Penetration Testing Lead
Warrenton, VA · On-site
Act as an ethical attacker (red team) to simulate cyber intrusions, or as defensive cybersecurity personnel (blue team) to strengthen system resilience. * Develop penetration testing Rules of ...
Penetration Testing Lead
Warrenton, VA · On-site
Act as an ethical attacker (red team) to simulate cyber intrusions, or as defensive cybersecurity personnel (blue team) to strengthen system resilience. * Develop penetration testing Rules of ...
Act as an ethical attacker (red team) to simulate cyber intrusions, or as defensive cybersecurity personnel (blue team) to strengthen system resilience. * Develop penetration testing Rules of ...
Act as an ethical attacker (red team) to simulate cyber intrusions, or as defensive cybersecurity personnel (blue team) to strengthen system resilience. * Develop penetration testing Rules of ...
Act as an ethical attacker (red team) to simulate cyber intrusions, or as defensive cybersecurity personnel (blue team) to strengthen system resilience. * Develop penetration testing Rules of ...
Act as an ethical attacker (red team) to simulate cyber intrusions, or as defensive cybersecurity personnel (blue team) to strengthen system resilience. * Develop penetration testing Rules of ...
CyberLinx Solutions, LLC is seeking a Penetration Tester / Ethical Hacker to simulate real-world ... Conduct penetration testing across web applications, networks, APIs, and cloud environments
CyberLinx Solutions, LLC is seeking a Penetration Tester / Ethical Hacker to simulate real-world ... Conduct penetration testing across web applications, networks, APIs, and cloud environments
CyberLinx Solutions, LLC is seeking a Penetration Tester / Ethical Hacker to proactively identify ... Perform manual and automated testing to identify exploitable vulnerabilities. * Simulate real-world ...
CyberLinx Solutions, LLC is seeking a Penetration Tester / Ethical Hacker to proactively identify ... Perform manual and automated testing to identify exploitable vulnerabilities. * Simulate real-world ...
Conduct penetration testing across web applications, networks, APIs, and cloud environments Perform vulnerability assessments and controlled exploitation Simulate adversary tactics aligned with real ...
Conduct penetration testing across web applications, networks, APIs, and cloud environments Perform vulnerability assessments and controlled exploitation Simulate adversary tactics aligned with real ...
CyberLinx Solutions, LLC is seeking a Penetration Tester / Ethical Hacker to proactively identify ... Perform manual and automated testing to identify exploitable vulnerabilities Simulate real-world ...
CyberLinx Solutions, LLC is seeking a Penetration Tester / Ethical Hacker to proactively identify ... Perform manual and automated testing to identify exploitable vulnerabilities Simulate real-world ...
Penetration Testing Lead
Leesburg, VA · On-site
... as an ethical attacker (red team) to simulate cyber intrusions, or as defensive cybersecurity personnel (blue team) to strengthen system resilience. • Develop penetration testing Rules of ...
Penetration Testing Lead
Leesburg, VA · On-site
... as an ethical attacker (red team) to simulate cyber intrusions, or as defensive cybersecurity personnel (blue team) to strengthen system resilience. • Develop penetration testing Rules of ...
Avint is hiring a Penetration Tester (Ethical Hacker / Red Team Operator) to support and protect ... In this role, you'll conduct offensive security testing, identify vulnerabilities, and provide ...
Avint is hiring a Penetration Tester (Ethical Hacker / Red Team Operator) to support and protect ... In this role, you'll conduct offensive security testing, identify vulnerabilities, and provide ...
Penetration Tester
Alexandria, VA · On-site
Responsibilities : • Supports execution of authorized penetration testing activities against ... ethical hacking standards, testing methodologies, and reporting procedures to ensure compliant and ...
Penetration Tester
Alexandria, VA · On-site
Responsibilities : • Supports execution of authorized penetration testing activities against ... ethical hacking standards, testing methodologies, and reporting procedures to ensure compliant and ...
Penetration Tester - Lead
Washington, DC · On-site
Lead enterprise penetration testing and vulnerability assessment activities supporting SBA ECS ... Certified Ethical Hacker (CEH) * Certified Information Systems Security Professional (CISSP)
Quick apply
Penetration Tester - Lead
Washington, DC · On-site
Lead enterprise penetration testing and vulnerability assessment activities supporting SBA ECS ... Certified Ethical Hacker (CEH) * Certified Information Systems Security Professional (CISSP)
Senior Penetration Tester
$90K - $150K/yr
Possess a certification in penetration testing, such as: * Licensed Penetration Tester (LPT) * Certified Expert Penetration Tester (CEPT) * Certified Ethical Hacker (CEH) * Global Information ...
Senior Penetration Tester
$90K - $150K/yr
Possess a certification in penetration testing, such as: * Licensed Penetration Tester (LPT) * Certified Expert Penetration Tester (CEPT) * Certified Ethical Hacker (CEH) * Global Information ...
Penetration Tester
$65 - $70/hr
Minimum of 6 years of Development/Security experience Experience in Penetration Testing/Ethical Hacking with a focus on Java application security. Strong knowledge of Java programming and its ...
Penetration Tester
$65 - $70/hr
Minimum of 6 years of Development/Security experience Experience in Penetration Testing/Ethical Hacking with a focus on Java application security. Strong knowledge of Java programming and its ...
Penetration Tester
Hoboken, NY · Remote
Key Responsibilities: * Perform penetration testing and vulnerability assessments on web ... Conduct security assessments using ethical hacking methodologies and industry best practices
New
Penetration Tester
Hoboken, NY · Remote
Key Responsibilities: * Perform penetration testing and vulnerability assessments on web ... Conduct security assessments using ethical hacking methodologies and industry best practices
New
Penetration Tester - Lead
Washington, DC · On-site
Lead enterprise penetration testing and vulnerability assessment activities supporting SBA ECS ... Certified Ethical Hacker (CEH) * Certified Information Systems Security Professional (CISSP)
Penetration Tester - Lead
Washington, DC · On-site
Lead enterprise penetration testing and vulnerability assessment activities supporting SBA ECS ... Certified Ethical Hacker (CEH) * Certified Information Systems Security Professional (CISSP)
Be Seen First
Penetration Tester
Knoxville, TN · On-site
Zelvin Security is seeking a Penetration Tester to perform Ethical Hacking engagements against modern applications, networks, and cloud environments. This role requires strong technical expertise and ...
Quick apply
Be Seen First
Penetration Tester
Knoxville, TN · On-site
Zelvin Security is seeking a Penetration Tester to perform Ethical Hacking engagements against modern applications, networks, and cloud environments. This role requires strong technical expertise and ...
Be Seen First
Penetration Tester
Knoxville, TN · On-site
Zelvin Security is seeking a Penetration Tester to perform Ethical Hacking engagements against modern applications, networks, and cloud environments. This role requires strong technical expertise and ...
Quick apply
Be Seen First
Penetration Tester
Knoxville, TN · On-site
Zelvin Security is seeking a Penetration Tester to perform Ethical Hacking engagements against modern applications, networks, and cloud environments. This role requires strong technical expertise and ...
Senior Penetration Tester
$90K - $150K/yr
Possess a certification in penetration testing, such as: * Licensed Penetration Tester (LPT) * Certified Expert Penetration Tester (CEPT) * Certified Ethical Hacker (CEH) * Global Information ...
Senior Penetration Tester
$90K - $150K/yr
Possess a certification in penetration testing, such as: * Licensed Penetration Tester (LPT) * Certified Expert Penetration Tester (CEPT) * Certified Ethical Hacker (CEH) * Global Information ...
Penetration Tester
Alexandria, VA · On-site
... ethical hacking standards, testing methodologies, and reporting procedures to ensure compliant and ... working toward penetration testing and offensive security certifications appropriate for DoD ...
Penetration Tester
Alexandria, VA · On-site
... ethical hacking standards, testing methodologies, and reporting procedures to ensure compliant and ... working toward penetration testing and offensive security certifications appropriate for DoD ...
Holds or is working toward penetration testing and offensive security certifications appropriate ... Follows established ethical hacking standards, testing methodologies, and reporting procedures to ...
Holds or is working toward penetration testing and offensive security certifications appropriate ... Follows established ethical hacking standards, testing methodologies, and reporting procedures to ...
Ethical Penetration Testing information
See salary details
$22.5K - $35.8K
0% of jobs
$35.8K - $49K
0% of jobs
$49K - $62.3K
2% of jobs
$62.3K - $75.6K
3% of jobs
$75.6K - $88.9K
1% of jobs
$101.1K is the 25th percentile. Wages below this are outliers.
$88.9K - $102.1K
20% of jobs
$102.1K - $115.4K
14% of jobs
The median wage is $120.4K / yr.
$115.4K - $128.7K
26% of jobs
$138.1K is the 75th percentile. Wages above this are outliers.
$128.7K - $142K
13% of jobs
$142K - $155.2K
13% of jobs
$155.2K - $168.5K
9% of jobs
$22.5K
$119.9K
$168.5K
How much do ethical penetration testing jobs pay per year?
As of May 29, 2026, the average yearly pay for ethical penetration testing in the United States is $119,895.00, according to ZipRecruiter salary data. Most workers in this role earn between $96,000.00 and $141,000.00 per year, depending on experience, location, and employer.
What are the key skills and qualifications needed to thrive as an Ethical Penetration Tester, and why are they important?
To thrive as an Ethical Penetration Tester, you need strong knowledge of network security, operating systems, and common vulnerabilities, typically backed by a degree in computer science or cybersecurity and relevant certifications like CEH or OSCP. Familiarity with tools such as Metasploit, Burp Suite, and Nmap is essential for simulating and assessing security threats. Critical thinking, problem-solving, and effective communication are key soft skills for identifying risks and clearly reporting findings to technical and non-technical stakeholders. These competencies ensure that security assessments are thorough, actionable, and help organizations strengthen their defenses against real-world cyber threats.
What are some common challenges faced by ethical penetration testers during client engagements?
Ethical penetration testers often encounter challenges such as limited timeframes to conduct thorough assessments, incomplete or ambiguous scope definitions from clients, and the need to balance effective testing with minimal disruption to live systems. Communication is key—testers must clearly report findings and collaborate with IT teams to remediate vulnerabilities. Additionally, staying current with emerging threats and tools is essential to deliver valuable insights and maintain industry standards.
What is ethical penetration testing?
Ethical penetration testing, also known as ethical hacking, is the practice of simulating cyberattacks on a computer system, network, or application with the permission of its owner. The goal is to identify security vulnerabilities before malicious hackers can exploit them. Ethical penetration testers use the same tools and techniques as cybercriminals but report findings so they can be fixed, helping organizations strengthen their security. This process is a critical part of a comprehensive cybersecurity program and helps ensure compliance with industry regulations.
What is the difference between Ethical Penetration Testing vs Vulnerability Analyst?
| Aspect | Ethical Penetration Testing | Vulnerability Analyst |
|---|---|---|
| Certifications | OSCP, CEH, GPEN | CompTIA Security+, CISSP, CEH |
| Work Environment | Simulated attacks on systems to identify security gaps | Analyzing vulnerabilities and assessing risk levels |
| Industry Usage | Security firms, IT departments, consulting | Security teams, risk management, compliance |
Ethical Penetration Testers actively simulate cyberattacks to find exploitable weaknesses, while Vulnerability Analysts focus on identifying and prioritizing security flaws through assessments. Both roles require similar certifications and often work within the same industry sectors, but their core activities differ: testing versus analysis.
More about Ethical Penetration Testing jobs
What cities are hiring for Ethical Penetration Testing jobs? Cities with the most Ethical Penetration Testing job openings:
What states have the most Ethical Penetration Testing jobs? States with the most job openings for Ethical Penetration Testing jobs include:
What job categories do people searching Ethical Penetration Testing jobs look for? The top searched job categories for Ethical Penetration Testing jobs are:
- Overnight Cybersecurity Penetration Tester
- Web Penetration Testing
- On Call Cybersecurity Penetration Tester
- Home Based Penetration Tester Red Team
- Internship Penetration Tester Ethical Hacker
- Overnight International Penetration Tester
- Penetration Tester Ethical Hacker
- Temporary Cybersecurity Penetration Tester
- Security Penetration Testing
- Senior International Penetration Tester
Full-time
Medical, Dental, Vision, Retirement, PTO
Posted 7 days ago
Job description
Koniag IT Systems, LLC, a Koniag Government Services company, is seeking a Penetration Testing Lead to support KITS and our government customer in Washington, DC. This position is for a Future New Business Opportunity.
The customer may need support as needed at other locations: Warrenton, VA, Atlantic City, NJ, Melbourne, FL, Oklahoma, OK and Leesburg, VA.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
We are seeking an experienced Penetration Testing Lead to conduct advanced penetration testing activities, simulate cyberattacks, and evaluate the security posture of systems, networks, and applications. The Penetration Testing Lead will analyze vulnerabilities, identify gaps in IT security policies and configurations, and deliver actionable recommendations to reduce organizational cyber risk. This role requires a highly technical leader with demonstrated experience in offensive and defensive cybersecurity operations and penetration testing methodologies.
Essential Functions, Responsibilities & Duties may include, but are not limited to:
Required Qualifications:
Red Teaming Certifications:
Blue Teaming Certifications:
Preferred Qualifications:
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
The customer may need support as needed at other locations: Warrenton, VA, Atlantic City, NJ, Melbourne, FL, Oklahoma, OK and Leesburg, VA.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
We are seeking an experienced Penetration Testing Lead to conduct advanced penetration testing activities, simulate cyberattacks, and evaluate the security posture of systems, networks, and applications. The Penetration Testing Lead will analyze vulnerabilities, identify gaps in IT security policies and configurations, and deliver actionable recommendations to reduce organizational cyber risk. This role requires a highly technical leader with demonstrated experience in offensive and defensive cybersecurity operations and penetration testing methodologies.
Essential Functions, Responsibilities & Duties may include, but are not limited to:
- Perform penetration testing and vulnerability assessments of systems, networks, and applications.
- Provide detailed analysis of discovered vulnerabilities, gaps, and risks, including assessment of patching and mitigation strategies.
- Act as an ethical attacker (red team) to simulate cyber intrusions, or as defensive cybersecurity personnel (blue team) to strengthen system resilience.
- Develop penetration testing Rules of Engagement (ROE), test plans, and reports.
- Execute tests in alignment with specifications, requirements, and cybersecurity guidance.
- Provide technical expertise on penetration testing tools, cyber ranges, and simulation environments.
- Recommend remediation actions to lower overall risk exposure.
- Lead, supervise, and coordinate penetration testing teams and activities.
Required Qualifications:
- Bachelor's degree in Cyber Security, Computer Science, Information Technology, Engineering, Mathematics, or Physics from an accredited institution.
- Eight (8) years of experience performing penetration testing or related responsibilities described in this position.
- At least two (2) years of relevant experience must be recent (performed within the last three years).
- Five (5) years of management and supervisory experience within the required experience timeframe
- Two (2) of those five (5) years must have been in a lead role.
- At least one (1) of the following Red Teaming or Blue Teaming certifications:
Red Teaming Certifications:
- Offensive Security Certified Professional (OSCP)
- Offensive Security Certified Expert (OSCE)
- Offensive Security Wireless Professional (OSWP)
- Offensive Security Web Expert (OSWE)
- Certified Ethical Hacker (CEH)
- EC Council Certified Security Analyst (ECSA)
- CEH Practical
- ECSA Practical
- Licensed Penetration Tester (LPT) Master
- GIAC Certified Incident Handler (GCIH)
- GIAC Penetration Tester (GPEN)
- GIAC Web Application Penetration Tester (GWAPT)
- GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
- GIAC Assessing and Auditing Wireless Networks (GAWN)
Blue Teaming Certifications:
- Certified Network Defender (CND)
- Certified Network Defense Architect (CNDA)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Defending Advanced Threats (GDAT)
- GIAC Defensible Security Architecture (GDSA)
- GIAC Certified Enterprise Defender (GCED)
- GIAC Certified Forensic Analyst (GCFA)
Preferred Qualifications:
- Experience supporting federal agencies or regulated cybersecurity environments.
- Knowledge of NIST security controls, RMF, cyber ranges, and penetration testing methodologies.
- Strong communication, reporting, and documentation skills.
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
About Koniag
Sourced by ZipRecruiter
Industry
Investment management and consulting services
Company size
501 - 1,000 Employees
Headquarters location
Kodiak, AK, US
Year founded
1972