1

Vulnerability Jobs (NOW HIRING)

Vulnerability Manager Hybrid role - Birmingham on site 2-3 days per week 65,000 - 75,000 per annum (DOE) 12Month Fixed Term Contract We have an exciting opportunity for a Vulnerability Manager to ...

Vulnerability Researcher

Beavercreek, OH ยท On-site

$99K - $130K/yr

Vulnerability Researcher Why Join Us? * Innovative Projects: KBR's work is at the forefront of engineering, logistics, operations, science, program management, mission IT and cybersecurity solutions.

Vulnerability Researcher

Beavercreek, OH ยท On-site

$99K - $130K/yr

Vulnerability Researcher Why Join Us? * Innovative Projects: KBR's work is at the forefront of engineering, logistics, operations, science, program management, mission IT and cybersecurity solutions.

Vulnerability Assessor Location: Alexandria, VA (Hybrid - Telework with periodic on-site support as required) Clearance: Active Secret Position Overview ASRC Federal is seeking a Vulnerability ...

Vulnerability Analyst

AL ยท On-site +1

$55K - $75K/yr

Vulnerability Assessment and Management * * Conduct regular vulnerability scanning using industry standard tools. * Ingest vulnerability reports for analysis. * Initiate device patching for ...

L.C. is seeking a dedicated Vulnerability Analyst to join their team for a 6-month duration. The role involves ensuring the security and integrity of systems through effective vulnerability ...

Vulnerability Manager Expected Duration: 18 months Location: Hybrid, candidates should be local to the Austin area Responsibilities include (but are not limited to): Review vulnerability and ...

AnaVation is searching for a Vulnerability Manager to assist client leadership with the enterprise vulnerability management program, administering scanning platforms (Tenable and/or Qualys), driving ...

Vulnerability Assessor Location: Alexandria, VA (Hybrid - Telework with periodic on-site support as required) Clearance: Active Secret Position Overview ASRC Federal is seeking a Vulnerability ...

AnaVation is searching for a Vulnerability Manager to assist client leadership with the enterprise vulnerability management program, administering scanning platforms (Tenable and/or Qualys), driving ...

Vulnerability Analyst

Huntsville, AL ยท Remote

$55K - $75K/yr

Vulnerability Assessment and Management * * Conduct regular vulnerability scanning using industry standard tools. * Ingest vulnerability reports for analysis. * Initiate device patching for ...

AnaVation is searching for a Vulnerability Manager to assist client leadership with the enterprise vulnerability management program, administering scanning platforms (Tenable and/or Qualys), driving ...

The Global Vulnerability Management Team is hiring a Vulnerability Analyst . Join a highly talented, dynamic and energetic team that's passionate about attack surface reduction and contributing ...

next page

Showing results 1-20

Vulnerability information

See salary details

$37.5K

$107.9K

$143K

How much do vulnerability jobs pay per year?

As of Jul 16, 2026, the average yearly pay for vulnerability in the United States is $107,902.00, according to ZipRecruiter salary data. Most workers in this role earn between $94,000.00 and $117,500.00 per year, depending on experience, location, and employer.

What are some common challenges faced by professionals working in vulnerability management roles?

Professionals in vulnerability management often face the challenge of keeping up with constantly evolving threats and newly discovered vulnerabilities. Prioritizing which vulnerabilities to address first, especially in large environments with thousands of potential risks, can be demanding. Collaborating with IT, development, and security teams to ensure timely remediation and maintaining clear communication about risk levels are also essential parts of the role. Additionally, balancing the need for quick patching with the risk of disrupting business operations requires careful judgment.

What is the difference between Vulnerability vs Penetration Tester?

AspectVulnerabilityPenetration Tester
Primary FocusIdentifying security weaknesses and vulnerabilities in systemsSimulating cyberattacks to exploit vulnerabilities and test defenses
CertificationsCompTIA Security+, CEH, OSCP (for some roles)OSCP, CEH, GPEN, CISSP (often overlapping)
Work EnvironmentSecurity analysis, vulnerability scanning, reportingActive testing, exploitation, reporting
Industry UsageSecurity assessment, risk managementSecurity testing, red teaming

Vulnerability specialists focus on identifying weaknesses in systems, while penetration testers actively exploit those vulnerabilities to assess security effectiveness. Both roles require similar certifications and work in cybersecurity, but their methods and objectives differ: vulnerability analysts aim to find issues, whereas penetration testers simulate attacks to evaluate defenses.

What are the key skills and qualifications needed to thrive as a Vulnerability Analyst, and why are they important?

To thrive as a Vulnerability Analyst, you need a solid understanding of network security, operating systems, and vulnerability assessment methodologies, typically supported by a degree in cybersecurity or IT and relevant certifications like CompTIA Security+ or CEH. Familiarity with tools such as Nessus, OpenVAS, Metasploit, and vulnerability management platforms is essential. Strong analytical thinking, attention to detail, and effective communication help in identifying risks and explaining findings to diverse stakeholders. These skills ensure timely detection and remediation of security weaknesses, protecting organizations from cyber threats.

What are the 4 types of vulnerabilities?

In cybersecurity, vulnerabilities are typically classified into four main types: technical vulnerabilities, such as software bugs and misconfigurations; operational vulnerabilities, related to processes and procedures; physical vulnerabilities, involving hardware and infrastructure; and human vulnerabilities, which stem from user errors or social engineering. Identifying and addressing these types helps security professionals protect systems effectively.

Can you make $500,000 a year in cyber security?

Vulnerability analysts and cybersecurity professionals can potentially earn $500,000 annually with advanced skills, extensive experience, specialized certifications, and roles in high-paying industries or senior management positions. Achieving this level often requires expertise in areas like penetration testing, security architecture, or executive leadership, along with a strong professional network and ongoing education.

Can you make $200,000 in cyber security?

Vulnerability analysts and cybersecurity professionals can earn $200,000 or more annually, especially with advanced skills, certifications like CISSP or CISA, and experience in high-demand areas such as penetration testing or security architecture. Salaries vary based on location, industry, and level of expertise, with senior roles and managerial positions typically offering higher compensation.

What is a vulnerability specialist?

A vulnerability specialist is a cybersecurity professional who identifies, assesses, and prioritizes security weaknesses in computer systems, networks, and applications. They often use tools like vulnerability scanners and may hold certifications such as CISSP or CEH to perform risk analysis and recommend mitigation strategies.

What are vulnerability analysts?

Vulnerability analysts are cybersecurity professionals who identify, assess, and help remediate security weaknesses in computer systems, networks, and software. They use various tools and techniques to scan for vulnerabilities, analyze threats, and recommend solutions to mitigate risks. Their work is crucial in preventing cyberattacks and ensuring the security of organizational assets. Vulnerability analysts often collaborate with IT and security teams to prioritize and address vulnerabilities based on their potential impact.
More about Vulnerability jobs
What cities are hiring for Vulnerability jobs? Cities with the most Vulnerability job openings:
What are the most commonly searched types of Vulnerability jobs? The most popular types of Vulnerability jobs are:
What states have the most Vulnerability jobs? States with the most job openings for Vulnerability jobs include:
Infographic showing various Vulnerability job openings in the United States as of July 2026, with employment types broken down into 92% Full Time, 4% Part Time, and 4% Contract. Highlights an 80% Physical, 4% Hybrid, and 16% Remote job distribution, with an average salary of $107,902 per year, or $51.9 per hour.
Vulnerability Manager

Vulnerability Manager

Amtis

Birmingham, AL โ€ข Hybrid

Other

Re-posted 9 days ago


Job description

Job Description Vulnerability Manager Hybrid role - Birmingham on site 2-3 days per week 65,000 - 75,000 per annum (DOE) 12Month Fixed Term Contract We have an exciting opportunity for a Vulnerability Manager to join a highperforming Business Change and Technology function on a 12month fixed term salaried contract. Reporting into the Information Security Manager, you will be responsible for managing, maintaining, and continuously improving the vulnerability management programme across a complex enterprise technology estate. This includes the identification, assessment, prioritisation, and remediation tracking of security vulnerabilities across onpremises systems, cloud environments, networks, applications, and endpoint devices.

This role plays a critical part in ensuring the organisation's technology environment remains secure, resilient, and aligned with internal security policies, legal and regulatory requirements, and industry best practice. The Opportunity - Vulnerability Manager Vulnerability Management & Analysis Lead the endtoend vulnerability management lifecycle, including discovery, scanning, validation, prioritisation, reporting, and remediation tracking. Operate and optimise vulnerability scanning platforms (e.g

Microsoft Defender Vulnerability Management, Edgescan, or equivalent). Conduct regular internal and external vulnerability assessments across infrastructure, applications, and cloud environments. Validate and analyse vulnerability data to ensure findings are accurate, contextualised, and relevant to the organisation's operational environment.

Identify and assess critical vulnerabilities and zeroday threats, determining when expedited remediation is required. Assess vulnerability severity based on realworld exploitability, considering threat intelligence, exposure, asset criticality, and compensating controls. Maintain a defensible position on exploitable vs nonexploitable vulnerabilities, clearly documenting risk decisions and rationale.

Assess and articulate business risk based on exploitability, asset value, and threat intelligence. Remediation Coordination Work closely with internal technical teams and thirdparty partners to ensure vulnerabilities are remediated within agreed SLAs and risk tolerances. Develop remediation plans, monitor progress, and escalate highrisk issues where necessary.

Support patch governance activities, ensuring both routine and emergency patching meets security requirements. Security Governance & Compliance Ensure vulnerability management activities align with internal information security policies, standards, and procedures. Support compliance with relevant regulatory and security frameworks (e.g

GDPR, PCI DSS). Produce regular vulnerability risk reports, dashboards, and KPIs for senior stakeholders. Provide evidence and reporting to support audits, penetration tests, and regulatory reviews.

Threat Intelligence & Continuous Improvement Integrate threat intelligence to prioritise remediation of actively exploited or highrisk vulnerabilities. Recommend and drive improvements to tools, processes, automation, and reporting to enhance programme maturity. Stay current with emerging vulnerabilities, zeroday threats, and vendor advisories.

Support incident response activities where vulnerabilities are linked to potential security events. What You'll Bring Proven experience in vulnerability management, cyber security operations, or a related technical security role. Strong handson experience with vulnerability management tooling (e.g

Microsoft Defender Vulnerability Management, Edgescan, or similar). Solid understanding of cloud platforms (Azure), operating systems (Windows, Linux), networking, and enterprise technologies. Strong knowledge of CVSS scoring, exploit analysis, and riskbased prioritisation.

Experience working in large, complex enterprise environments. Familiarity with regulatory and compliance requirements relevant to vulnerability management. Knowledge of SIEM, SOAR, EDR, and associated security tooling.

Strong analytical skills with the ability to translate technical risk into clear, executivelevel reporting. Experience supporting incident response and investigations. Excellent stakeholder management skills, with the confidence to challenge and influence both technical and nontechnical teams.

Strong understanding of patch management processes and operational constraints in businesscritical environments. Able to manage multiple competing priorities and make pragmatic, riskbased decisions. Qualifications Proven handson experience in vulnerability management or cyber security operations.

Demonstrable understanding of security principles, standards, and methodologies. One or more of the following certifications preferred: CISM, CISSP, CEH, CompTIA Security+, CompTIA CySA+, GIAC GVMS


AMTIS logo

About AMTIS

Sourced by ZipRecruiter

Industry

Guided missile and space vehicle manufacturing

Company size

11 - 50 Employees

Headquarters location

Orlando, FL, US

Year founded

2007

Social media