ZipRecruiter

Log In

1

Vulnerability Jobs in Virginia (NOW HIRING)

asrcfh

Vulnerability Assessor

Alexandria, VA ยท Hybrid

Vulnerability Assessor Location: Alexandria, VA (Hybrid - Telework with periodic on-site support as required) Clearance: Active Secret Position Overview ASRC Federal is seeking a Vulnerability ...

asrcfh

Vulnerability Assessor

Alexandria, VA ยท Hybrid

Vulnerability Assessor Location: Alexandria, VA (Hybrid - Telework with periodic on-site support as required) Clearance: Active Secret Position Overview ASRC Federal is seeking a Vulnerability ...

REDLattice

Vulnerability Researcher

Chantilly, VA ยท On-site

Our teams lead advanced vulnerability analysis and develop tailored cyber solutions to meet the demands of rapidly evolving mission space. With offices in Northern Virginia, Melbourne, Florida, Tel ...

DANE LLC

Vulnerability Management Analyst

Chantilly, VA ยท Hybrid

$70K - $85K/yr

We are seeking a Vulnerability Management Analyst (Tenable/Nessus & Metrics ) to support vulnerability tracking, remediation coordination, and security metrics reporting in a federal technology ...

Peraton

Vulnerability Analyst, Senior

Herndon, VA ยท On-site

$104K - $166K/yr

Establish and govern enterprise vulnerability management strategy: scanning methodologies, validation protocols, and assessment standards aligned with RMF, DoD, and Army requirements. * Oversee ...

Peraton

Vulnerability Analyst, Senior

Herndon, VA

$104K - $166K/yr

Establish and govern enterprise vulnerability management strategy: scanning methodologies, validation protocols, and assessment standards aligned with RMF, DoD, and Army requirements. * Oversee ...

Peraton

Vulnerability Analyst, Senior

Herndon, VA ยท On-site

$104K - $166K/yr

Establish and govern enterprise vulnerability management strategy: scanning methodologies, validation protocols, and assessment standards aligned with RMF, DoD, and Army requirements. * Oversee ...

Peraton

Vulnerability Analyst, Journeyman

Herndon, VA

$80K - $128K/yr

Execute vulnerability scans (ACAS, Forescout, Nessus, etc.), review results, and validate findings to identify weaknesses across systems, networks, cloud services, and applications. * Confirm ...

REDLattice

Mobile Vulnerability Researcher

Chantilly, VA ยท On-site

Our teams lead advanced vulnerability analysis and develop tailored cyber solutions to meet the demands of rapidly evolving mission space. With offices in Northern Virginia, Melbourne, Florida, Tel ...

Peraton

Vulnerability Analyst, Journeyman

Herndon, VA

$80K - $128K/yr

Execute vulnerability scans (ACAS, Forescout, Nessus, etc.), review results, and validate findings to identify weaknesses across systems, networks, cloud services, and applications. * Confirm ...

Peraton

Vulnerability Analyst, Journeyman

Herndon, VA ยท On-site

$80K - $128K/yr

Execute vulnerability scans (ACAS, Forescout, Nessus, etc.), review results, and validate findings to identify weaknesses across systems, networks, cloud services, and applications. * Confirm ...

next page

Showing results 1-20

All JobsVulnerability JobsVulnerability Jobs in Virginia

Vulnerability information

See Virginia salary details

$37.2K

$107K

$141.8K

How much do vulnerability jobs pay per year?

As of Jun 28, 2026, the average yearly pay for vulnerability in Virginia is $106,977.00, according to ZipRecruiter salary data. Most workers in this role earn between $93,200.00 and $116,500.00 per year, depending on experience, location, and employer.

What are some common challenges faced by professionals working in vulnerability management roles?

Professionals in vulnerability management often face the challenge of keeping up with constantly evolving threats and newly discovered vulnerabilities. Prioritizing which vulnerabilities to address first, especially in large environments with thousands of potential risks, can be demanding. Collaborating with IT, development, and security teams to ensure timely remediation and maintaining clear communication about risk levels are also essential parts of the role. Additionally, balancing the need for quick patching with the risk of disrupting business operations requires careful judgment.

What is the difference between Vulnerability vs Penetration Tester?

AspectVulnerabilityPenetration Tester
Primary FocusIdentifying security weaknesses and vulnerabilities in systemsSimulating cyberattacks to exploit vulnerabilities and test defenses
CertificationsCompTIA Security+, CEH, OSCP (for some roles)OSCP, CEH, GPEN, CISSP (often overlapping)
Work EnvironmentSecurity analysis, vulnerability scanning, reportingActive testing, exploitation, reporting
Industry UsageSecurity assessment, risk managementSecurity testing, red teaming

Vulnerability specialists focus on identifying weaknesses in systems, while penetration testers actively exploit those vulnerabilities to assess security effectiveness. Both roles require similar certifications and work in cybersecurity, but their methods and objectives differ: vulnerability analysts aim to find issues, whereas penetration testers simulate attacks to evaluate defenses.

What are the key skills and qualifications needed to thrive as a Vulnerability Analyst, and why are they important?

To thrive as a Vulnerability Analyst, you need a solid understanding of network security, operating systems, and vulnerability assessment methodologies, typically supported by a degree in cybersecurity or IT and relevant certifications like CompTIA Security+ or CEH. Familiarity with tools such as Nessus, OpenVAS, Metasploit, and vulnerability management platforms is essential. Strong analytical thinking, attention to detail, and effective communication help in identifying risks and explaining findings to diverse stakeholders. These skills ensure timely detection and remediation of security weaknesses, protecting organizations from cyber threats.

What are vulnerability analysts?

Vulnerability analysts are cybersecurity professionals who identify, assess, and help remediate security weaknesses in computer systems, networks, and software. They use various tools and techniques to scan for vulnerabilities, analyze threats, and recommend solutions to mitigate risks. Their work is crucial in preventing cyberattacks and ensuring the security of organizational assets. Vulnerability analysts often collaborate with IT and security teams to prioritize and address vulnerabilities based on their potential impact.
What are the most commonly searched types of Vulnerability jobs in Virginia? The most popular types of Vulnerability jobs in Virginia are:
What are popular job titles related to Vulnerability jobs in Virginia? For Vulnerability jobs in Virginia, the most frequently searched job titles are:
What job categories do people searching Vulnerability jobs in Virginia look for? The top searched job categories for Vulnerability jobs in Virginia are:
What cities in Virginia are hiring for Vulnerability jobs? Cities in Virginia with the most Vulnerability job openings:
Vulnerability jobs near you
Infographic showing various Vulnerability job openings in Virginia as of June 2026, with employment types broken down into 89% Full Time, 3% Part Time, and 8% Contract. Highlights an 87% Physical, 4% Hybrid, and 9% Remote job distribution, with an average salary of $106,977 per year, or $51.4 per hour.

Vulnerability Assessor

asrcfh

Alexandria, VA โ€ข Hybrid

Other

Posted 17 days ago

Job description

Vulnerability Assessor

Location: Alexandria, VA (Hybrid โ€“ Telework with periodic on-site support as required)
Clearance: Active Secret

Position Overview

ASRC Federal is seeking a Vulnerability Assessor to support the Department of War Education Activity (DoWEA) Enterprise Cyber Program. The Vulnerability Assessor will identify, analyze, and track system vulnerabilities to strengthen the organizationโ€™s cybersecurity posture and ensure compliance with DoD Risk Management Framework (RMF) requirements. This role supports Continuous Monitoring (ConMon) activities and works closely with cybersecurity and system teams to enhance DoWEAโ€™s enterprise-wide security operations.

Responsibilities

  • Conduct vulnerability scans using ACAS (Tenable/Nessus), STIG Viewer, and related DoD-approved assessment tools.

  • Categorize and analyze vulnerabilities in accordance with NIST SP 800-53, DISA STIGs, and DoDI 8510.01 (RMF).

  • Collaborate with Information System Security Managers (ISSMs), Information System Security Officers (ISSOs), and system administrators to track remediation and update Plans of Action and Milestones (POA&Ms).

  • Prepare and maintain vulnerability assessment reports and risk summaries for leadership.

  • Support RMF Steps 3โ€“6 and Continuous Monitoring documentation within eMASS.

  • Research and evaluate emerging technologies to identify new or evolving risks and recommend mitigation strategies.

Basic Qualifications

  • Bachelorโ€™s degree in Cybersecurity, Computer Science, Information Technology, or related discipline (four additional years of equivalent experience may substitute).

  • Minimum 5+ years of cybersecurity or vulnerability management experience.

  • Active DoD Secret clearance

  • DoD 8570.01-M IAT Level II certification (e.g., Security+ CE, CySA+, CCNA-Security).

  • Hands-on experience with ACAS (Tenable/Nessus) and STIG compliance tools.

  • Strong analytical, documentation, and communication skills.

  • Working knowledge of vulnerability scanning, risk assessment methodologies, and remediation tracking.

Preferred Qualifications

  • Familiarity with DoW (DoD) RMF, eMASS, and DISA STIG/SRG compliance.

  • Understanding of NIST SP 800-53, CNSSI 1253, and DoDI 8510.01 frameworks.

  • Knowledge of common cybersecurity threats, exploits, and attack vectors.

  • Experience supporting federal or DoD IT environments.

  • Positive, proactive approach and ability to collaborate effectively across remote and on-site teams.

Apply