2

Entry Level Cybersecurity Penetration Tester Jobs

Schellman has become one of the largest cybersecurity assessment firms in the United States without ... Schellman created our Penetration Tester role with the goal of giving talented technical IT ...

Schellman has become one of the largest cybersecurity assessment firms in the United States without ... Schellman created our Penetration Tester role with the goal of giving talented technical IT ...

This role requires a deep understanding of offensive cybersecurity techniques, strong analytical ... Conduct penetration testing activities aligned withCBPand industry best practices.

... cyber security, management, operational, logistical and administrative support to aid and advise ... Support the Penetration Testing (Red Cell) Team. * Assess the current state of the customer ...

Schellman has become one of the largest cybersecurity assessment firms in the United States without ... Click the video below to learn more about our Penetration Tester roles!

next page

Showing results 1-20

Entry Level Cybersecurity Penetration Tester information

See salary details

$22.5K

$119.9K

$168.5K

How much do entry level cybersecurity penetration tester jobs pay per year?

As of Jul 19, 2026, the average yearly pay for entry level cybersecurity penetration tester in the United States is $119,895.00, according to ZipRecruiter salary data. Most workers in this role earn between $96,000.00 and $141,000.00 per year, depending on experience, location, and employer.

What is the difference between Entry Level Cybersecurity Penetration Tester vs Cybersecurity Analyst?

AspectEntry Level Cybersecurity Penetration TesterCybersecurity Analyst
CertificationsCompTIA Security+, CEH (Certified Ethical Hacker)CompTIA Security+, CISSP (entry-level)
Work EnvironmentSimulated attacks, testing security systemsMonitoring, analyzing security events
Primary FocusIdentifying vulnerabilities through penetration testingDetecting and responding to security threats
Industry UsageSecurity testing firms, IT departmentsAll industries, corporate security teams

While both roles require foundational cybersecurity knowledge and certifications, the Entry Level Cybersecurity Penetration Tester focuses on proactively testing systems for vulnerabilities, whereas the Cybersecurity Analyst monitors and responds to security incidents. Both are essential for a comprehensive security strategy but serve different functions within an organization.

What does an Entry Level Cybersecurity Penetration Tester do?

An Entry Level Cybersecurity Penetration Tester is responsible for identifying and assessing security vulnerabilities in computer systems, networks, and applications. They use various tools and techniques to simulate cyberattacks, helping organizations find and fix weaknesses before malicious hackers can exploit them. Typically, they work under the supervision of senior testers, document their findings, and may help create reports or recommend security improvements. This role is a starting point for a career in ethical hacking and cybersecurity consulting.

What are the key skills and qualifications needed to thrive as an Entry Level Cybersecurity Penetration Tester, and why are they important?

To thrive as an Entry Level Cybersecurity Penetration Tester, you need a solid understanding of networking, operating systems, and basic security principles, often supported by a degree in computer science or a related field. Familiarity with tools like Metasploit, Nmap, Burp Suite, and certifications such as CompTIA Security+ or CEH are commonly expected. Strong analytical thinking, attention to detail, and effective communication set standout candidates apart in this role. These skills are crucial for identifying vulnerabilities, explaining findings to stakeholders, and helping organizations strengthen their security posture.

What does a typical week look like for an entry level cybersecurity penetration tester in terms of tasks and team collaboration?

As an entry level cybersecurity penetration tester, your week typically involves planning and executing controlled attacks on systems to identify vulnerabilities, documenting your findings, and participating in debrief meetings with clients or internal teams. You'll often work closely with more experienced testers, security analysts, and IT staff to coordinate testing efforts and understand the systems under review. Regular collaboration is key, especially when interpreting results and developing mitigation strategies. You can also expect to spend time learning new tools and techniques, as staying updated is essential in this rapidly changing field.
More about Entry Level Cybersecurity Penetration Tester jobs
What cities are hiring for Entry Level Cybersecurity Penetration Tester jobs? Cities with the most Entry Level Cybersecurity Penetration Tester job openings:
What are the most commonly searched types of Cybersecurity Penetration Tester jobs? The most popular types of Cybersecurity Penetration Tester jobs are:
What states have the most Entry Level Cybersecurity Penetration Tester jobs? States with the most job openings for Entry Level Cybersecurity Penetration Tester jobs include:
Infographic showing various Entry Level Cybersecurity Penetration Tester job openings in the United States as of July 2026, with employment types broken down into 6% Locum Tenens, 87% Full Time, 5% Part Time, and 2% Contract. Highlights an 79% Physical, 5% Hybrid, and 16% Remote job distribution, with an average salary of $119,895 per year, or $57.6 per hour.
Senior Penetration Tester

Full-time

Re-posted 12 days ago


Job description

Schellman is a Top 50 CPA firm and a leading provider of attestation and compliance services. Our professional services focus on security and privacy audits, assessments, and certifications. Schellman has become one of the largest cybersecurity assessment firms in the United States without providing any traditional accounting services. We are an accredited multi-framework ISO Certification Body for security, privacy, business continuity, and quality; a globally licensed PCI Qualified Security Assessor and a top provider to clients serving the federal DoD space as a leading FedRAMP 3PAO and the first assessment firm authorized as a CMMC C3PAO. Our specialty and expertise remain in providing best in class Cybersecurity and IT Audits and Attestations. Our culture, approach with clients, and dedication to our values has led us to consistently be a Great Places to Work certified company and rated as a Best Firms to Work For by Accounting Today and a Glassdoor Best Places to Work. We deeply appreciate our employees, as shown by our first core value - People Come First. This is demonstrated in our culture, benefits, and how we handle business. Come see what makes Schellman special!
JOB SUMMARY
Senior associates are primarily responsible for hands-on project execution. Experienced senior associates have, or are working towards, specialization in one or more service lines and are assigned to projects accordingly. Senior associates are assigned to a specific service delivery principal that is responsible for supervising the associate's career development. Additionally, senior associate's daily activities are closely supervised by the management teams of their assigned projects. Senior associates may supervise associates and/or senior associates when serving as a member of a project management team.
Schellman created our Penetration Tester role with the goal of giving talented technical IT professionals, who have at least 2 years of security experience and hands-on security certifications (e.g. OSCP), a structured plan to elevate their expertise. This is a rare opportunity to transition to a focused penetration testing position to build on your offensive skillset while working on engagements with our team, whose unrivaled knowledge and experience will provide guidance and mentorship throughout. What do we ask from you? Unwavering commitment to learn as much as possible to be a contributing member of the team, and to always be up for a new challenge.
There is no typical day for our Pen Test team. Our clients rely on us to find and exploit a myriad of vulnerabilities across their on premise and cloud-based networks and applications. The benefit of being exposed to so many different situations is that you are constantly building your knowledge base and skillset while keeping up with the latest technologies. Our team is remote yet extremely collaborative and works together to utilize their different backgrounds and experience to solve these problems.
Want to learn more about what it takes to solve penetration testing problems at scale with Schellman?
Check out this blog: 6 Problems Penetration Testers Face (& How Schellman Is Solving Them)
Essential Functions:
  • Complying with Schellman's code of ethics and professional conduct, methodologies, policies, and procedures
  • Adhering to the professional and regulatory standards relevant to assigned service line specialization(s)
  • Promoting Schellman's company culture and exemplifying Schellman's values
  • Establishing high quality relationships and rapport with client personnel
  • Managing client expectations to ensure expectations are exceeded
  • Completing assigned duties in a timely manner and with a high attention to detail
  • Collaborating with fellow project team members in a productive and timely manner throughout the life cycle of each project
  • Adhering to project schedules and keeping fellow project team members apprised of the progress of assigned tasks
  • Escalating issues internally in a proper and timely manner
  • Using discretion and decorum in the timing, form, and content of all client communications
  • Booking travel reservations in a timely manner and in accordance with Schellman's travel and expense policies and procedures
  • Performing the essential functions of other service delivery positions when qualified and called upon to do so
  • Attending project kick-off and closing meetings
  • Executing assigned testing procedures, performing detailed analysis, reaching conclusions, documenting results in accordance with company standards, and suggesting ideas for improvements, where applicable
  • Drafting project deliverables
  • Serving as a contact for clients' basic questions regarding an engagement
  • Participating in recruiting and candidate interview activities
  • Training project team members
  • Acclimating newer team members to Schellman
  • Contributing to Schellman's practice development efforts
  • Developing an expert knowledge of professional and regulatory standards relevant to assigned service line specialization(s)
  • Contributing to Schellman's thought leadership (e.g., articles, webinars, public speaking, etc.)

Knowledge, Skills, and Abilities:
  • Working knowledge of Schellman's services, methodology, and relevant professional standards
  • Requisite knowledge of applicable technology and security domains
  • High level of attention to detail and quality of work product
  • Client service oriented
  • Excellent time management, organizational, and verbal and written communication skills
  • Ability to work on-site or remotely as a valuable contributor to a collaborative team
  • Capable of simultaneously managing assigned tasks for multiple projects
  • Proficient using Microsoft Word, Excel, and PowerPoint, as well as Schellman's service delivery applications
  • Full understanding and application of ethics, independence and Schellman's values

Education, Work Experience and Certifications
  • Bachelor's degree in technology, computer science or other relevant subject area, or equivalent years of experience directly related to the duties and responsibilities specified
  • 3+ years' experience in hands on penetration testing
  • 1+ year experience in web application penetration testing
  • Ability to work well independently, within a team and with clients
  • Completion of one or more of the following certifications:
  • Offensive Security Certified Professional (OSCP) (Required)
  • Certified Red Team Operator (CRTO) (Preferred)
  • Burp Suite Certified Practitioner (Preferred)
  • Demonstrated enthusiasm for Information Security (e.g. GitHub repo, blogs, presentations, conference talks, local security association member, participated in free skill-building / hacking challenges - SANS Holiday Hack, HackerOne CTF, HackTheBox, etc.)
  • Competency in common operating systems (e.g. Windows, macOS, Linux)
  • An understanding of cloud computing models, technologies, and concepts
  • Proficiency with at least two scripting languages (e.g. Python, Bash, JavaScript, PowerShell)

Our ideal candidate has:
  • Knowledge of PCI and FedRAMP programs
  • A passion for identifying and exploiting vulnerabilities
  • Demonstrated entrepreneurial abilities, client focus, industry savvy, and the ability to work independently or as part of a collaborative team
  • Self-driven in a remote working environment, motivation to continuously improve your skillset

Schellman is an equal opportunity employer (EOE) and strongly supports diversity in the workplace; therefore, providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. Schellman uses E-Verify in our hiring process.
At Schellman, we strive to provide a flexible and balanced environment and therefore offer the opportunity to work remotely, unless otherwise stated in the job requirements. Connecting, collaborating and continuous education are also highly valued and therefore we require some travel annually, which can include in-person training, team meet-ups, and strategy meetings. Service Delivery team members will also be required to travel based on business and client needs.