1

Vulnerability Assessment Analyst Jobs (NOW HIRING)

$198K/yr

Vulnerability Assessment Analyst The Opportunity: Join a mission-driven team supporting the Army by delivering reliable, secure, and high-quality cybersecurity services that directly impact readiness ...

Vulnerability Assessment Analyst (Intermediate) Playlist; E3ABR1D731D00BB); OR * Relevant professional certification or equivalent experience (examples: CEH(P); RCCE Level 1; CompTIA Cloud+; CPTE;

next page

Showing results 1-20

Vulnerability Assessment Analyst information

See salary details

$15

$52

$73

How much do vulnerability assessment analyst jobs pay per hour?

As of Jul 3, 2026, the average hourly pay for vulnerability assessment analyst in the United States is $52.16, according to ZipRecruiter salary data. Most workers in this role earn between $38.22 and $62.74 per hour, depending on experience, location, and employer.

What are some common challenges a Vulnerability Assessment Analyst faces when collaborating with other IT teams?

A Vulnerability Assessment Analyst often works closely with network, systems, and application teams to identify and mitigate security risks. One common challenge is effectively communicating technical findings in a way that is understandable and actionable for non-security specialists. Additionally, prioritizing vulnerabilities based on business impact and coordinating remediation efforts across different teams can be complex, especially in large organizations. Building strong relationships and maintaining clear communication channels are key to overcoming these challenges and ensuring timely resolution of security issues.

What is the difference between Vulnerability Assessment Analyst vs Penetration Tester?

AspectVulnerability Assessment AnalystPenetration Tester
CertificationsCompTIA Security+, CEH, CISSP (preferred)OSCP, CEH, GPEN
Work EnvironmentConducts assessments within organizations' security teams, often in office settingsPerforms simulated attacks, often in controlled or client environments
Industry UsageUsed across various industries for identifying security weaknessesMore common in cybersecurity consulting and offensive security roles

While both roles focus on security vulnerabilities, Vulnerability Assessment Analysts primarily identify and report weaknesses, whereas Penetration Testers actively exploit vulnerabilities to test security defenses. The roles often overlap but differ in scope and approach, with Analysts focusing on assessment and reporting, and Penetration Testers on active exploitation.

What does a Vulnerability Assessment Analyst do?

A Vulnerability Assessment Analyst is responsible for identifying, evaluating, and prioritizing security vulnerabilities within an organization’s IT systems and networks. They use specialized tools to scan for weaknesses, analyze the results, and provide actionable recommendations to mitigate risks. Their work helps protect the organization from cyber threats by ensuring that vulnerabilities are addressed before they can be exploited. Additionally, they may assist in developing security policies, conducting penetration tests, and educating staff about security best practices.

What are the key skills and qualifications needed to thrive as a Vulnerability Assessment Analyst, and why are they important?

To thrive as a Vulnerability Assessment Analyst, you need a solid understanding of network security, risk assessment, and vulnerability management, often supported by a degree in cybersecurity or related field. Familiarity with tools like Nessus, Qualys, and Metasploit, as well as certifications such as CompTIA Security+ or CEH, is typically required. Strong analytical thinking, attention to detail, and effective communication skills help analysts identify, report, and explain vulnerabilities to technical and non-technical stakeholders. These qualifications are crucial for proactively identifying security risks and helping organizations protect their information assets from potential threats.
More about Vulnerability Assessment Analyst jobs
What cities are hiring for Vulnerability Assessment Analyst jobs? Cities with the most Vulnerability Assessment Analyst job openings:
What states have the most Vulnerability Assessment Analyst jobs? States with the most job openings for Vulnerability Assessment Analyst jobs include:
What job categories do people searching Vulnerability Assessment Analyst jobs look for? The top searched job categories for Vulnerability Assessment Analyst jobs are:
Infographic showing various Vulnerability Assessment Analyst job openings in the United States as of June 2026, with employment types broken down into 79% Full Time, 17% Part Time, and 4% Contract. Highlights an 94% Physical, 1% Hybrid, and 5% Remote job distribution, with an average salary of $108,489 per year, or $52.2 per hour.
Vulnerability Assessment Analyst

Vulnerability Assessment Analyst

Booz Allen Hamilton

Alexandria, VA • On-site

$86K - $198K/yr

Full-time

Medical, Life, Retirement, PTO

Posted 18 days ago


Booz Allen Hamilton rating

8.8

Company rating: 8.8 out of 10

Based on 47 frontline employees who took The Breakroom Quiz

9th of 58 rated business consultants


Job description

Vulnerability Assessment Analyst

The Opportunity:

Join a missiondriven team supporting the Army by delivering reliable, secure, and highquality cybersecurity services that directly impact readiness and daily operations. You will identify, analyze, and report security vulnerabilities across systems, applications, and networks. You will also perform vulnerability scans and analyze results to identify weaknesses and potential attack vectors.

As you assess the severity and impact of vulnerabilities based on risk frameworks and recommend remediation actions, prepare vulnerability reports, track remediation progress, and maintain accurate records of assessments, your work will directly support the Army's ability to protect communities and respond to national missions.

This opportunity offers meaningful client engagement, technical growth, and the chance to support a highimpact mission in a fastpaced environment where your expertise will make a visible difference every day.

Join us. The world can't wait.

You Have:

  • 5+ years of experience in vulnerability management and analysis

  • Experience working in an environment with SOC operations and cybersecurity engineers

  • Experience with enterprise vulnerability scanning tools, such as Tenable.sc, Nessus, or ACAS

  • Experience generating reports to measure progress in meeting vulnerability remediation targets such as POAMs

  • Knowledge of federal cybersecurity frameworks such as NIST 800-53 controls

  • Knowledge of CVSS, CVE, NVD, and threat intelligence sources

  • Ability to evaluate the risk of all identified vulnerabilities and prepare remediation instructions for system administrators

  • TS/SCI clearance

  • HS diploma or GED

  • Information Security Certification such as CEH, CompTIA Security+, CASP+, or CompTIA Security X Certification

Nice If You Have:

  • Experience working in ARNG, DA, or DoD/DoW environments

  • Possession of excellent verbal and written communication skills

  • Bachelor's degree

  • Advanced Information Security Certification such as CISSP, ISSEP, CISM, or CCSP Certification

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

Compensation

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $86,800.00 to $198,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the hiring process, we will ask you to complete an identity verification process that leverages advanced biometrics and artificial intelligence to ensure authenticity and protect against identity fraud. You are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Candidate AI Usage Policy

AI is a part of our daily work at Booz Allen, and we are committed to the responsible and ethical use of AI tools. However, we want to ensure a fair candidate process based on your own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) or other tools to assist with responses during interviews (whether in-person or virtual) is prohibited unless permission is explicitly provided.

Work Model
Our people-first culture prioritizes the benefits of collaboration, whether it occurs in person or virtually. To support engagement and effective communication, employees working virtually are generally expected to have their cameras on during meetings.

  • Remote: If this position is listed as remote, there may still be occasions when you are required to work in person at a Booz Allen or customer facility.

  • Hybrid: If this position is listed as hybrid, you will be expected to work from a Booz Allen facility frequently, in alignment with leadership expectations and the needs of the role. You may also be required to work from or visit a customer facility.

  • Onsite: If this position is listed as onsite, work will primarily be performed at a Booz Allen office or customer facility, where employees will collaborate directly with colleagues and customers as required by the role.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.


What Booz Allen Hamilton employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Booz Allen Hamilton logo

About Booz Allen Hamilton

Sourced by ZipRecruiter

Booz Allen Hamilton is a leading provider of management and technology consulting services to the US government in defense, intelligence, and civil markets. Headquartered in McLean, Virginia, the firm also serves major corporations, institutions, and not-for-profit organizations. Founded in 1914 by Edwin G. Booz, the company has a long-standing tradition of helping clients achieve success by delivering a wide range of consulting services that include strategic planning, human capital and learning, communication, systems development, and others. The company's mission is to empower people to change the world, and it has a reputation for maintaining the highest standards of integrity and-excellence.

Industry

It services

Company size

10,000+ Employees

Headquarters location

McLean, VA, US

Year founded

1914