ZipRecruiter

Log In

1

Gxpn Jobs (NOW HIRING)

JPMorgan Chase & Co.

Senior Penetration Tester

Tampa, FL · On-site

$152K - $260K/yr

GXPN, GWAPT, GPEN, GMOB, or BSCP #CTC About Us JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of ...

JPMorganChase

Senior Penetration Tester

Manhattan, NY · On-site

$152K - $260K/yr

GXPN, GWAPT, GPEN, GMOB, or BSCP #CTC ABOUT US Chase is a leading financial services firm, helping nearly half of America's households and small businesses achieve their financial goals through a ...

JPMorganChase

Senior Penetration Tester

Tampa, FL

$152K - $260K/yr

GXPN, GWAPT, GPEN, GMOB, or BSCP #CTC ABOUT US JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of ...

M9 Solutions

Penetration Tester II

Washington, DC · On-site

$60K - $180K/yr

Must have at least a GPEN or GXPN certification in addition to one of the following certifications: GRTP, CRTL, OSCP, CRTP, CMWAPT, CEPT, CPT, LPT. * Must have or be able to obtain CISA AES HVA ...

Onyx Point, Inc.

Reverse Engineer 2

Hanover, MD · On-site

$78K - $250K/yr

Exploit Research and Advanced Penetration Tester (GXPN) * Compensation: We are committed to providing fair and competitive compensation. The salary range for this position is $78,000 to $250,000 per ...

Onyx Point, Inc.

Reverse Engineer 2

Hanover, MD · On-site +1

$78K - $250K/yr

ExploitResearch and Advanced Penetration Tester (GXPN) * Compensation: We are committed to providing fair and competitive compensation. The salary range for this position is $78,000 to $250,000 per ...

SOSi

Penetration Tester III

Washington, DC · On-site

GPEN or GXPN * CISA AES HVA Lead or Technical Lead , or ability to obtain * Plus one of the following: * GRTP * CRTL * OSCP * CRTP * CMWAPT * CEPT * CPT * LPT * Clearance/Suitability : Secret (active ...

M9 Solutions

Penetration Tester III

Washington, DC · On-site

$60K - $180K/yr

Must have at least a GPEN or GXPN certification in addition to one of the following certifications: GRTP, CRTL, OSCP, CRTP, CMWAPT, CEPT, CPT, LPT. * Must have or be able to obtain CISA AES HVA ...

SOSi

Penetration Tester III

Washington, DC · On-site

GPEN or GXPN * CISA AES HVA Lead or Technical Lead , or ability to obtain * Plus one of the following: * GRTP * CRTL * OSCP * CRTP * CMWAPT * CEPT * CPT * LPT * Clearance/Suitability : Secret (active ...

SOSi

Penetration Tester III

Washington, DC

GPEN or GXPN * CISA AES HVA Lead or Technical Lead , or ability to obtain * Plus one of the following: * GRTP * CRTL * OSCP * CRTP * CMWAPT * CEPT * CPT * LPT * Clearance/Suitability : Secret (active ...

Marathon TS

Penetration Tester

Manassas Park, VA · On-site

OSCP, GPEN or GXPN certification preferred. * Perform other official duties as assigned. Qualifications * Demonstrated experience and advanced knowledge of security systems analysis, testing, and ...

next page

Showing results 1-20

All JobsGxpn Jobs

Gxpn information

See salary details

$22.5K

$119.9K

$168.5K

How much do gxpn jobs pay per year?

As of Jun 27, 2026, the average yearly pay for gxpn in the United States is $119,895.00, according to ZipRecruiter salary data. Most workers in this role earn between $96,000.00 and $141,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive in the Gxpn position, and why are they important?

To thrive as a GXPN (GIAC Exploit Researcher and Advanced Penetration Tester), you need a deep understanding of advanced penetration testing, exploit development, and system security, usually demonstrated by holding the GXPN certification. Key technical tools include penetration testing frameworks like Metasploit, debuggers such as Immunity Debugger, and scripting languages like Python and PowerShell. Exceptional analytical thinking, problem-solving skills, and clear communication are vital soft skills for success in this role. These skills ensure thorough security assessments, effective reporting, and enhancement of an organization's security posture.

What is a Gxpn job?

A Gxpn job typically refers to a cybersecurity role related to the GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) certification. Professionals in this field specialize in advanced penetration testing, exploit development, and security assessments of networks and applications. They identify vulnerabilities, develop exploits, and test security defenses to help organizations strengthen their cybersecurity posture.

What types of projects and assessments are most commonly performed by professionals holding the GXPN certification?

GXPN-certified professionals typically engage in advanced penetration testing assignments, including network and application exploitation, red teaming exercises, and simulated attacks to identify security vulnerabilities. Their work may involve researching zero-day vulnerabilities, developing custom exploits, and conducting thorough security assessments across a variety of operating systems and environments. Collaboration with internal security teams and ongoing documentation of findings is a daily part of the role. GXPN professionals may also present technical recommendations and remediation guidance to stakeholders, helping organizations understand and address potential risks.

More about Gxpn jobs
What cities are hiring for Gxpn jobs? Cities with the most Gxpn job openings:
What states have the most Gxpn jobs? States with the most job openings for Gxpn jobs include:
What job categories do people searching Gxpn jobs look for? The top searched job categories for Gxpn jobs are:
Gxpn jobs near you
Senior Penetration Tester

Senior Penetration Tester

JPMorgan Chase & Co.

Tampa, FL • On-site

$152K - $260K/yr

Full-time

Medical, Retirement

Posted 19 days ago

JPMorgan Chase & Co. rating

8.1

Company rating: 8.1 out of 10

Based on 470 frontline employees who took The Breakroom Quiz

46th of 142 rated banks

Job description


This position is also open in the following locations: New York, NY / Atlanta, FL / Plano, TX / Columbus, OH / McLean, VA / Wilmington, DE / Jersey City, NJ / Chicago, IL / Brooklyn, NY / Houston, TX
Drive the security of critical banking applications and platforms through hands-on offensive testing.
As an Assessments & Exercises Vice President in the Cybersecurity and Technology Controls organization, you will play a key role in safeguarding the firm's most vital assets. Your primary responsibility will be to plan, execute, and report on penetration tests targeting high-impact applications, platforms, and services. Leveraging industry-standard methodologies and advanced techniques, you will proactively identify vulnerabilities, collaborate with application owners to understand root causes, and guide effective remediation to strengthen the firm's security posture.
We are seeking candidates with a passion for offensive security, deep technical expertise in penetration testing, and a commitment to continuous learning and excellence.
Job responsibilities
  • Plan, scope, and execute penetration testing engagements across a variety of environments, including web applications, APIs, cloud platforms, infrastructure, thick-client, and/or mobile applications.
  • Collect and validate pre-requisites for each engagement, ensuring all necessary access, documentation, and approvals are in place.
  • Perform manual and automated testing to identify vulnerabilities, misconfigurations, and security weaknesses, leveraging industry-standard tools and custom scripts.
  • Document and communicate findings through comprehensive reports that include technical details, risk assessments, and actionable remediation recommendations.
  • Conduct peer reviews of penetration test reports to ensure accuracy, consistency, and quality of deliverables.
  • Collaborate with development, infrastructure, and security teams to clarify findings, support remediation efforts, and provide subject matter expertise on offensive security.
  • Stay current with emerging threats, vulnerabilities, and attack techniques by leveraging threat intelligence, security research, and participation in relevant industry groups.
  • Contribute to the continuous improvement of penetration testing methodologies, tools, and frameworks to enhance effectiveness and alignment with firm strategy and regulatory requirements.

Required qualifications, capabilities, and skills
  • 5+ years of hands-on penetration testing experience in offensive security, with a proven track record of scoping, executing, and reporting on complex engagements.
  • Expertise in manual penetration testing of web, API, cloud (AWS/Azure/GCP), infrastructure, thick-client, and/or mobile applications (android/iOS), including the use of industry-standard tools (e.g., Burp Suite, Nmap, Metasploit, etc.).
  • Strong understanding of security assessment methodologies such as OWASP Top Ten, NIST Cybersecurity Framework, and other relevant standards.
  • Ability to identify and articulate systemic security issues related to threats, vulnerabilities, and risks, and provide clear, actionable recommendations for remediation.
  • Exceptional organizational and communication skills, including the ability to write detailed technical reports and present findings to both technical and non-technical stakeholders.
  • Experience conducting peer reviews of penetration test reports and mentoring junior testers.
  • Continuous learner who keeps up with the latest offensive security trends, tools, and techniques.

Preferred qualifications, capabilities, and skills
  • Knowledge of cybersecurity practices, operational risk management, and incident response methodologies within the US financial services sector, including relevant regulations, threats, and risks.
  • Proficiency in penetration testing and security concepts for both Windows and Unix-like operating systems.
  • Experience conducting security-focused source code reviews (e.g., Python, Java, Rust).
  • Experience in reverse engineering thick-client and mobile applications to identify vulnerabilities.
  • Relevant certifications such as OSWE, CREST (CRT, CCT), OSCP, OSCE, GXPN, GWAPT, GPEN, GMOB, or BSCP. GXPN, GWAPT, GPEN, GMOB, or BSCP

#CTC
About Us
JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an accommodation.
JPMorgan Chase & Co. is an Equal Opportunity Employer, including Disability/Veterans
About the Team
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of our company, ensuring that we're setting our businesses, clients, customers and employees up for success.

What JPMorgan Chase & Co. employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom

Apply