ZipRecruiter

Log In

1

Internship Web App Penetration Testing Jobs (NOW HIRING)

Unisity, LLC

$210K - $220K/yr

Perform web app pentests. * Perform vulnerability risk assessments. * Perform physical pentests and ... Must have experience with penetration testing tools. * Must have experience in web development and ...

Navstar, Inc.

Penetration Tester, Senior

Annapolis, MD · On-site

Perform web app pentests. * Perform vulnerability risk assessments. * Perform physical pentests and ... Must have experience with penetration testing tools. * Must have experience in web development and ...

Right Skale, Inc.

Senior Staff IT Developer

Perform web app penetration testing (manual/automated). * Evaluate SAST/DAST findings and manage issues in Jira. * Validate bug bounty vulnerabilities. * Translate business requirements into ...

kgs

Penetration Testing Lead

Atlantic City, NJ

GIAC Web Application Penetration Tester (GWAPT) * GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) * GIAC Assessing and Auditing Wireless Networks (GAWN) Blue Teaming Certifications:

next page

Showing results 1-20

All JobsWeb App Penetration Testing JobsInternship Web App Penetration Testing Jobs

Internship Web App Penetration Testing information

See salary details

$5

$12

$19

How much do internship web app penetration testing jobs pay per hour?

As of Jun 9, 2026, the average hourly pay for internship web app penetration testing in the United States is $12.53, according to ZipRecruiter salary data. Most workers in this role earn between $8.41 and $14.42 per hour, depending on experience, location, and employer.

What is an Internship Web App Penetration Tester?

An Internship Web App Penetration Tester is a student or entry-level professional who assists in assessing the security of web applications by simulating cyberattacks. Their role involves identifying vulnerabilities, exploiting potential weaknesses, and documenting findings under the guidance of experienced security professionals. This hands-on experience helps interns learn about common web application threats, security tools, and best practices in cybersecurity. The position is often part of a learning program to prepare individuals for a career in penetration testing or information security.

What are the key skills and qualifications needed to thrive as an Internship Web App Penetration Tester, and why are they important?

To thrive as an Internship Web App Penetration Tester, you need a foundational understanding of web application architectures, common vulnerabilities (like those in OWASP Top 10), and basic programming or scripting knowledge. Familiarity with tools such as Burp Suite, OWASP ZAP, and basic command-line utilities, along with ongoing coursework or certifications like CompTIA Security+ or OSCP, is highly beneficial. Strong analytical thinking, attention to detail, and effective written communication make candidates stand out in this field. These skills ensure interns can identify, document, and help remediate security weaknesses, contributing to safer web applications.

What types of tasks and projects can I expect to work on during an Internship in Web App Penetration Testing?

As an intern in Web App Penetration Testing, you'll typically assist with vulnerability assessments, security testing of web applications, and documentation of your findings. You'll likely use tools such as Burp Suite, OWASP ZAP, and manual testing methods to identify common vulnerabilities like SQL injection and cross-site scripting. Interns often work closely with experienced penetration testers and developers, learning how to communicate security risks and collaborating on solutions. This hands-on experience provides valuable insight into secure coding practices and real-world remediation processes.
More about Internship Web App Penetration Testing jobs
What cities are hiring for Internship Web App Penetration Testing jobs? Cities with the most Internship Web App Penetration Testing job openings:
What are the most commonly searched types of Web App Penetration Testing jobs? The most popular types of Web App Penetration Testing jobs are:
What states have the most Internship Web App Penetration Testing jobs? States with the most job openings for Internship Web App Penetration Testing jobs include:
What job categories do people searching Internship Web App Penetration Testing jobs look for? The top searched job categories for Internship Web App Penetration Testing jobs are:
Internship Web App Penetration Testing jobs near you
Infographic showing various Internship Web App Penetration Testing job openings in the United States as of May 2026, with employment types broken down into 3% Internship, 1% As Needed, 60% Full Time, 28% Part Time, 1% Temporary, and 7% Contract. Highlights an 87% Physical, 2% Hybrid, and 11% Remote job distribution, with an average salary of $26,055 per year, or $12.5 per hour.
ME00506-Penetration Tester

ME00506-Penetration Tester

Momentum Engineering, Inc.

Annapolis, MD • On-site

$160K - $195K/yr

Full-time

Medical, Dental, Vision, Life, PTO

Posted 28 days ago

Job description

Momentum Engineering, Inc., a Woman-Owned Small Business (WOSB), fosters an employee-centric culture. Our strength lies in our people. With a high percentage of employees holding advanced degrees in engineering, computer science, and related disciplines, we bring deep technical expertise to every mission. Our team includes professionals with security clearances and full-scope polygraphs, ensuring trusted, secure support for the most sensitive national security initiatives. Additionally, our workforce is equipped with industry-leading certifications, demonstrating a commitment to continuous learning and excellence. Most importantly, our exceptional employee retention rate reflects a culture of professional growth, mission focus, and dedication-ensuring long-term stability and expertise for our customers' critical needs.
Job Summary
  • Seeking a Penetration Tester to join a high performing agile team using the Scaled Agile Framework (SAFe) methodology on a large, complex program that provides system engineering, development, test, integration and operational support
  • The candidate will work on a team of cyber Subject Matter Experts (SMEs) who are providing support to a large, complex technical program for preventing, identifying, containing and eradicating cyber threats to networks through monitoring, intrusion detection, and protective security services on information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connections, public facing websites, security devices, servers and workstations
  • The candidate will be responsible for the overall security of Enterprise-wide information systems, and will collect, investigate, and report any suspected and confirmed security violations

Primary Responsibilities
  • Perform internal and external pentests against systems to determine vulnerabilities and develop mitigation strategies
  • Perform web app pentests
  • Perform vulnerability risk assessments
  • Perform physical pentests and social engineering analysis
  • Perform cyber incident response as needed
  • Evaluate the impact of new development on the operational security posture of IT systems
  • Evaluate, review, and test critical software
  • Formulate security compliance requirements for new system features
  • Identify and remediate security issues throughout the system
  • Audit and assess system security configuration settings using common methodologies and tools.
  • Work with development teams to enrich team-wide understanding of different types of vulnerabilities, attack vectors, and remediation approaches
  • Work closely with System Engineering, Test Engineering, and Integration teams to ensure hardware and software architecture and implementations meet strict security requirements
  • Propose, assess, coordinate, implement, and enforce information systems security policies, standards, and methodologies
  • Serve as a Subject Matter Expert in security architecture, to include providing advice to Program Managers, Customer technical experts, and internal program teams

Required Qualifications
  • Must have active Top Secret/SCI clearance with MD Full Scope Polygraph
  • Must have experience with penetration testing tools
  • Must have experience in web development and programming languages such as Java, XML, Perl and HTML
  • Must have experience with programming/scripting in Python, Powershell, C, JavaScript, etc
  • Must have extensive experience performing IT security risk assessments
  • Must have experience performing web app and physical pentests
  • Must have experience with or strong familiarity of the following Web Application tools; Burp Suite, Web Inspect, Appdetective
  • Must have experience with or strong familiarity of Kali
  • Must have experience with or strong familiarity of IPS/IDS solutions
  • Must have a strong understanding of the Cyber Kill Chain methodology
  • Must have experience applying Risk Management Framework
  • Must have experience with secure configurations of commonly used desktop and server operating systems
  • Must have the ability to effectively collaborate with technical staff and customers to form mitigation strategies and plan for continuous modernization and legacy integration
  • Must have experience managing multiple projects simultaneously and quickly and effectively adjusting to shifting priorities in resolving issues

Desired Qualifications
  • Bachelor's degree in a technical/information assurance field and at least 12 years of relevant experience
  • Certifications in one or more of the following areas strongly preferred:
    • GIAC Web Applications Penetration Tester (GWAPT)
    • GIAC Penetration Tester (GPEN)
    • Certified Ethical Hacker (CEH)
    • Certified Information Security Manager (CISM)
    • Certified Web Application Defender (GWEB)
    • Certified Information System Security Professional (CISSP)
  • Extensive experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response
  • Extensive experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass development, design, and implementation

Exempt hourly position. 11 paid holidays, minimum of 3 weeks PTO, company sponsored group medical plan, company paid dental, vision, life insurance, and STD/LTD plans. Salary is dependent upon the candidate's experience and qualifications.
The pay range for this role is:
160,000 - 195,000 USD per year (AJ6)

Apply