2

Remote Vulnerability Research Jobs in Reston, VA

NLM Cloud Engineer I

Bethesda, MD ยท Remote

$59.50 - $79.50/hr

... research. We are looking for a Cloud Engineer I to work within the National Library of Medicine ... Familiarity with vulnerability scanning and penetration testing tools, including Tenable, Prowler ...

NLM Cloud Engineer III

Bethesda, MD ยท Remote

$59.50 - $79.50/hr

Experience with vulnerability scanning and penetration testing tools such as Tenable, Prowler ... Deliver day-to-day cloud operations support, including secure remote access, administration of ...

Conduct technical demonstrations for iOS and Android researchers, showing how virtualized ARM ... Proficiency in configuring and securing remote authentication via SSH keys, file transfers, and ...

AI Red Teamer, Cyber

Washington, DC ยท Remote

$100K - $120K/yr

Collaborate with engineers, researchers, and subject-matter experts to improve system security ... Strong understanding of cybersecurity principles, attack methodologies, and common vulnerability ...

... researching information security standards, conducting system security and vulnerability analyses ... Telework, Remote Access, and Bring Your Own Device (BYOD) Security NIST Privacy Framework ...

Ability to conduct security analysis, vulnerability assessments, and incident response activities ... Must have the ability and desire to research and develop creative solutions to unique problems with ...

next page

Showing results 1-20

Remote Vulnerability Research information

See Reston, VA salary details

$38.5K

$110.3K

$148.3K

How much do remote vulnerability research jobs pay per year?

As of Jul 7, 2026, the average yearly pay for remote vulnerability research in Reston, VA is $110,291.00, according to ZipRecruiter salary data. Most workers in this role earn between $108,200.00 and $108,200.00 per year, depending on experience, location, and employer.

What is the difference between Remote Vulnerability Research vs Penetration Tester?

AspectRemote Vulnerability ResearchPenetration Tester
CredentialsCertifications like OSCP, CEH often preferredSimilar certifications, often including OSCP, CEH, or GPEN
Work EnvironmentPrimarily remote, focused on analyzing vulnerabilities in systemsRemote or on-site, performing simulated attacks to test security
Industry UsageUsed in cybersecurity research, bug bounty programs, security assessmentsCommonly hired by organizations for security testing and audits

Remote Vulnerability Researchers analyze and identify security flaws remotely, focusing on discovering vulnerabilities. Penetration Testers simulate attacks to evaluate security defenses. While both roles require similar skills and certifications, vulnerability research emphasizes analysis, whereas penetration testing involves active exploitation. Both are vital in cybersecurity but serve different purposes in security assessments.

What are some common challenges faced by remote vulnerability researchers, and how can they be addressed?

Remote vulnerability researchers often encounter challenges such as staying up-to-date with rapidly evolving security threats, maintaining effective communication with distributed teams, and managing access to secure testing environments. To address these, it's important to participate in regular knowledge-sharing sessions, use secure communication tools, and follow strict protocols for remote access. Setting clear expectations with the team and leveraging collaborative platforms also help ensure productivity and data integrity while working remotely.

What are the key skills and qualifications needed to thrive as a Remote Vulnerability Researcher, and why are they important?

To excel as a Remote Vulnerability Researcher, you need a strong background in cybersecurity, programming, and network protocols, often supported by a degree in computer science or related certifications like OSCP or CEH. Proficiency with tools such as IDA Pro, Ghidra, Burp Suite, and familiarity with operating systems and exploit frameworks is essential. Critical thinking, problem-solving, and effective written communication are vital soft skills in this role. These competencies enable you to identify, analyze, and report security vulnerabilities efficiently, helping organizations strengthen their defenses against cyber threats.

What is a Remote Vulnerability Researcher?

A Remote Vulnerability Researcher is a cybersecurity professional who specializes in identifying, analyzing, and reporting security vulnerabilities in software, hardware, and network systems from a remote location. Their work often involves reverse engineering, penetration testing, and staying current with emerging threats. These researchers help organizations strengthen their defenses by discovering flaws before malicious actors can exploit them. Many work for security firms, bug bounty programs, or as independent consultants. The remote aspect allows them to collaborate with global teams or clients without being onsite.
What are popular job titles related to Remote Vulnerability Research jobs in Reston, VA? For Remote Vulnerability Research jobs in Reston, VA, the most frequently searched job titles are:
What job categories do people searching Remote Vulnerability Research jobs in Reston, VA look for? The top searched job categories for Remote Vulnerability Research jobs in Reston, VA are:
What cities near Reston, VA are hiring for Remote Vulnerability Research jobs? Cities near Reston, VA with the most Remote Vulnerability Research job openings:
Infographic showing various Remote Vulnerability Research job openings in Reston, VA as of July 2026, with employment types broken down into 94% Full Time, and 6% Contract. Highlights an 100% Remote job distribution, with an average salary of $110,291 per year, or $53 per hour.
NLM Cloud Engineer I

NLM Cloud Engineer I

Lexical Intelligence LLC

Bethesda, MD โ€ข Remote

$59.50 - $79.50/hr

Full-time

Medical, Dental, Life, Retirement, PTO

Posted 9 days ago


Job description

Cloud Engineer I


Lexical Intelligence provides software and services related to processing large-scale biomedical information sources. Our Natural Language Processing (NLP) and analytics software is used by policy and decision makers to evaluate and prioritize current and emerging areas of research.


We are looking for a Cloud Engineer I to work within the National Library of Medicine (NLM), Lister Hill National Center for Biomedical Communications (LHNCBC), Bethesda, MD. The Cloud Engineer I will have experience in cloud infrastructure administration, DevOps engineering, and cybersecurity compliance. The Cloud Engineer I will have a firm understanding of cloud computing platforms, CI/CD pipelines, containerization technologies, and Federal Information Security Modernization Act (FISMA) requirements. The Cloud Engineer I shall be able to work well within a team of multidisciplinary professionals spanning software development, data science, biomedical informatics, and IT operations. The selected applicant will be subject to a pre-employment background and reference check.


Required Qualifications

  • 2-4 years of relevant cloud engineering or DevOps experience
  • Bachelor's degree or other degree(s) in Computer Science, Information Technology, Engineering, or related fields
  • Hands-on experience with cloud platforms (Google Cloud, AWS, and/or Azure) in IaaS, PaaS, and SaaS configurations
  • Proficiency with CI/CD tools such as GitLab, GitHub, Nexus, or equivalent platforms
  • Experience with containerization and orchestration tools, including Docker, Kubernetes, Anthos, and/or OpenShift
  • Working knowledge of Infrastructure as Code (IaC) tools such as Terraform, Ansible, Puppet, and/or AWS CDK
  • Familiarity with FISMA compliance requirements and federal cybersecurity frameworks (NIST SP 800-53, NIST SP 800-171)
  • Experience with version control systems such as Bitbucket and/or GitLab
  • Strong written and oral communication skills; ability to convey technical concepts in plain language

Preferred Qualifications

  • Experience with monitoring and logging tools such as EFK stack, Prometheus, and/or Grafana
  • Familiarity with vulnerability scanning and penetration testing tools, including Tenable, Prowler, Netsparker, Checkmark, and/or OWASP
  • Experience supporting Authority to Operate (ATO) processes and developing System Security Plans (SSPs)
  • Knowledge of Identity and Access Management (IAM) and cloud account administration in commercial cloud environments
  • Experience with distributed computing systems and batch queuing software, including open-source map/reduce frameworks (e.g., Hadoop)
  • Familiarity with database technologies such as RDS, MySQL, MongoDB, MS SQL, PostgreSQL, and/or Elasticsearch
  • Experience with ticketing and documentation systems such as JIRA, ServiceNow, and/or Confluence Wiki
  • Knowledge of FedRAMP requirements and secure remote access administration
  • Prior experience supporting NIH, HHS, or other federal government IT environments
  • Relevant certifications such as AWS Certified Solutions Architect, Google Cloud Professional, Microsoft Azure Administrator, or CompTIA Security+

Responsibilities

  • Recommend, deploy, and manage version control systems; support NLM's use of Bitbucket, GitLab, and other platforms as needed
  • Implement and administer CI/CD pipelines for all approved development frameworks at NLM, utilizing tools such as GitLab, GitHub, TeamSite, Nexus, Kubernetes, Ansible, and Terraform
  • Recommend and configure Infrastructure as Code (IaC) tools to support scalable, repeatable deployments
  • Implement, administer, and support cross-datacenter deployments using Docker and other containerization tools
  • Set up, administer, and maintain elastic and cost-efficient container orchestration environments using Kubernetes, Anthos, and/or OpenShift
  • Provide monitoring and logging capabilities to collect, store, and analyze data on application performance and infrastructure availability using EFK stack, Prometheus, Grafana, and other tools
  • Recommend and configure vulnerability scanners and penetration testing tools; conduct ongoing vulnerability assessments and threat identification using Tenable, Prowler, Netsparker, Checkmark, and OWASP
  • Provide day-to-day cloud operations support, including secure remote access administration, compute and cost model analysis, and implementation of selected cloud solutions
  • Support cybersecurity and risk management activities across NLM enterprise systems, including application, network, system, and database security; resolve identified software, firmware, system, and hardware vulnerabilities within prescribed timeframes
  • Assist the Government in creating, developing, and maintaining Authority to Operate (ATO) documentation and System Security Plans (SSPs) on an annual basis and as needed
  • Track and manage current known vulnerabilities using Tenable Security Center
  • Provide technical support for systems and database design; coordinate and implement open-source software such as Apache server services
  • Administer, configure, and maintain distributed computing systems using batch queuing software and open-source map/reduce frameworks
  • Provide customer service to internal and external staff; resolve issues in a highly technical environment through clear communication, administer user accounts, monitor system performance, and track problem reports through JIRA, ServiceNow, and/or equivalent ticketing systems
  • Create and maintain technical documentation using Confluence Wiki and other tools
  • Support cloud development and cloud computing infrastructure for production web services, high-performance computing, and high-throughput processing environments; administer commercial cloud accounts through IAM and monitor cloud resource utilization efficiency
  • Assist in implementing, maintaining, and executing computer security practices in accordance with Government FISMA policies, including firewalls, intrusion detection, secure computing environments, and disaster recovery
  • Provide technical support and guidance to development teams for migration to and utilization of the DevOps platform
  • Ensure compliance with organizational security and privacy policies, protect sensitive data and systems, report security incidents within required timeframes (no later than one hour of discovery), and participate in required annual cybersecurity and privacy training per HHS/NIH requirements
  • Implement secure coding best practices as directed by US-CERT standards and OWASP guidelines


Salary and Benefits

We offer a competitive salary and a generous benefits package, including at no cost: full health and dental for you and your dependents, retirement and HSA accounts, short- and long-term disability insurance, life and accident insurance, paid time off, and 11 federal holidays.


Location

Bethesda, MD


Equal Employment Opportunity Policy

Lexical Intelligence, LLC, provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.


This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.


Lexical Intelligence, LLC | 2001 Veirs Mill Rd #546 | Rockville, MD 20851