1

Cyber Security Penetration Testing Jobs (NOW HIRING)

Bachelor's degree in Cybersecurity, Computer Science, Information Assurance, Engineering, or ... Minimum of 8 years of experience in penetration testing or related cybersecurity roles. * At least ...

Bachelor's degree in Cybersecurity, Computer Science, Information Assurance, Engineering, or ... Minimum of 8 years of experience in penetration testing or related cybersecurity roles. * At least ...

This role requires a highly technical leader with demonstrated experience in offensive and defensive cybersecurity operations and penetration testing methodologies. Essential Functions ...

next page

Showing results 1-20

Cyber Security Penetration Testing information

See salary details

$40.5K

$122.9K

$180K

How much do cyber security penetration testing jobs pay per year?

As of Jul 6, 2026, the average yearly pay for cyber security penetration testing in the United States is $122,890.00, according to ZipRecruiter salary data. Most workers in this role earn between $102,000.00 and $142,000.00 per year, depending on experience, location, and employer.

Can you make $500,000 a year in cyber security?

Cyber security penetration testers can potentially earn $500,000 annually with extensive experience, advanced certifications, and specialized skills in high-demand areas or senior roles. Such salaries are typically achieved in senior positions, consulting, or leadership roles within large organizations or through independent contracting. Entry-level or mid-tier roles usually offer lower compensation, often below this threshold.

How much do cyber security penetration testers make?

Cyber security penetration testers typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and location. Senior testers with advanced skills and certifications like OSCP or CISSP can earn higher salaries, especially in high-demand markets.

What are the key skills and qualifications needed to thrive as a Cyber Security Penetration Tester, and why are they important?

To thrive as a Cyber Security Penetration Tester, you need a strong understanding of network protocols, operating systems, application vulnerabilities, and security frameworks, often supported by a degree in computer science or related field. Familiarity with tools like Metasploit, Burp Suite, and Nmap, as well as certifications such as OSCP or CEH, is typically expected. Analytical thinking, attention to detail, and effective communication set top performers apart in this role. These skills and qualifications are crucial to accurately identify security weaknesses and convey actionable insights that protect organizational assets.

What is the difference between Cyber Security Penetration Testing vs Cyber Security Analyst?

AspectCyber Security Penetration TestingCyber Security Analyst
Primary FocusSimulating attacks to identify vulnerabilitiesMonitoring, analyzing, and defending against threats
CertificationsOSCP, CEH, GPENCISSP, Security+, CEH
Work EnvironmentEngaged in offensive security tasks, often in labs or client sitesSecurity operations centers, corporate environments
ResponsibilitiesConducting penetration tests, reporting vulnerabilitiesMonitoring security alerts, incident response

While both roles require cybersecurity certifications and involve understanding security threats, penetration testers focus on proactively finding vulnerabilities through simulated attacks. Analysts primarily monitor and respond to security incidents to protect organizational assets.

Will pentesters be replaced by AI?

Cyber security penetration testers perform manual testing to identify vulnerabilities that AI tools alone cannot fully replicate. While AI can assist in automating certain tasks and analyzing large data sets, human expertise is essential for creative thinking, contextual understanding, and adapting to new threats. Therefore, pentesters will continue to play a vital role alongside AI advancements in cybersecurity.

What is cyber security penetration testing?

Cyber security penetration testing, also known as pen testing, is a simulated cyberattack on a computer system, network, or web application to identify and exploit security vulnerabilities before malicious hackers can do so. The goal is to evaluate the security of the system by safely attempting to exploit weaknesses, such as flaws in software, hardware, or human processes. Penetration testers use a variety of tools and techniques to mimic real-world attacks and provide organizations with insights and recommendations to improve their security posture.

What are some common challenges faced by cyber security penetration testers when working on client engagements?

Penetration testers often encounter challenges such as limited information (black-box testing), strict time constraints, and navigating complex, ever-changing IT environments. They must balance thoroughness with efficiency, ensuring they identify critical vulnerabilities without disrupting business operations. Effective communication with clients and internal teams is essential, as testers need to clearly explain findings and remediation steps to both technical and non-technical stakeholders. Staying updated on the latest threats and attack techniques is also crucial for success in this dynamic field.

Is penetration testing a good career?

Penetration testing is a valuable cybersecurity role that involves identifying vulnerabilities in systems and networks. It offers high demand, competitive salaries, and opportunities for certification such as OSCP or CEH, making it a strong career choice for those interested in cybersecurity and ethical hacking.
More about Cyber Security Penetration Testing jobs
What cities are hiring for Cyber Security Penetration Testing jobs? Cities with the most Cyber Security Penetration Testing job openings:
What states have the most Cyber Security Penetration Testing jobs? States with the most job openings for Cyber Security Penetration Testing jobs include:
Infographic showing various Cyber Security Penetration Testing job openings in the United States as of July 2026, with employment types broken down into 67% Full Time, and 33% Part Time. Highlights an 100% In-person job distribution, with an average salary of $122,890 per year, or $59.1 per hour.
Cyber Security Penetration Testing Specialist

Cyber Security Penetration Testing Specialist

ProSidian Consulting

Washington, DC • On-site

Other

Posted 9 hours ago


Job description

Cyber Security Penetration Testing Specialist

ProSidian is seeking a Cyber Security Penetration Testing Specialist in CONUS - Mid Atlantic Washington Metropolitan Area (Northern Virginia | Washington DC | Maryland) to support an engagement for a cabinet-level department of the US Govt. concerned with the US' policies regarding energy and safety in handling nuclear material. The Agency's Office of Enterprise Assessment (EA) provides leadership and Senior Managers with an independent assessment of the effectiveness of the Agency's policies and site performance in the areas of safeguards and security, cyber security, emergency management, environment, safety, health, and other critical functions as directed by the Secretary.

The ProSidian Engagement Team Members work to provide technical and administrative support a "check and balance" function by objectively: 1) observing and reporting on the performance of Federal and contractor organizations' implementation of security and safety policies and programs, 2) applying enforcement actions to contractor organizations for poor performance in adhering to legally enforceable security and safety requirements, and 3) developing and delivering security and safety training programs that reflect best practices and lessons learned from EA independent assessments to enhance workforce performance. This includes technical expertise to perform the effort for a full scope of oversight program and support activities for the enforcement and training programs in the areas of safeguards and security; cyber security; emergency management; and environment, safety, and health; as well as general and cross-cutting support.

This is a Engagement Team addition to the project. Cyber Security Penetration Testing Specialist Candidates shall work to support requirements for CLIN 1000: Management And Technical Crosscutting Activities (Time And Materials (T&M)) [For Activities Related To General And Cross-Cutting Support]

Qualifications

The Cyber Security Penetration Testing Specialist shall have consecutive employment in a position with comparable responsibilities within the past five (5) years. Must be able to use a computer to communicate via email; and proficient in Microsoft Office Products (Word/Excel/Power point) and related tools and technology required for the position. Work products shall be thorough, accurate, appropriately documented, and comply with established criteria. The candidate shall ensure that duties are performed in a competent and professional manner that meets milestones/delivery schedules as outlined.

Education: For a position where a Bachelor's degree is required, a Master's degree can substitute for five years of relevant commercial or government experience. A degree must be from an accredited college or university. Applicant must possess at least a Bachelor's degree from an accredited university or college, in such fields as an engineering discipline, business administration, security management, computer science, or information management.

Experience: Applicant must have at least 5 years of direct experience in network security and penetration testing and national-level recognition in the area of penetration testing. Applicant must demonstrate detailed knowledge in cyber security testing, including network monitoring, scanning techniques, firewalls, malware functions, security patches, and hacker techniques.

Applicant must have demonstrated ability to detect and design security controls to prevent exploitable vulnerabilities (including human factor vulnerabilities). Applicant must have familiarity with a broad range of tools and techniques for network scanning, automated penetration testing, data encryption, and malware detection. Applicant must have a good understanding of Agency mission objectives and an ability to help line management identify solutions to complex problems. Applicant must have a demonstrated ability to work in a team environment and develop reports and presentations (verbal and written) that are understandable to a management audience. The position requires an individual with excellent oral and written communications skills, and a proven ability to meet deadlines and perform under pressure in an uncertain environment.

Work products shall be thorough, accurate, appropriately documented, and comply with established criteria. The candidate shall ensure that duties are performed in a competent and professional manner that meets milestones/delivery schedules as outlined.

Travel: Travel as coordinated with the technical point of contact and approved in writing by the Contracting Officer in advance, is allowed, in accordance with Federal Travel Regulations.

Location: Work shall be conducted at the CONUS - Mid Atlantic Washington Metropolitan Area (Northern Virginia | Washington DC | Maryland)

  • U.S. Citizenship Required
  • Excellent oral and written communication skills
  • Proficient with Microsoft Office Products (Microsoft Word, Excel, PowerPoint, Publisher, & Adobe)
  • All ProSidian staff must be determined eligible for a "Facility Access Authorization" (also referred to as an "Employment Authorization") by the USG's designated Security Office.

ProSidian Consulting logo

About ProSidian Consulting

Sourced by ZipRecruiter

ProSidian is a management and operations consulting firm with a reputation for its strong national practice spanning six solution areas including Risk Management, Energy & Sustainability, Compliance, Business Process, IT Effectiveness, and Talent Management. We help clients improve their operations. Linking strategy to execution, ProSidian assists client leaders in maximizing company return on investment capital through design and execution of operations core to delivering value to customers. Visit www.ProSidian.com or follow the company on Twitter at www.twitter.com/ProSidianfor more information.

Industry

Business schools and computer and management training

Company size

11 - 50 Employees

Headquarters location

Charlotte, NC, US

Year founded

2004

Social media