

Oxley Enterprises, Inc. is a certified service-disabled veteran-owned (SDVOSB), veteran-owned (VOSB), and woman-owned small business (WOSB) that has 26 years of experience building and delivering quality IT systems and programs. Oxley is ranked in the INC 5000 7 times (2016, 2017, 2018, 2021, 2023, 2024, 2025). Oxley is a 2019 - 2025 Department of Labor HIRE Vets Medallion Award Winner. Oxley is Virginia Values Veterans certified.

All qualified applicants will receive consideration for employment without regard to any status protected by applicable federal, state, or local law.

If you require a reasonable accommodation to apply for a position at Oxley Enterprises, Inc., please send an email to our Human Resources Department at: careers@oxleyenterprises.com with the following information:

Subject Line: Accommodation Request

Provide a description of your accommodation request

Include your contact information: Full name, Email address, Best number to reach you (optional)

We participate in the E-Verify program. http://www.dhs.gov/E-Verify