CISA Vulnerability Assessment Analyst

This role performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.

Personnel performing this work role may unofficially or alternatively be called:

  • Blue Team Technician
  • Red Team Technician
  • Computer Network Defense (CND) Auditor
  • Ethical Hacker
  • Information Security Engineer
  • Internal Enterprise Auditor
  • Penetration Tester
  • Network Security Engineer
  • Reverse Engineer
  • Risk/Vulnerability Analyst
  • Technical Surveillance Countermeasures Technician
  • Vulnerability Manager

Skill Community: Cybersecurity
Category: Protect and Defend
Specialty Area: Vulnerability Assessment and Management
Work Role Code: 541

Core Tasks

  • Analyze organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives. (T0010)
  • Maintain deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense audit missions. (T0138)
  • Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing. (T0142)
  • Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions. (T0188)
  • Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications). (T0549)

Core Competencies

  • Information Systems/Network Security
  • Infrastructure Design
  • Vulnerability Assessment

Core Knowledge, Skills, Abilities (KSAs)

  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). (K0179)
  • Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]). (K0061)
  • Knowledge of application vulnerabilities. (K0009)
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). (K0070)
  • Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities. (K0106)
  • Knowledge of penetration testing principles, tools, and techniques. (K0342)
  • Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems. (S0001)
  • Skill in the use of penetration testing tools and techniques. (S0051)
  • Skill in using network analysis tools to identify vulnerabilities (e.g., fuzzing, nmap, etc.). (S0081)
  • Skill in conducting application vulnerability assessments. (S0137)

Join the Mission

CISA is always searching for diverse, talented, and highly motivated professionals to continue its mission of securing the nation’s critical infrastructure. CISA is more than a great place to work; our workforce tackles the risks and threats that matter most to the nation, our families, and communities.

To join this mission, visit USAJOBs and/or the DHS Cybersecurity Service to view job announcements and to access the application. Be sure to tailor your resume to the specific job announcement, attach relevant documents, and complete all required assessments. 

When applying for CISA’s cyber positions, please review CISA’s cyber roles above and update your resume to align your experience with the listed competencies. Your resume must also show demonstrated cyber/IT related experience in:

  • Attention to Detail
  • Customer Service
  • Oral Communication
  • Problem Solving

To receive email notifications when new CISA positions are announced, set up a “saved search” on USAJOBs with keyword “Cybersecurity and Infrastructure Security Agency.”

Individuals eligible for special hiring authorities may also be considered during CISA’s one-stop hiring events or by emailing or

Was this webpage helpful?  Yes  |  Somewhat  |  No