1

Vulnerability Researcher Contractor Jobs (NOW HIRING)

This role serves as the primary point of contact between the Contractor and the Government, with ... vulnerability researchers, and program support staff * Manage all financial and business processes ...

iOS Vulnerability Engineer (Software)

Tysons, VA · On-site

$140K/yr

... Security Researcher, Software Security Analyst, Mobile App Penetration Tester, Cybersecurity ... We are a growing small business and a trusted federal contractor offering full scope consulting ...

iOS Vulnerability Engineer (Software)

Reston, VA · On-site

$145K/yr

... Security Researcher, Software Security Analyst, Mobile App Penetration Tester, Cybersecurity ... We are a growing small business and a trusted federal contractor offering full scope consulting ...

iOS Vulnerability Engineer (Software)

Reston, VA · On-site

$145K/yr

... Security Researcher, Software Security Analyst, Mobile App Penetration Tester, Cybersecurity ... We are a growing small business and a trusted federal contractor offering full scope consulting ...

... Security Researcher, Software Security Analyst, Mobile App Penetration Tester, Cybersecurity ... We are a growing small business and a trusted federal contractor offering full scope consulting ...

next page

Showing results 1-20

Vulnerability Researcher Contractor information

See salary details

$30K

$113.1K

$164.5K

How much do vulnerability researcher contractor jobs pay per year?

As of Jul 10, 2026, the average yearly pay for vulnerability researcher contractor in the United States is $113,102.00, according to ZipRecruiter salary data. Most workers in this role earn between $67,000.00 and $154,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Vulnerability Researcher Contractor, and why are they important?

To thrive as a Vulnerability Researcher Contractor, you need a deep understanding of computer systems, networking, programming languages (such as C/C++, Python), and a strong background in cybersecurity, often supported by relevant degrees or certifications like OSCP or CEH. Familiarity with vulnerability assessment tools (e.g., IDA Pro, Burp Suite, Metasploit), reverse engineering platforms, and bug tracking systems is typically required. Analytical thinking, attention to detail, and effective written communication are vital soft skills in this role. These skills ensure the accurate identification, documentation, and mitigation of security vulnerabilities, which are crucial for protecting organizational assets.

What are the typical collaboration dynamics for a Vulnerability Researcher Contractor within cybersecurity teams?

As a Vulnerability Researcher Contractor, you’ll often work closely with internal security teams, developers, and sometimes external clients to identify, analyze, and document security flaws. Despite being a contractor, you’ll participate in regular team meetings, share findings, and sometimes assist in developing proof-of-concept exploits or remediation guidance. The role requires strong communication skills, as you’ll need to clearly explain technical vulnerabilities to both technical and non-technical stakeholders. Contract positions may also require rapid onboarding and adaptability to different workflows, making flexibility and proactive communication essential.

What does a Vulnerability Researcher Contractor do?

A Vulnerability Researcher Contractor is an information security professional who specializes in identifying, analyzing, and documenting security vulnerabilities in software, systems, or networks. They are often hired on a temporary or project basis to assess the security posture of an organization or specific products. Their responsibilities may include conducting penetration tests, reverse engineering software, developing proof-of-concept exploits, and providing recommendations for mitigating discovered vulnerabilities. Contractors in this role typically work independently or as part of a security team and may present their findings to stakeholders or assist in developing security patches.

What is the difference between Vulnerability Researcher Contractor vs Penetration Tester?

AspectVulnerability Researcher ContractorPenetration Tester
CredentialsCertifications like OSCP, CEH, CISSP often preferredSimilar certifications, often including OSCP, CEH, GPEN
Work EnvironmentResearch-focused, analyzing vulnerabilities in systems and softwarePractical testing, simulating attacks to identify security gaps
Employer & Industry UsageConsulting firms, cybersecurity companies, freelance rolesSecurity firms, internal security teams, consulting roles
Search & Comparison IntentUnderstanding research vs active testing rolesDistinguishing between research and hands-on attack simulation

While both roles involve cybersecurity expertise, Vulnerability Researcher Contractors focus on discovering and analyzing vulnerabilities through research, whereas Penetration Testers actively simulate attacks to evaluate security defenses. Both roles often require similar certifications and work in related environments, but their core activities differ: research versus practical testing.

More about Vulnerability Researcher Contractor jobs
What cities are hiring for Vulnerability Researcher Contractor jobs? Cities with the most Vulnerability Researcher Contractor job openings:
What states have the most Vulnerability Researcher Contractor jobs? States with the most job openings for Vulnerability Researcher Contractor jobs include:
What job categories do people searching Vulnerability Researcher Contractor jobs look for? The top searched job categories for Vulnerability Researcher Contractor jobs are:
Infographic showing various Vulnerability Researcher Contractor job openings in the United States as of July 2026, with employment types broken down into 71% Full Time, 8% Part Time, and 21% Contract. Highlights an 89% Physical, 1% Hybrid, and 10% Remote job distribution, with an average salary of $113,102 per year, or $54.4 per hour.
Firmware-Savvy CNO Developer (TS/SCI w/Poly)

Firmware-Savvy CNO Developer (TS/SCI w/Poly)

Parsons

Annapolis Junction, MD

$125K - $225K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Re-posted 13 days ago


Parsons rating

7.9

Company rating: 7.9 out of 10

Based on 44 frontline employees who took The Breakroom Quiz

158th of 359 rated engineering


Job description

In a world of possibilities, pursue one with endless opportunities. Imagine Next!At Parsons, you can imagine a career where you thrive, work with exceptional people, and be yourself. Guided by our leadership vision of valuing people, embracing agility, and fostering growth, we cultivate an innovative culture that empowers you to achieve your full potential. Unleash your talent and redefine what's possible.

Job Description:

Parsons is seeking a talented Reverse Engineer / Embedded Software Developer who wants to apply and grow their skills on mission-critical work. If you are passionate about reverse engineering (RE), embedded development, and vulnerability research-and you want to work with and learn from leading subject matter experts-this role offers a strong next step in your career.

You will join a high-impact team supporting a critical national security mission. In this role, you will perform hands-on reverse engineering and embedded software development to build capabilities our customer urgently needs. You'll collaborate closely with experienced embedded developers, vulnerability researchers, and RE experts, gaining mentorship while contributing directly to the mission.

What You'll Be Doing:

  • Conduct reverse engineering of embedded systems, binaries, and firmware.
  • Design, develop, and implement embedded software capabilities in C.
  • Apply vulnerability research and CNO skills to discover and implement novel solutions.
  • Work on-site at a contractor facility, fully integrated into a small, expert team.
  • Collaborate with senior subject matter experts and leverage their mentorship to expand your skills.
  • Contribute to efforts that directly enhance national security and protect critical systems.

What Required Skills You'll Bring:

  • 10+ years of professional experience in software engineering, reverse engineering, or vulnerability research (or 3+ years of experience with a Master's degree)
  • Demonstrated experience with reverse engineering (e.g., binaries, firmware, or embedded systems)
  • Strong proficiency in the C programming language
  • Active TS/SCI clearance with polygraph

What Desired Skills You'll Bring:

  • Experience with vulnerability research (e.g., exploit development, fuzzing, or security analysis of embedded systems)
  • Familiarity with common RE tools and environments (e.g., IDA Pro, Ghidra, binary analysis platforms)
  • Experience in CNO or related cybersecurity operations

Security Clearance Requirement:

An active Top Secret SCI w/Polygraph security clearance is required for this position.This position is part of our Federal Solutions team.The Federal Solutions segment delivers resources to our US government customers that ensure the success of missions around the globe. Our intelligent employees drive the state of the art as they provide services and solutions in the areas of defense, security, intelligence, infrastructure, and environmental. We promote a culture of excellence and close-knit teams that take pride in delivering, protecting, and sustaining our nation's most critical assets, from Earth to cyberspace. Throughout the company, our people are anticipating what's next to deliver the solutions our customers need now.Salary Range: $125,100.00 - $225,200.00We value our employees and want our employees to take care of their overall wellbeing, which is why we offer best-in-class benefits such as medical, dental, vision, paid time off, 401(k), life insurance, flexible work schedules, and holidays to fit your busy lifestyle!Parsons is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, veteran status or any other protected status.We truly invest and care about our employee's wellbeing and provide endless growth opportunities as the sky is the limit, so aim for the stars! Imagine next and join the Parsons quest-APPLY TODAY!

Parsons is aware of fraudulent recruitment practices. To learn more about recruitment fraud and how to report it, please refer tohttps://www.parsons.com/fraudulent-recruitment/.


What Parsons employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom