1

Vulnerability Engineer Jobs (NOW HIRING)

Aug 3, 2026 Vulnerability Management Engineer Remote $92 / hourly as W2 About the Role Join our Cybersecurity team as a Senior Vulnerability Management Engineer, where you will play a critical role ...

Aug 3, 2026 Vulnerability Management Engineer Remote $92 / hourly as W2 About the Role Join our Cybersecurity team as a Senior Vulnerability Management Engineer, where you will play a critical role ...

As a Vulnerability Automation Engineer, you will design, build, and operate lights-off pipelines that continuously discover assets, assess posture, scan for vulnerabilities, harden configurations ...

Vulnerability Management Engineer Client: ATL - AIM General Location: 55 Trinity Avenue, Suite G700 Atlanta, Georgia 30303-0000 Duration:07+ Months Position Summary The Vulnerability Management ...

next page

Showing results 1-20

Vulnerability Engineer information

See salary details

$39K

$101.8K

$137.5K

How much do vulnerability engineer jobs pay per year?

As of Jul 14, 2026, the average yearly pay for vulnerability engineer in the United States is $101,752.00, according to ZipRecruiter salary data. Most workers in this role earn between $84,000.00 and $116,500.00 per year, depending on experience, location, and employer.

What are some common challenges faced by Vulnerability Engineers when coordinating with development teams to remediate identified vulnerabilities?

One of the primary challenges Vulnerability Engineers encounter is ensuring that development teams prioritize and address vulnerabilities promptly, especially when they have competing project deadlines. Effective communication is essential to explain the risk and potential business impact of each vulnerability in terms that are understandable to non-security professionals. Additionally, aligning remediation efforts with ongoing development cycles and managing false positives can require careful negotiation and collaboration. Building strong relationships and fostering a security-first culture within the organization can significantly ease these challenges.

What is the difference between Vulnerability Engineer vs Security Analyst?

AspectVulnerability EngineerSecurity Analyst
CertificationsOSCP, CISSP, CEHCISSP, Security+
Work EnvironmentFocus on identifying and fixing vulnerabilities in systems and applicationsMonitor security alerts, analyze threats, and respond to incidents
Employer & Industry UsageTech companies, cybersecurity firms, large enterprisesCorporate security teams, government agencies, financial institutions

While both roles focus on cybersecurity, Vulnerability Engineers primarily identify and remediate system vulnerabilities, whereas Security Analysts monitor and respond to security threats. Vulnerability Engineers are more technical and hands-on with system testing, while Security Analysts focus on threat detection and incident response. Both roles are essential for a comprehensive security strategy.

What is a Vulnerability Engineer?

A Vulnerability Engineer is a cybersecurity professional responsible for identifying, assessing, and mitigating security vulnerabilities within an organization's systems, networks, and applications. They use specialized tools to scan for weaknesses, analyze security data, and work with other IT teams to remediate risks. Their goal is to protect sensitive data and ensure compliance with industry regulations by proactively addressing potential security threats.

What are the key skills and qualifications needed to thrive as a Vulnerability Engineer, and why are they important?

To thrive as a Vulnerability Engineer, you need a strong understanding of cybersecurity principles, vulnerability assessment methodologies, and a background in IT or computer science. Familiarity with tools such as Nessus, Qualys, Burp Suite, and relevant certifications like OSCP or CompTIA Security+ are commonly expected. Analytical thinking, attention to detail, and effective communication are crucial soft skills for identifying risks and collaborating with teams. These skills and qualifications are vital to proactively detect, assess, and mitigate security vulnerabilities, protecting organizational assets from cyber threats.
More about Vulnerability Engineer jobs
What states have the most Vulnerability Engineer jobs? States with the most job openings for Vulnerability Engineer jobs include:
Vulnerability Engineering Specialist

Vulnerability Engineering Specialist

RiVidium, Inc

Alexandria, VA • On-site

Full-time

Re-posted 18 days ago


Job description

Full-Time/Part-Time
Full-Time
Description
RiVidium is seeking a Vulnerability Engineering Specialist to support our planned MODES III team supporting Military Community and Family Policy (MC&FP). This role supports IT, Cybersecurity, and Data Operations - Core Operations and helps deliver mission-focused outcomes for service members, families, and related stakeholders. Supports assigned PWS task area; provides subject matter expertise, operational execution, and measurable performance reporting aligned to task objectives. This position is contingent upon contract award.
Key Responsibilities
  • Analyze vulnerabilities, findings, and remediation requirements across supported systems.
  • Coordinate corrective actions, track status, and document progress against remediation priorities.
  • Support scans, assessments, reporting, and follow-through with technical teams.
  • Help maintain a disciplined and measurable remediation process.

Basic Qualifications
  • Bachelor's degree in a relevant discipline or equivalent professional experience.
  • Relevant experience aligned to the role and labor category; openings may be filled at Mid (5-8 yrs), Senior (10-15 yrs).
  • Ability to satisfy applicable Government personnel security requirements for the assigned role. For IT and cybersecurity workforce positions, applicable DoD 8140 training and certification requirements will apply upon award.
  • Strong communication, teamwork, and documentation skills in a mission-focused delivery environment.
  • Experience supporting cybersecurity operations, engineering, compliance, or analysis activities relevant to the role.

Preferred Qualifications
  • Experience with NIST RMF, security controls, vulnerability management, and compliance documentation.
  • Familiarity with eMASS, STIGs, POA&M management, and secure engineering practices.
  • Experience aligning technical execution to DoD cybersecurity and continuous monitoring expectations.

Work Setting
This role is expected to support work in the Alexandria, Virginia area, with on-site support at the DoD Mark Center or other customer-approved locations as required. Hybrid support in the Alexandria, Virginia area is expected, with on-site support as required by the customer.
About the Organization
Established in 2008, RiVidium, Inc. (dba TripleCyber) is a VA-Verified SDVOSB and an SBA-Certified 8(a) company. To prepare our clients for the future, RiVidium has balanced all parts of our organization to attract the finest employees in order to 'Strive to be the missing element defining tomorrow's technology'. RiVidium keeps pace and surpasses its competitors by meeting challenges of advancements in Logistics, Human Capital, Cyber, Intelligence & Technology.
EOE Statement
We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law. If you need a reasonable accommodation for any part of the employment process, please contact Human Resources (HR) at hr@rividium.com.
This position is currently accepting applications.