Perform regular vulnerability assessments across on-premise and cloud environments. * Analyze scan results to identify false positives and prioritize true findings based on risk. * Develop and ...
Quick apply
Perform regular vulnerability assessments across on-premise and cloud environments. * Analyze scan results to identify false positives and prioritize true findings based on risk. * Develop and ...
Perform regular vulnerability assessments across on-premise and cloud environments. * Analyze scan results to identify false positives and prioritize true findings based on risk. * Develop and ...
Quick apply
Perform regular vulnerability assessments across on-premise and cloud environments. * Analyze scan results to identify false positives and prioritize true findings based on risk. * Develop and ...
Perform regular vulnerability assessments across on-premise and cloud environments. * Analyze scan results to identify false positives and prioritize true findings based on risk. * Develop and ...
Quick apply
Perform regular vulnerability assessments across on-premise and cloud environments. * Analyze scan results to identify false positives and prioritize true findings based on risk. * Develop and ...
Perform regular vulnerability assessments across on-premise and cloud environments. * Analyze scan results to identify false positives and prioritize true findings based on risk. * Develop and ...
Quick apply
Perform regular vulnerability assessments across on-premise and cloud environments. * Analyze scan results to identify false positives and prioritize true findings based on risk. * Develop and ...
Provide threat and vulnerability analysis and security consulting services; * Develop a threat hunting program and capabilities; * Analyze and respond to previously undisclosed software and hardware ...
Provide threat and vulnerability analysis and security consulting services; * Develop a threat hunting program and capabilities; * Analyze and respond to previously undisclosed software and hardware ...
Provide threat and vulnerability analysis and security consulting services; * Develop a threat hunting program and capabilities; * Analyze and respond to previously undisclosed software and hardware ...
Provide threat and vulnerability analysis and security consulting services; * Develop a threat hunting program and capabilities; * Analyze and respond to previously undisclosed software and hardware ...
Cyber Security Analyst II
Gatineau, QC ยท On-site
Review vulnerability assessment results and penetration test reports; assist in prioritizing ... Analyze system specifications to identify potential security gaps, misconfigurations, or ...
Quick apply
Cyber Security Analyst II
Gatineau, QC ยท On-site
Review vulnerability assessment results and penetration test reports; assist in prioritizing ... Analyze system specifications to identify potential security gaps, misconfigurations, or ...
Manage and optimize vulnerability management processes (e.g., Qualys) * Prioritize vulnerabilities ... Expertise in incident analysis (log correlation, investigation) * Risk-based vulnerability and ...
Manage and optimize vulnerability management processes (e.g., Qualys) * Prioritize vulnerabilities ... Expertise in incident analysis (log correlation, investigation) * Risk-based vulnerability and ...
... vulnerability management and incident investigation. Key Responsibilities Monitor and analyze ... security alerts (SIEM, EDR, etc.) Investigate security incidents and identify root causes ...
... vulnerability management and incident investigation. Key Responsibilities Monitor and analyze ... security alerts (SIEM, EDR, etc.) Investigate security incidents and identify root causes ...
Manage and optimize vulnerability management processes (e.g., Qualys) * Prioritize vulnerabilities ... Expertise in incident analysis (log correlation, investigation) * Risk-based vulnerability and ...
Manage and optimize vulnerability management processes (e.g., Qualys) * Prioritize vulnerabilities ... Expertise in incident analysis (log correlation, investigation) * Risk-based vulnerability and ...
Act as a reference person for application security, vulnerability management and DevSecOps ... analysing code, dependencies, infrastructures and containers. * Design and maintain secure CI/CD ...
Act as a reference person for application security, vulnerability management and DevSecOps ... analysing code, dependencies, infrastructures and containers. * Design and maintain secure CI/CD ...
Act as a reference person for application security, vulnerability management and DevSecOps ... analysing code, dependencies, infrastructures and containers. Design and maintain secure CI/CD ...
Act as a reference person for application security, vulnerability management and DevSecOps ... analysing code, dependencies, infrastructures and containers. Design and maintain secure CI/CD ...
Act as a reference person for application security, vulnerability management and DevSecOps ... analysing code, dependencies, infrastructures and containers. * Design and maintain secure CI/CD ...
Act as a reference person for application security, vulnerability management and DevSecOps ... analysing code, dependencies, infrastructures and containers. * Design and maintain secure CI/CD ...
Senior Security Analyst
CA$70 - CA$95/hr
The resource will conduct Security Assessment and Authorization (SA&A) activities, vulnerability and threat analysis, penetration testing, SIEM monitoring, and security compliance reviews. The role ...
Senior Security Analyst
CA$70 - CA$95/hr
The resource will conduct Security Assessment and Authorization (SA&A) activities, vulnerability and threat analysis, penetration testing, SIEM monitoring, and security compliance reviews. The role ...
Senior Security Analyst
CA$70 - CA$95/hr
The resource will conduct Security Assessment and Authorization (SA&A) activities, vulnerability and threat analysis, penetration testing, SIEM monitoring, and security compliance reviews. The role ...
Senior Security Analyst
CA$70 - CA$95/hr
The resource will conduct Security Assessment and Authorization (SA&A) activities, vulnerability and threat analysis, penetration testing, SIEM monitoring, and security compliance reviews. The role ...
... vulnerability & / or configuration management program including dynamically responding to emerging threats in the financial services industry. The role also calls for strong technical analysis and ...
... vulnerability & / or configuration management program including dynamically responding to emerging threats in the financial services industry. The role also calls for strong technical analysis and ...
Cyber Security Risk Analyst
Baie-comeau, QC ยท On-site
Solid understanding of security principles, including security controls, threat modeling, vulnerability management, and incident risk analysis. * Excellent written, verbal, and facilitation skills ...
Cyber Security Risk Analyst
Baie-comeau, QC ยท On-site
Solid understanding of security principles, including security controls, threat modeling, vulnerability management, and incident risk analysis. * Excellent written, verbal, and facilitation skills ...
Cyber Security Risk Analyst
Deschambault, QC ยท On-site
Solid understanding of security principles, including security controls, threat modeling, vulnerability management, and incident risk analysis. * Excellent written, verbal, and facilitation skills ...
Cyber Security Risk Analyst
Deschambault, QC ยท On-site
Solid understanding of security principles, including security controls, threat modeling, vulnerability management, and incident risk analysis. * Excellent written, verbal, and facilitation skills ...
Cyber Security Risk Analyst
Montreal, QC ยท On-site
Solid understanding of security principles, including security controls, threat modeling, vulnerability management, and incident risk analysis. * Excellent written, verbal, and facilitation skills ...
Cyber Security Risk Analyst
Montreal, QC ยท On-site
Solid understanding of security principles, including security controls, threat modeling, vulnerability management, and incident risk analysis. * Excellent written, verbal, and facilitation skills ...
Cyber Security Risk Analyst
Becancour, QC ยท On-site
Solid understanding of security principles, including security controls, threat modeling, vulnerability management, and incident risk analysis. * Excellent written, verbal, and facilitation skills ...
Cyber Security Risk Analyst
Becancour, QC ยท On-site
Solid understanding of security principles, including security controls, threat modeling, vulnerability management, and incident risk analysis. * Excellent written, verbal, and facilitation skills ...
Vulnerability Analyst information
See Quebec salary details
$27.64 - $31.73
4% of jobs
$31.73 - $35.82
6% of jobs
$35.82 - $39.90
11% of jobs
$41.10 is the 25th percentile. Wages below this are outliers.
$39.90 - $43.99
13% of jobs
The median wage is $47.60 / hr.
$43.99 - $48.08
18% of jobs
$48.08 - $52.16
13% of jobs
$54.10 is the 75th percentile. Wages above this are outliers.
$52.16 - $56.25
21% of jobs
$56.25 - $60.34
3% of jobs
$60.34 - $64.42
1% of jobs
$64.42 - $68.51
0% of jobs
$68.51 - $72.60
10% of jobs
$27
$49
$72
How much do vulnerability analyst jobs pay per hour?
As of Jun 28, 2026, the average hourly pay for vulnerability analyst in Quebec is $49.28, according to ZipRecruiter salary data. Most workers in this role earn between $42.55 and $55.29 per hour, depending on experience, location, and employer.
What are the key skills and qualifications needed to thrive in the Vulnerability Analyst position, and why are they important?
To thrive as a Vulnerability Analyst, you need expertise in cybersecurity principles, risk assessment, and vulnerability management, often supported by a degree in information security or a related field. Familiarity with vulnerability scanning tools (such as Nessus, Qualys, or Rapid7), knowledge of operating systems, and certifications like CompTIA Security+ or CEH are commonly required. Strong analytical thinking, attention to detail, and effective communication skills set top candidates apart. These abilities are crucial for accurately identifying system weaknesses and effectively advising teams on how to remediate security threats.
Is SOC 1 entry level?
A SOC 1 (Service Organization Control 1) report is an audit report used to evaluate internal controls at a service organization, not a job role. For vulnerability analysts, entry-level positions typically require basic knowledge of cybersecurity principles, risk assessment, and familiarity with security tools, but SOC 1 itself is not an entry-level role. Entry-level roles in cybersecurity may involve supporting audits or controls but do not directly correspond to SOC 1 as a position.
What are the typical day-to-day responsibilities of a Vulnerability Analyst?
As a Vulnerability Analyst, your daily tasks often include running vulnerability scans, analyzing findings, prioritizing risks based on severity, and working with IT or development teams to coordinate remediation efforts. You will also document your findings, prepare reports for stakeholders, and stay informed about the latest security threats and exploits. Collaboration with other security professionals and IT staff is common, as resolving vulnerabilities often requires cross-functional teamwork. This role requires a balance of technical analysis and effective communication to ensure organizational security posture is continuously improved.
Can you make $500,000 a year in cyber security?
Vulnerability analysts typically earn between $70,000 and $130,000 annually, with top-tier professionals in senior or specialized roles potentially earning over $200,000. Achieving a $500,000 salary usually requires advanced positions such as cybersecurity managers, directors, or consultants with extensive experience, certifications, and leadership responsibilities. High salaries in cybersecurity often depend on industry, location, and individual expertise.
Is 40 too old for cyber security?
A Vulnerability Analyst can be of any age, as cybersecurity values skills, experience, and continuous learning. Many professionals successfully transition into cybersecurity later in their careers by gaining relevant certifications like CISSP or CompTIA Security+ and developing technical expertise. Age is generally not a barrier if you have the necessary skills and a strong understanding of security tools and protocols.
What does a vulnerability analyst do?
A vulnerability analyst identifies, assesses, and prioritizes security weaknesses in computer systems, networks, and applications. They use tools like vulnerability scanners and follow industry standards to recommend remediation strategies, often working closely with IT teams to improve cybersecurity defenses.
What is a Vulnerability Analyst job?
A Vulnerability Analyst is a cybersecurity professional responsible for identifying, assessing, and mitigating security weaknesses in an organization's systems, networks, and applications. They use tools like vulnerability scanners, penetration testing frameworks, and security assessments to identify potential threats. Their role includes analyzing vulnerabilities, prioritizing risks, and working with IT and security teams to implement necessary patches or fixes. They also stay up to date with emerging threats and ensure compliance with security policies and regulations.
What are popular job titles related to Vulnerability Analyst jobs in Quebec? For Vulnerability Analyst jobs in Quebec, the most frequently searched job titles are:
What job categories do people searching Vulnerability Analyst jobs in Quebec look for? The top searched job categories for Vulnerability Analyst jobs in Quebec are:
Full-time
Medical, Dental, Vision, Life, PTO
Posted 3 days ago
Key responsibilities
Operate and maintain vulnerability scanning tools to perform regular assessments across on-premise and cloud environments.
Analyze scan results to identify false positives, prioritize findings based on risk, and develop vulnerability reports for various audiences.
Collaborate with IT teams and application developers to track remediation efforts and provide guidance on vulnerability fixes.
Job description
Summary
The VMaaS Analyst is responsible for supporting the delivery and operation of Vulnerability Management as a Service. This includes identifying, analyzing, prioritizing, and reporting vulnerabilities across client environments or internal systems. The analyst ensures timely remediation and maintains compliance with relevant security frameworks. This role is critical in reducing risk exposure and enhancing the organizationโs overall security posture.
Duties and responsibilities
- Operate and maintain vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7, etc.)
- Perform regular vulnerability assessments across on-premise and cloud environments.
- Analyze scan results to identify false positives and prioritize true findings based on risk.
- Develop and deliver vulnerability reports and dashboards tailored to technical and non-technical audiences.
- Collaborate with system owners, IT teams, and application developers to track remediation efforts and provide guidance on fixes.
- Monitor threat intelligence and CVE feeds to stay current on emerging vulnerabilities.
- Support the tuning of scanning tools to improve detection accuracy and performance.
- Ensure service-level agreements (SLAs) for vulnerability management are met.
- Maintain documentation for processes, playbooks, and customer engagement models.
- Assist in audits and compliance efforts (e.g., PCI-DSS, ISO 27001, NIST CSF).
- Participate in incident response efforts related to newly disclosed or exploited vulnerabilities.
- Contribute to continuous improvement of the VMaaS offering.
Qualifications
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field; or equivalent work experience.
- 2+ years of experience in vulnerability management or cybersecurity operations.
- Hands-on experience with one or more vulnerability management tools (e.g., Tenable.io, Qualys, Rapid7 InsightVM).
- Solid understanding of network protocols, operating systems, and web applications.
- Familiarity with CVSS, NIST NVD, MITRE ATT&CK, and vulnerability scoring.
- Strong analytical, organizational, and problem-solving skills.
- Ability to interpret technical findings and communicate risks effectively.
- Bilingual: English and French in order to respond effectively to our customers and colleagues outside of QC.
- French is mandatory for this position
Preferred:
- Experience with cloud platforms (AWS, Azure, GCP) and their security services.
- Knowledge of patch management and secure configuration practices.
- Certifications such as CompTIA Security+, CEH, OSCP, or GIAC GSEC/GCIH.
- Familiarity with ticketing systems (e.g., ServiceNow, Jira) and SIEM tools (e.g., Splunk).
Why come to GoSecure?
3 weeks vacation, 5 personal days
14 paid statutory Holidays
Collective insurance: health, vision, dental, disability, life, travel
Employee Assistance Program (Dialogue)
RSP and employer matching contribution
Peers recognition program and other bonuses given along the year
Company stock options
GoSecurian perks
Young and dynamic team always looking to be better
and much more!
About GoSecure
Sourced by ZipRecruiter
Industry
Network security
Company size
51 - 200 Employees
Headquarters location
San Diego, CA, US
Year founded
2012