Vulnerability Assessor Jobs

Latest Vulnerability Assessor Jobs Listings

Find More Vulnerability Assessor Jobs
Position Company Location Posted
Cyber Security Risk Assessor
Federal Reserve Bank of ChicagoNew York, New York, United States13/01/2023
Third Party Cyber Security Risk Assessor
BMO Harris BankChicago, Illinois, United States27/01/2023
Security Classification Assessor Test Engineer I (Government)
AT&TChantilly, Virginia, United States22/11/2022
Senior Analyst, Security Controls Assessor
Wells FargoCharlotte, North Carolina, United States23/12/2022
Security Control Assessor (Government)
AT&TChantilly, Virginia, United States22/11/2022
Security Control Assessor III (Government)
AT&TChantilly, Virginia, United States22/11/2022
Concurrent Technologies CorporationPanama City, Florida19/01/2023
Security Control Assessor IV (Government)
AT&TChantilly, Virginia, United States22/11/2022
Security Classification Assessor Test Engineer IV (Government)
AT&TChantilly, Virginia, United States22/11/2022
Security Classification Assessor Test Engineer III (Government)
AT&TChantilly, Virginia, United States22/11/2022
Find More Jobs

What is a Vulnerability Assessor?

A Vulnerability Assessor is sometimes known as a Vulnerability Assessment Analyst and not to be confused with a Penetration Tester. They are usually responsible for scanning through applications and systems to identify IT security vulnerabilities in a clients IT networks, systems and websites.
They are basically looking for flaws and will ultimately produce a document known as a ‘Vulnerability Assessment’ which the organisation can use to improve its overall IT and Data Security.

They will use a suite of vulnerability testing tools and techniques in order to identify exploits that cyber attackers could use against the organisation.

They will need to formally record any weaknesses or vulnerabilities that they find in the report that they produce for their client.

What are the typical job duties for a Vulnerability Assessor?
The job may involve developing automated vulnerability testing scripts, and using off the shelf vulnerability testing tools, to log security flaws in web based applications, IT networks and computer systems.

The role encompasses the collation of identified issues to be incorporated in a vulnerability assessment report that the client can use to improve their IT security.

The Vulnerability Assessors report will comprehensively show where these identified weaknesses are with suggestions on how to mitigate against them.

More specific Vulnerability Assessor responsibilities may include:
1) The identification of security flaws in systems, applications and web-based assets that cyber criminals could exploit.

2) Planning and performing relevant vulnerability tests on computer systems, networks or web-based applications across an organisations servers.

3) Designing and implementing new vulnerability testing tools and techniques that can be deployed during vulnerability testing on behalf of the client organisation.

4) Conducting a physical security assessment of an organisations systems, including servers and networks, ensuring that any unauthorised external physical interference is not actually possible.

5) Identifying the methods that cyber attackers may use to gain access to the clients systems, discovering existing exploits and weaknesses within the organisations security defenses.

6) Discovering inadequate or inappropriate security practices such as poor password policies and other human errors by a process of discovery. Recommending new processes and procedures to mitigate against future human error and the potential attacks associated with such failures.

7) Utilize a combination of automated and manual testing methods to validate the vulnerability testing methods, thereby reducing false positives.

8) Compilation and tracking of identified vulnerabilities, over time, for the efficient recording of IT security metrics that the organisation can then use to plot future progress against.

9) Report on all of the findings together into a formal Vulnerability Assessment document, highlighting all issues that have been uncovered together with recommended resolution actions to be taken by the organisation.

10) Presentation and explanation of the reports contents where necessary to all interested parties, such as senior IT management and directors.

11) Recommending a process of vulnerability testing that the organisation can implement on a regular basis in order to maintain a secure live environment in future as new threats and exploits emerge.

12) The Vulnerability Assessor could be engaged to verify that the organisations implementation of any assigned VULNERABILITY ASSESSMENT actions have succeeded in improving overall IT security.

13) Going forwards, the collected metrics can be analysed, and compared against pre-assessment metrics, to confirm the effectiveness of any of the vulnerability assessments recommended actions.

What hours will I work?

The job of Vulnerability Assessor is often a daytime role, working an average 40 hours per week. Short-term IT Vulnerability Assessor Contractors and Consultants may be paid a day rate where any additional work is chargeable.

What skills do I need?

  • An up to date knowledge of IT Security related hardware, software and vendor solutions
  • Up to date knowledge of the tools and techniques that cyber criminals and hackers are likely to employ
  • Understanding of relevant scripting and source code programming languages, such as C#, C++, .NET, Java, Perl, PHP, Python or Ruby On Rails etc. that you will be using
  • Practical experience using computer operating systems such as MS Windows, UNIX/Linux
  • An analytical mind with the ability to respond quickly to findings
  • A methodical approach to recording any findings
  • You will need to be organised, efficient and able to work unsupervised under your own initiative
  • Good written and verbal communication skills

What qualifications do I need?

  • Employees may desire a Bachelors degree in a related field such as Computer Science, IT or a Cyber-Security related field, but this is not a necessity
  • Experience in a similar role will be beneficial!

Vulnerability Assessor Salary

What can you expect to earn as a Vulnerability Assessor? The position of an IT Vulnerability Assessor is an intermediate level role. Salaries will of course vary depending on your experience, qualifications, the organisation and sector plus whether you are employed on a full-time, short-term Contractor or Consultant basis.

According to SimplyHired Average salary expectations for the role of Vulnerability Assessor are $56,000 or £43,076 at a conversion rate of 1.3 for USD/GBP.