1

Commission Penetration Test Jobs (NOW HIRING)

Your primary responsibility will be to plan, execute, and report on penetration tests targeting ... Those in eligible roles may receive commission-based pay and/or discretionary incentive ...

Your primary responsibility will be to plan, execute, and report on penetration tests targeting ... Those in eligible roles may receive commission-based pay and/or discretionary incentive ...

Senior Penetration Tester

Tampa, FL · On-site

$152K - $260K/yr

Your primary responsibility will be to plan, execute, and report on penetration tests targeting ... Those in eligible roles may receive commission-based pay and/or discretionary incentive ...

Conduct external and internal network penetration tests * Perform security source code reviews ... CertiK also offers a variable commission program for business development sales roles. In ...

Conduct external and internal network penetration tests * Perform security source code reviews ... CertiK also offers a variable commission program for business development sales roles. In ...

Staff Security Engineer

Woonsocket, RI · On-site +1

$137K - $213K/yr

Conduct advanced penetration tests on web applications, mobile applications, network infrastructure ... This position is eligible for a CVS Health bonus, commission or short-term incentive program in ...

Senior Security Engineer

New York, NY · On-site

$130K - $163K/yr

Conduct penetration tests on web/mobile (Android & iOS) & client application, perform external ... CertiK also offers a variable commission program for business development sales roles. In ...

Senior Security Engineer

New York, NY · On-site

$130K - $163K/yr

Conduct penetration tests on web/mobile (Android & iOS) & client application, perform external ... CertiK also offers a variable commission program for business development sales roles. In ...

... IAST, DAST, and penetration tests. * Leverage AI and MCP to create intelligent, context-aware ... This position is not eligible for additional commission-based compensation. Salary offers are based ...

... IAST, DAST, and penetration tests. * Leverage AI and MCP to create intelligent, context-aware ... This position is not eligible for additional commission-based compensation. Salary offers are based ...

... IAST, DAST, and penetration tests. * Leverage AI and MCP to create intelligent, context-aware ... This position is not eligible for additional commission-based compensation. Salary offers are based ...

next page

Showing results 1-20

Commission Penetration Test information

See salary details

$11K

$109.6K

$183.5K

How much do commission penetration test jobs pay per year?

As of Jul 4, 2026, the average yearly pay for commission penetration test in the United States is $109,565.00, according to ZipRecruiter salary data. Most workers in this role earn between $80,000.00 and $143,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Commission Penetration Tester, and why are they important?

To thrive as a Commission Penetration Tester, you need advanced knowledge of network security, vulnerability assessment, and ethical hacking, typically supported by certifications like OSCP or CEH. Familiarity with tools such as Metasploit, Burp Suite, and Nmap, as well as understanding of various operating systems, is essential. Strong analytical thinking, attention to detail, and effective communication skills set exceptional testers apart. These abilities are crucial for identifying security flaws, providing clear recommendations, and helping organizations enhance their cybersecurity posture.

Is penetration testing a good career?

Penetration testing is a valuable cybersecurity role that involves identifying vulnerabilities in systems and networks. It requires technical skills, knowledge of security tools, and often certifications like OSCP or CEH. The field offers strong job growth, competitive salaries, and opportunities for continuous learning.

What are Commission Penetration Testers?

Commission Penetration Testers are cybersecurity professionals hired on a contract or commission basis to simulate cyberattacks on an organization's systems. Their goal is to identify vulnerabilities and weaknesses before malicious hackers can exploit them. They use a variety of tools and techniques to assess the security of networks, applications, and infrastructure, and then provide detailed reports with recommendations for improving security. These testers play a crucial role in helping organizations strengthen their defenses and comply with industry regulations.

What are some common challenges faced by professionals in a Commission Penetration Tester role, and how can they be managed?

Commission Penetration Testers often encounter challenges such as obtaining proper authorization, dealing with incomplete or outdated documentation, and working within tight timelines while ensuring thoroughness. Managing these challenges involves clear communication with clients to define scope, timely documentation, and staying updated on the latest security threats and tools. Collaboration with internal IT and security teams is essential to address issues discovered and to ensure that findings are actionable and well-understood.

Can you get a job with PenTest+?

The CompTIA PenTest+ certification can help qualify candidates for roles such as penetration tester or security analyst, as it demonstrates knowledge of vulnerability assessment and penetration testing tools. However, employers often require additional experience, technical skills, and sometimes other certifications like OSCP or CISSP. PenTest+ can be a valuable credential to enhance your resume and improve job prospects in cybersecurity testing roles.

What is the highest salary for penetration testing?

Senior penetration testers or ethical hackers can earn salaries exceeding $150,000 annually, especially with advanced certifications like OSCP or CISSP and extensive experience. Top cybersecurity professionals in high-demand markets or with specialized skills may earn over $200,000 per year.

How much are companies paying for penetration testing?

For a penetration tester, companies typically pay between $70,000 and $130,000 annually, depending on experience, certifications, and location. Contract or freelance penetration testing work can range from $1,000 to $10,000 per engagement, often based on the scope and complexity of the assessment.

What is the difference between Commission Penetration Test vs Penetration Tester?

AspectCommission Penetration TestPenetration Tester
CertificationsCEH, OSCP, CISSPCEH, OSCP, CISSP
Work EnvironmentTypically contracted for specific projects, often freelance or consultingEmployed by organizations or as consultants, performing security assessments
Industry UsageUsed by companies to evaluate security posture through commissioned testsPerformed by professionals to identify vulnerabilities across various sectors

Both Commission Penetration Tests and Penetration Testers require similar certifications and work in security assessment roles. The key difference is that a Commission Penetration Test refers to the specific contracted security assessment, while a Penetration Tester is the professional performing these tests. The test is a service, whereas the tester is the individual executing it.

More about Commission Penetration Test jobs
What cities are hiring for Commission Penetration Test jobs? Cities with the most Commission Penetration Test job openings:
What are the most commonly searched types of Penetration Test jobs? The most popular types of Penetration Test jobs are:
What states have the most Commission Penetration Test jobs? States with the most job openings for Commission Penetration Test jobs include:
What job categories do people searching Commission Penetration Test jobs look for? The top searched job categories for Commission Penetration Test jobs are:
Infographic showing various Commission Penetration Test job openings in the United States as of June 2026, with employment types broken down into 88% Full Time, 10% Part Time, and 2% Contract. Highlights an 83% Physical, 3% Hybrid, and 14% Remote job distribution, with an average salary of $109,565 per year, or $52.7 per hour.
Senior Penetration Tester

Senior Penetration Tester

JPMorgan Chase & Co

Tampa, FL • On-site

Full-time

Medical, Retirement

Posted 24 days ago


JPMorgan Chase & Co. rating

8.0

Company rating: 8.0 out of 10

Based on 486 frontline employees who took The Breakroom Quiz

54th of 144 rated banks


Job description

This position is also open in the following locations: New York, NY / Atlanta, FL / Plano, TX / Columbus, OH / McLean, VA / Wilmington, DE / Jersey City, NJ / Chicago, IL / Brooklyn, NY / Houston, TX

Drive the security of critical banking applications and platforms through hands-on offensive testing.

As an Assessments & Exercises Vice President in the Cybersecurity and Technology Controls organization, you will play a key role in safeguarding the firm's most vital assets. Your primary responsibility will be to plan, execute, and report on penetration tests targeting high-impact applications, platforms, and services. Leveraging industry-standard methodologies and advanced techniques, you will proactively identify vulnerabilities, collaborate with application owners to understand root causes, and guide effective remediation to strengthen the firm's security posture.

We are seeking candidates with a passion for offensive security, deep technical expertise in penetration testing, and a commitment to continuous learning and excellence.

Job responsibilities

  • Plan, scope, and execute penetration testing engagements across a variety of environments, including web applications, APIs, cloud platforms, infrastructure, thick-client, and/or mobile applications.
  • Collect and validate pre-requisites for each engagement, ensuring all necessary access, documentation, and approvals are in place.
  • Perform manual and automated testing to identify vulnerabilities, misconfigurations, and security weaknesses, leveraging industry-standard tools and custom scripts.
  • Document and communicate findings through comprehensive reports that include technical details, risk assessments, and actionable remediation recommendations.
  • Conduct peer reviews of penetration test reports to ensure accuracy, consistency, and quality of deliverables.
  • Collaborate with development, infrastructure, and security teams to clarify findings, support remediation efforts, and provide subject matter expertise on offensive security.
  • Stay current with emerging threats, vulnerabilities, and attack techniques by leveraging threat intelligence, security research, and participation in relevant industry groups.
  • Contribute to the continuous improvement of penetration testing methodologies, tools, and frameworks to enhance effectiveness and alignment with firm strategy and regulatory requirements.

Required qualifications, capabilities, and skills

  • 5+ years of hands-on penetration testing experience in offensive security, with a proven track record of scoping, executing, and reporting on complex engagements.
  • Expertise in manual penetration testing of web, API, cloud (AWS/Azure/GCP), infrastructure, thick-client, and/or mobile applications (android/iOS), including the use of industry-standard tools (e.g., Burp Suite, Nmap, Metasploit, etc.).
  • Strong understanding of security assessment methodologies such as OWASP Top Ten, NIST Cybersecurity Framework, and other relevant standards.
  • Ability to identify and articulate systemic security issues related to threats, vulnerabilities, and risks, and provide clear, actionable recommendations for remediation.
  • Exceptional organizational and communication skills, including the ability to write detailed technical reports and present findings to both technical and non-technical stakeholders.
  • Experience conducting peer reviews of penetration test reports and mentoring junior testers.
  • Continuous learner who keeps up with the latest offensive security trends, tools, and techniques.

Preferred qualifications, capabilities, and skills

  • Knowledge of cybersecurity practices, operational risk management, and incident response methodologies within the US financial services sector, including relevant regulations, threats, and risks.
  • Proficiency in penetration testing and security concepts for both Windows and Unix-like operating systems.
  • Experience conducting security-focused source code reviews (e.g., Python, Java, Rust).
  • Experience in reverse engineering thick-client and mobile applications to identify vulnerabilities.
  • Relevant certifications such as OSWE, CREST (CRT, CCT), OSCP, OSCE, GXPN, GWAPT, GPEN, GMOB, or BSCP. GXPN, GWAPT, GPEN, GMOB, or BSCP

#CTC

JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.

We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process. 

We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.

JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans

Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.

What JPMorgan Chase & Co. employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom