1

Vulnerability Jobs (NOW HIRING)

Vulnerability Management Lead

Washington, DC · On-site

$116K - $152K/yr

GIAC Vulnerability Analyst (GEVA) or GPEN * CompTIA Security+ / CySA+ or equivalent * CISSP or CISM (senior-level certifications acceptable) * CEH (Certified Ethical Hacker) * Any relevant ...

The Vulnerability Analyst will play an important role to identify, assess, prioritize, report, and assist others in mitigating vulnerabilities within an organization's information systems. This ...

Translate technical vulnerability findings into risk-based language for federal clients and authorization officials, presenting monthly status briefings as needed * Collaborate with development, SRE, ...

The Vulnerability Analyst will play an important role to identify, assess, prioritize, report, and assist others in mitigating vulnerabilities within an organization's information systems. This ...

Vulnerability Analyst Top 5 Technical Skills: * Tenable * Qualys * MS Office * Experience with CVE * Experience with Vulnerabilty Management Top 2 Soft Skills: * Great written and verbal ...

Vulnerability Analyst

Charleston, WV · Remote

$80K - $134K/yr

Translate technical vulnerability findings into risk-based language for federal clients and authorization officials, presenting monthly status briefings as needed * Collaborate with development, SRE, ...

Senior Vulnerability Engineer

$117K - $160K/yr

Description Keeper Security is hiring an experienced Senior Vulnerability Engineer to design, build, and scale enterprise vulnerability management capabilities across our cloud, application, and ...

Sr. Vulnerability Analyst

Detroit, MI

$95K - $124K/yr

Senior Vulnerability Analyst is a key role in advancing vulnerability management throughout the HFHS enterprise through technical expertise with a focus on threat intelligence, vulnerability ...

next page

Showing results 1-20

Vulnerability information

See salary details

$37.5K

$107.9K

$143K

How much do vulnerability jobs pay per year?

As of Jul 16, 2026, the average yearly pay for vulnerability in the United States is $107,902.00, according to ZipRecruiter salary data. Most workers in this role earn between $94,000.00 and $117,500.00 per year, depending on experience, location, and employer.

What are some common challenges faced by professionals working in vulnerability management roles?

Professionals in vulnerability management often face the challenge of keeping up with constantly evolving threats and newly discovered vulnerabilities. Prioritizing which vulnerabilities to address first, especially in large environments with thousands of potential risks, can be demanding. Collaborating with IT, development, and security teams to ensure timely remediation and maintaining clear communication about risk levels are also essential parts of the role. Additionally, balancing the need for quick patching with the risk of disrupting business operations requires careful judgment.

What is the difference between Vulnerability vs Penetration Tester?

AspectVulnerabilityPenetration Tester
Primary FocusIdentifying security weaknesses and vulnerabilities in systemsSimulating cyberattacks to exploit vulnerabilities and test defenses
CertificationsCompTIA Security+, CEH, OSCP (for some roles)OSCP, CEH, GPEN, CISSP (often overlapping)
Work EnvironmentSecurity analysis, vulnerability scanning, reportingActive testing, exploitation, reporting
Industry UsageSecurity assessment, risk managementSecurity testing, red teaming

Vulnerability specialists focus on identifying weaknesses in systems, while penetration testers actively exploit those vulnerabilities to assess security effectiveness. Both roles require similar certifications and work in cybersecurity, but their methods and objectives differ: vulnerability analysts aim to find issues, whereas penetration testers simulate attacks to evaluate defenses.

What are the key skills and qualifications needed to thrive as a Vulnerability Analyst, and why are they important?

To thrive as a Vulnerability Analyst, you need a solid understanding of network security, operating systems, and vulnerability assessment methodologies, typically supported by a degree in cybersecurity or IT and relevant certifications like CompTIA Security+ or CEH. Familiarity with tools such as Nessus, OpenVAS, Metasploit, and vulnerability management platforms is essential. Strong analytical thinking, attention to detail, and effective communication help in identifying risks and explaining findings to diverse stakeholders. These skills ensure timely detection and remediation of security weaknesses, protecting organizations from cyber threats.

What are the 4 types of vulnerabilities?

In cybersecurity, vulnerabilities are typically classified into four main types: technical vulnerabilities, such as software bugs and misconfigurations; operational vulnerabilities, related to processes and procedures; physical vulnerabilities, involving hardware and infrastructure; and human vulnerabilities, which stem from user errors or social engineering. Identifying and addressing these types helps security professionals protect systems effectively.

Can you make $500,000 a year in cyber security?

Vulnerability analysts and cybersecurity professionals can potentially earn $500,000 annually with advanced skills, extensive experience, specialized certifications, and roles in high-paying industries or senior management positions. Achieving this level often requires expertise in areas like penetration testing, security architecture, or executive leadership, along with a strong professional network and ongoing education.

Can you make $200,000 in cyber security?

Vulnerability analysts and cybersecurity professionals can earn $200,000 or more annually, especially with advanced skills, certifications like CISSP or CISA, and experience in high-demand areas such as penetration testing or security architecture. Salaries vary based on location, industry, and level of expertise, with senior roles and managerial positions typically offering higher compensation.

What is a vulnerability specialist?

A vulnerability specialist is a cybersecurity professional who identifies, assesses, and prioritizes security weaknesses in computer systems, networks, and applications. They often use tools like vulnerability scanners and may hold certifications such as CISSP or CEH to perform risk analysis and recommend mitigation strategies.

What are vulnerability analysts?

Vulnerability analysts are cybersecurity professionals who identify, assess, and help remediate security weaknesses in computer systems, networks, and software. They use various tools and techniques to scan for vulnerabilities, analyze threats, and recommend solutions to mitigate risks. Their work is crucial in preventing cyberattacks and ensuring the security of organizational assets. Vulnerability analysts often collaborate with IT and security teams to prioritize and address vulnerabilities based on their potential impact.
More about Vulnerability jobs
What cities are hiring for Vulnerability jobs? Cities with the most Vulnerability job openings:
What are the most commonly searched types of Vulnerability jobs? The most popular types of Vulnerability jobs are:
What states have the most Vulnerability jobs? States with the most job openings for Vulnerability jobs include:
Infographic showing various Vulnerability job openings in the United States as of July 2026, with employment types broken down into 92% Full Time, 4% Part Time, and 4% Contract. Highlights an 80% Physical, 4% Hybrid, and 16% Remote job distribution, with an average salary of $107,902 per year, or $51.9 per hour.

Vulnerability Researcher

Lyteforge Technologies LLC

Mclean, VA • On-site

$131K/yr

Full-time

Re-posted 2 days ago


Job description

  • JOB TITLE: Mobile Vulnerability Researcher

    DESCRIPTION:

    We are seeking a highly skilled and motivated Vulnerability Researcher with a strong focus on the Apple iPhone or Google Android ecosystem. The ideal candidate will possess a deep understanding of iOS/Android architecture, security mechanisms, and common vulnerability classes. This role demands a proactive and meticulous approach to identifying and analyzing security weaknesses within iOS, Android and related technologies. As a member of our team, you will be expected to contribute significantly to our research efforts and stay at the forefront of mobile security advancements.

    Day-to-day responsibilities and duties include:

    • Conduct in-depth vulnerability research and analysis on Apple iOS, Google Android and related software and hardware.
    • Employ various vulnerability discovery techniques, including but not limited to static analysis, dynamic analysis, and reverse engineering of binaries, protocols and file formats.
    • Design, develop, and execute effective fuzzing strategies to uncover security vulnerabilities in iOS and Android components and applications.
    • Perform various methods of fuzzing to identify potential security flaws in web-based elements within the iOS and Android environments.
    • Analyze and understand Arm Assembly language to facilitate low-level vulnerability analysis and exploitation.
    • Document discovered vulnerabilities with clear, concise, and actionable reports, including technical details, impact assessments, and potential remediation strategies.
    • Collaborate closely with development teams to communicate findings and assist in the development and implementation of security patches and mitigations.
    • Stay abreast of the latest security trends, research, and attack vectors targeting the iOS and Android platforms.
    • Contribute to the development of internal security tools and methodologies.
    • Potentially present research findings to both technical and non-technical audiences.
    • Mentor and provide guidance to junior vulnerability research team members.
  • REQUIREMENTS:

    Applicants MUST

    • must be able to qualify and maintain security clearance.
    • have at least 3 years of vulnerability research and iOS experience and have a good understanding of professional business environments.
    • Experience with Ghidra, IDA Pro or other disassemblers, Frida
    • be able to carry themselves in a professional manner
    • be punctual, responsible, and reliable
  • Preferred:

    • have good written and verbal communication skills (answering the phone and composing emails in a professional manner)
    • ARM 64 Assembly
    • Programming/Scripting experience
    • Knowledge of mobile platform (Android/iOS) internals and kernel
    • Mobile/Embedded knowledge, baseband knowledge, SoC (MTK, Qualcomm, Exynos) knowledge
  • Job Type: Full-time

    Schedule:

    • The schedule for this position is project driven and can be highly variable depending on project deadlines and the specific needs of the software development teams.
    • Monday to Friday
    • Weekends as needed
  • Pay: From $131,000 per year excluding bonus and benefits.

  • Work Location: In person