1

Vulnerability Management Analyst Jobs (NOW HIRING)

Title: Vulnerability Management Analyst Work Location: Remote - USA Pay: $70-$85/ hour on W2 Must haves: 3 plus years'experience in vulnerability management-Qualys or Tenable or Nessus The ...

LanceSoft, Inc. is seeking a Vulnerability Management Analyst to support enterprise vulnerability operations. The role involves validating findings, assessing risk, coordinating remediation, and ...

The Air Force, Space and Intelligence Business Group of SAIC is seeking a Vulnerability Management Analyst to support a transformational infrastructure program for DCSA. SAIC is proud to be ...

Vulnerability Management Analyst

Quantico, VA ยท On-site

$80K - $120K/yr

The Air Force, Space and Intelligence Business Group of SAIC is seeking a Vulnerability Management Analyst to support a transformational infrastructure program for DCSA. SAIC is proud to be ...

Vulnerability Management Analyst

Quantico, VA ยท On-site

$80K - $120K/yr

The Air Force, Space and Intelligence Business Group of SAIC is seeking a Vulnerability Management Analyst to support a transformational infrastructure program for DCSA. SAIC is proud to be ...

We are seeking a Vulnerability Management Analyst (Tenable/Nessus & Metrics ) to support vulnerability tracking, remediation coordination, and security metrics reporting in a federal technology ...

How you'll make an Impact As a Vulnerability Management Analyst, you support Security Engineers by executing approved security remediation tasks, performing manual configuration updates, and ...

next page

Showing results 1-20

Vulnerability Management Analyst information

See salary details

$70K

$124.2K

$174.5K

How much do vulnerability management analyst jobs pay per year?

As of Jul 3, 2026, the average yearly pay for vulnerability management analyst in the United States is $124,243.00, according to ZipRecruiter salary data. Most workers in this role earn between $83,000.00 and $164,000.00 per year, depending on experience, location, and employer.

What is a Vulnerability Management Analyst job?

A Vulnerability Management Analyst is responsible for identifying, assessing, and mitigating security vulnerabilities within an organization's IT infrastructure. They use scanning tools, analyze threat data, and collaborate with teams to prioritize and remediate risks. Their role is crucial in maintaining cybersecurity by ensuring systems are patched and configured securely. Additionally, they may develop reports and provide recommendations to improve security posture. This position requires knowledge of security frameworks, risk assessment, and vulnerability management tools.

What are some typical daily responsibilities for a Vulnerability Management Analyst?

On a typical day, a Vulnerability Management Analyst reviews system scans, analyzes reports for potential vulnerabilities, and works with IT or security teams to prioritize remediation efforts. They may also track the status of vulnerabilities, ensure timely patch application, and help develop or update security policies. Collaboration with various departments is common to coordinate testing, remediation, and communicate risk summary findings. This role requires keeping up with emerging threats and sometimes participating in security audits or compliance reviews, making it both dynamic and integral to the organization's overall cybersecurity posture.

What are the key skills and qualifications needed to thrive in the Vulnerability Management Analyst position, and why are they important?

A Vulnerability Management Analyst requires a strong background in cybersecurity principles, risk assessment, and IT networking, often supported by a relevant degree or certifications like CompTIA Security+, CISSP, or CEH. Experience with vulnerability scanning tools (such as Nessus, Qualys, or Rapid7) and familiarity with ticketing systems or SIEM platforms is essential. Strong analytical skills, attention to detail, effective communication, and the ability to work collaboratively help individuals succeed in this role. These capabilities are vital to proactively identify, assess, and mitigate security vulnerabilities, ensuring the organization's digital assets remain secure and compliant.

More about Vulnerability Management Analyst jobs
What cities are hiring for Vulnerability Management Analyst jobs? Cities with the most Vulnerability Management Analyst job openings:
What are the most commonly searched types of Vulnerability Management Analyst jobs? The most popular types of Vulnerability Management Analyst jobs are:
What states have the most Vulnerability Management Analyst jobs? States with the most job openings for Vulnerability Management Analyst jobs include:
Infographic showing various Vulnerability Management Analyst job openings in the United States as of June 2026, with employment types broken down into 33% Full Time, and 67% Contract. Highlights an 81% Physical, 7% Hybrid, and 12% Remote job distribution, with an average salary of $124,243 per year, or $59.7 per hour.
Vulnerability Management Analyst

Vulnerability Management Analyst

Lancesoft

Chicago, IL โ€ข On-site

$70 - $90/hr

Full-time

Posted 3 days ago


Job description


Title: Vulnerability Management Analyst
Work Location: Remote - USA
Pay: $70-$85/ hour on W2
Must haves: 3 plus years'experience in vulnerability management-Qualys or Tenable or Nessus
The Vulnerability Management Analyst supports enterprise vulnerability operations by validating findings, assessing risk, coordinating remediation, and helping drive timely reduction of security exposure and risk across infrastructure, cloud, container, application, endpoint, and externally facing environments. This role requires strong analytical judgment, operational follow-through, and the ability to translate large volumes of vulnerability data into clear, actionable guidance for technical and non-technical stakeholders.
Key Responsibilities:
  • Validate and triage vulnerability findings from internal scans, external scans, attack surface management sources, and threat intelligence, including scope validation, ownership attribution, and exposure assessment.
  • Assess severity, exploitability, exposure, business impact, compensating controls, and residual risk to support risk-based prioritization across infrastructure, cloud, container, endpoint, network, and externally exposed environments.
  • Engage technology stakeholders and remediation owners throughout the vulnerability lifecycle, from identification and owner routing through remediation treatment, progress tracking, closure validation, and risk-based escalation.
  • Support rapid response for vulnerability threat intelligence escalations and PatchNow Critical events through scope analysis, owner routing, remediation treatment, tracking, and closure verification.
  • Work with vulnerability management, scanning, reporting, external exposure, and risk prioritization tools to validate data, investigate discrepancies, confirm asset context, and compress operational response times.
  • Identify recurring risk patterns, workflow friction, and data quality issues;recommend practical improvements to processes, tooling, automation, and reporting that improve remediation outcomes and operational consistency.
Required Qualifications:
  • 3+ years of demonstrated experience in vulnerability management in enterprise class environments.
  • Experience with vulnerability management across cloud and container environments and supporting enterprise tools.
  • Strong understanding of vulnerability management lifecycle activities, including identification, validation, prioritization, remediation coordination, risk treatment awareness, and closure verification.
  • Experience working with large datasets, vulnerability reports, asset information, and operational metrics to identify trends, discrepancies, and actionable insights.
  • Strong written and verbal communication skills, with the ability to translate technical vulnerability findings into clear remediation guidance, risk summaries, and prioritization recommendations for technical and non-technical stakeholders.
  • Working knowledge of common enterprise technology environments, including servers, endpoints, network infrastructure, cloud platforms, containerized workloads, and container image lifecycle management.

Preferred Qualifications:
  • Experience in financial services, regulated environments, or organizations with formal technology risk, audit, compliance, and vulnerability management regulatory requirements (PCI DSS, FFIEC).
  • Scripting, automation, API, and data analysis experience using tools or languages such as Python, PowerShell, VBA, Power Query, SQL, R, or similar.
  • Experience with business intelligence, reporting, or analytics tools such as Power BI and Excel for validating reports, analyzing trends, and communicating actionable insights.
  • Practical familiarity with AI-enabled productivity or analysis tools, coding assistants, prompt-based workflows, or tool orchestration in a professional setting.
  • Relevant security or technology certifications such as Security+, CySA+, CISSP, cloud security certifications, vulnerability management vendor certifications, or equivalent practical experience.
Tools and Environment (Preferred):
  • Vulnerability management and scanning platforms such as Qualys, Wiz, or comparable enterprise vulnerability management tools.
  • External attack surface management tools, exposure monitoring platforms, and internet-facing asset discovery workflows.
  • Cloud and container environments, including AWS, Azure, GCP, Kubernetes, container image lifecycle management, and cloud workload security fundamentals.

Meet Your Recruiter
Nishant Kumar

LanceSoft logo

About LanceSoft

Sourced by ZipRecruiter

Established in 2000, LanceSoft is a Certified MBE and Woman-Owned organization. Lancesoft Inc. is one of the highest rated companies in the industry. We have been recognized as one of the Largest Staffing firms and ranked in the top 50 fastest Growing Healthcare Staffing firms in 2022. Lancesoft offers short- and long-term contracts, permanent placements, and travel opportunities to credentialed and experienced professionals throughout the United States. We pride ourselves on having industry leading benefits. We understand the importance of partnering with an expert who values your needs, which is why we're 100% committed to finding you an assignment that best matches your career and lifestyle goals. Our team of experienced career specialists takes the time to understand your needs and match you with the right job Lancesoft has been chosen by Staffing Industry Analysts as one of the Best Staffing Firms to Work for.LanceSoft specializes in providing Registered Nurses, Nurse Practitioners, LPNs/LVNs, Social Workers, Medical Assistants, and Certified Nursing Assistants to work in Acute Care Centers, Skilled Nursing Facilities, Long-Term Care centers, Rehab Facilities, Behavioral Health Centers, Drug & Alcohol Facilities, Home Health & Community Health, Urgent Care Clinics, and many other provider-based facilities.

Industry

Recruiting and staffing services

Company size

1,001 - 5,000 Employees

Headquarters location

Herndon, VA, US

Year founded

2000

Social media