2

Entry Level Offensive Security Engineer Jobs (NOW HIRING)

As a Security Engineer, you'll take on a dynamic, high-impact role focused on securing the cloud ... Hands-on experience in offensive security (eg, through bug bounty programs or CTFs) The salary ...

Junior DevOps Engineer

Madison, WI · On-site

$53.25 - $72.75/hr

Sprocket Security prioritizes offensive security for enterprises, empowering them to build robust ... s Engineer at Sprocket Security, your primary role is to help design, implement and maintain ...

Junior DevOps Engineer

Madison, WI

$53.25 - $72.75/hr

Sprocket Security prioritizes offensive security for enterprises, empowering them to build robust ... s Engineer at Sprocket Security, your primary role is to help design, implement and maintain ...

As a Security Labs Engineer, you will own projects that explore and enhance the security posture of ... Preferred : • Prior experience in offensive security, red teaming, or security research, having ...

As a Security Labs Engineer, you will own projects that focus on enhancing security through ... Preferred : • Prior experience in offensive security, red teaming, or security research, having ...

next page

Showing results 1-20

Entry Level Offensive Security Engineer information

See salary details

$61.5K

$152.8K

$205.5K

How much do entry level offensive security engineer jobs pay per year?

As of Jul 10, 2026, the average yearly pay for entry level offensive security engineer in the United States is $152,773.00, according to ZipRecruiter salary data. Most workers in this role earn between $143,000.00 and $158,500.00 per year, depending on experience, location, and employer.

What is the difference between Entry Level Offensive Security Engineer vs Penetration Tester?

AspectEntry Level Offensive Security EngineerPenetration Tester
CertificationsCompTIA Security+, CEH (Certified Ethical Hacker)CEH, OSCP (Offensive Security Certified Professional)
Work EnvironmentSecurity teams, cybersecurity firms, internal security departmentsConsulting firms, security companies, freelance engagements
Job FocusIdentify vulnerabilities, develop attack simulations, improve security posturePerform targeted security assessments, exploit vulnerabilities, report findings

Both roles involve assessing security weaknesses, often requiring similar certifications like CEH. An Entry Level Offensive Security Engineer typically works within organizations to strengthen defenses, while a Penetration Tester often conducts external assessments for clients. The main difference lies in their scope: engineers focus on proactive security development, whereas testers focus on identifying vulnerabilities through simulated attacks.

What are the key skills and qualifications needed to thrive as an Entry Level Offensive Security Engineer, and why are they important?

To thrive as an Entry Level Offensive Security Engineer, you need a solid understanding of network protocols, cybersecurity fundamentals, and common vulnerabilities, often supported by a bachelor's degree in computer science or a related field. Familiarity with penetration testing tools like Metasploit, Burp Suite, and knowledge of operating systems such as Linux is essential, and entry-level certifications like CompTIA Security+ or CEH are commonly valued. Strong analytical thinking, attention to detail, and effective communication skills help you identify security issues and clearly report findings. These competencies are crucial for assessing organizational security, executing ethical hacking tasks, and helping teams proactively defend against cyber threats.

What types of projects or tasks can an Entry Level Offensive Security Engineer expect to work on during their first year?

As an Entry Level Offensive Security Engineer, you will typically assist with vulnerability assessments, penetration testing, and security audits under the guidance of more experienced team members. Your daily tasks might include running automated scans, analyzing results, writing reports, and helping to develop and validate security tools. Collaboration with IT, development, and incident response teams is also common, as you work together to identify and remediate vulnerabilities. These experiences provide a strong foundation for professional growth and may lead to more advanced responsibilities over time.

What is an Entry Level Offensive Security Engineer?

An Entry Level Offensive Security Engineer is a cybersecurity professional who specializes in testing and assessing the security of computer systems, networks, and applications by simulating real-world attacks. Their primary responsibility is to identify vulnerabilities and weaknesses that malicious hackers could exploit. They use tools and techniques such as penetration testing, vulnerability scanning, and social engineering to find and report security issues. These engineers typically work under the guidance of more experienced team members and help organizations strengthen their security posture.
More about Entry Level Offensive Security Engineer jobs
What cities are hiring for Entry Level Offensive Security Engineer jobs? Cities with the most Entry Level Offensive Security Engineer job openings:
What are the most commonly searched types of Offensive Security Engineer jobs? The most popular types of Offensive Security Engineer jobs are:
What states have the most Entry Level Offensive Security Engineer jobs? States with the most job openings for Entry Level Offensive Security Engineer jobs include:
Infographic showing various Entry Level Offensive Security Engineer job openings in the United States as of July 2026, with employment types broken down into 67% Full Time, 11% Part Time, and 22% Contract. Highlights an 100% In-person job distribution, with an average salary of $152,773 per year, or $73.4 per hour.
Security Assurance Penetration Tester

Security Assurance Penetration Tester

Elsevier

Philadelphia, PA • On-site, Remote

$85K - $143K/yr

Full-time

Posted 13 hours ago

Posted today


Job description

Are you a collaborative Penetration Tester looking to work for a mission driven global organization?

About the role - This role supports the offensive security function within Elsevier's Security Engineering team. You will perform hands-on security testing and peer review activities, validate vulnerabilities and security controls, and support the automation of security assurance processes. This is a hands-on role for a motivated security professional eager to grow in a collaborative, fast-paced environment.

About the team - The Security Assurance team supports the third-party penetration testing program, security control validation, and ongoing offensive security testing activities.

Responsibilities

  • Tracking and triaging findings from third-party assessments, ensuring timely follow-up and remediation tracking.
  • Collaborating with development, platform, and product teams to communicate findings, track remediation efforts, and improve overall security posture.
  • Facilitating post-assessment reviews and lessons learned sessions with development teams to identify recurring security issues and promote secure development practices.
  • Maintaining program documentation, test records, and reporting artifacts.
  • Conducting penetration testing of web applications, APIs, cloud environments, and internal systems, escalating complex testing scenarios as needed.
  • Performing peer review of penetration testing deliverables, including test plans, findings, and final reports.
  • Participating in scoping exercises and contributing to the selection of appropriate testing methodologies.
  • Supporting security assessments of GenAI-powered applications and features, including LLM integrations, RAG pipelines, and AI agents.
  • Assisting in testing for AI-specific vulnerabilities such as prompt injection, jailbreaking, insecure output handling, model data leakage, and training data poisoning.
  • Contributing to the development of internal GenAI security testing checklists and methodologies, aligned with frameworks such as OWASP Top 10 for LLMs.

Requirements

  • Experience in information security, penetration testing, or a related field. Experience or coursework in software development, DevOps, or scripting is highly desirable.
  • At least one relevant security certification (e.g., Security+, eJPT, PNPT, CEH, or equivalent) preferred; advanced offensive security certifications such as OSCP are a plus.
  • Foundational understanding of web application architecture, networking, and operating system security.
  • Familiarity with common penetration testing tools (e.g., Burp Suite, Nmap, Metasploit, Nuclei, or equivalent).
  • Working knowledge of OWASP Top 10, common CVEs, and vulnerability scoring frameworks (CVSS).
  • Scripting ability in at least one language (Python, Bash, PowerShell, or similar); development experience is a strong plus.
  • Basic understanding of cloud environments (AWS, Azure, or GCP) and associated security considerations.
  • Exposure to SAST/DAST tools and secure code review practices is desirable.
  • Awareness of GenAI security risks (prompt injection, LLM abuse, insecure AI integrations)

Elsevier is a renowned global information analytics company that primarily focuses on providing scientific, technical, and medical (STM) research content, tools, and services. It is one of the largest publishers of academic journals and scholarly literature in the world.

Elsevier operates in various domains, including science, technology, medicine, social sciences, and more. They publish a vast number of peer-reviewed journals covering a wide range of disciplines. These journals act as platforms for researchers and academics to share their findings and contribute to the advancement of knowledge in their respective fields.

In addition to publishing, Elsevier offers a suite of digital solutions and services to support researchers, scientists, and professionals in their work. They provide online platforms like ScienceDirect, Scopus, and Mendeley, which offer access to a vast repository of scholarly articles, research papers, and other scientific content. These platforms often serve as essential resources for software developers seeking to stay updated with the latest scientific advancements.

U.S. National Base Pay Range: $71,600 - $119,400. Geographic differentials may apply in some locations to better reflect local market rates. If performed in Colorado, the base pay range is $71,600 - $119,400.If performed in New York, the base pay range is $78,700 - $131,400.If performed in New York City, the base pay range is $85,900 - $143,300.If performed in Rochester, NY, the base pay range is $71,600 - $119,400.If performed in New Jersey, the base pay range is $84,546 - $135,054. This job is eligible for an annual incentive bonus. Application deadline is 09/10/2026.

We know your well-being and happiness are key to a long and successful career. We are delighted to offer country specific benefits. Click here to access benefits specific to your location.

We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Formor please contact 1-855-833-5120.

Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here.

Please read our Candidate Privacy Policy.

We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.

USA Job Seekers:

EEO Know Your Rights.