Penetration Tester
Reston, VA · On-site
Experience with security assessment tools, such as Nessus, Metasploit, Burp Suite Pro, Cobalt Strike, or Empire * Understanding of common cryptography techniques * Experience reviewing source code ...
Penetration Tester
Reston, VA · On-site
Experience with security assessment tools, such as Nessus, Metasploit, Burp Suite Pro, Cobalt Strike, or Empire * Understanding of common cryptography techniques * Experience reviewing source code ...
Expert Penetration Tester
Austin, TX · On-site
NMap, Nessus, Metasploit, BurpSuite, Nikto, Tcpdump. Required certification: OSCP or higher Offensive Security Qualification * AI Skills: Ability to work with LLMs, Agentic, Tools, MCP ...
Expert Penetration Tester
Austin, TX · On-site
NMap, Nessus, Metasploit, BurpSuite, Nikto, Tcpdump. Required certification: OSCP or higher Offensive Security Qualification * AI Skills: Ability to work with LLMs, Agentic, Tools, MCP ...
QA Tester - Washington, DC
Washington, DC · On-site
CheckMarx, Client WebInspect, Nmap, Metasploit and Nessus Security Center Experience with strong vulnerability management (OS, web application and mobile app testing) Note: If interested please send ...
QA Tester - Washington, DC
Washington, DC · On-site
CheckMarx, Client WebInspect, Nmap, Metasploit and Nessus Security Center Experience with strong vulnerability management (OS, web application and mobile app testing) Note: If interested please send ...
Cisco Network Engineer
Washington, DC · On-site
... Metasploit Proven ability to clearly document and communicate security findings, risk description, risk level, and recommended solutions to stakeholders Hands on experience with Network Access ...
Cisco Network Engineer
Washington, DC · On-site
... Metasploit Proven ability to clearly document and communicate security findings, risk description, risk level, and recommended solutions to stakeholders Hands on experience with Network Access ...
Expert Penetration Tester
Dallas, TX · On-site
NMap, Nessus, Metasploit, BurpSuite, Nikto, Tcpdump. Required certification: OSCP or higher Offensive Security Qualification * AI Skills: Ability to work with LLMs, Agentic, Tools, MCP ...
Expert Penetration Tester
Dallas, TX · On-site
NMap, Nessus, Metasploit, BurpSuite, Nikto, Tcpdump. Required certification: OSCP or higher Offensive Security Qualification * AI Skills: Ability to work with LLMs, Agentic, Tools, MCP ...
Maintain and configure penetration testing tools (e.g., Nmap, Burp Suite, Metasploit) * Stay up to date with emerging threats, vulnerabilities, and offensive security techniques Qualifications
Maintain and configure penetration testing tools (e.g., Nmap, Burp Suite, Metasploit) * Stay up to date with emerging threats, vulnerabilities, and offensive security techniques Qualifications
AI Penetration testing
Detroit, MI · On-site
... Burp Suite, Metasploit, or custom scripts required. 5+ years of offensive security expertise in AI environments, with deep knowledge of threats like prompt injection, data poisoning, evasion ...
AI Penetration testing
Detroit, MI · On-site
... Burp Suite, Metasploit, or custom scripts required. 5+ years of offensive security expertise in AI environments, with deep knowledge of threats like prompt injection, data poisoning, evasion ...
CNO Developer TS/SCI
$103K - $181K/yr
Metasploit) * Proficiency in programming languages such as C, Python, and Assembly * Strong understanding of low-level systems, software design, and security practices * Experience with debuggers ...
CNO Developer TS/SCI
$103K - $181K/yr
Metasploit) * Proficiency in programming languages such as C, Python, and Assembly * Strong understanding of low-level systems, software design, and security practices * Experience with debuggers ...
QA Tester - Washington, DC
Washington, DC · On-site
CheckMarx, Client WebInspect, Nmap, Metasploit and Nessus Security Center • Experience with strong vulnerability management (OS, web application and mobile app testing) Note: If interested please ...
QA Tester - Washington, DC
Washington, DC · On-site
CheckMarx, Client WebInspect, Nmap, Metasploit and Nessus Security Center • Experience with strong vulnerability management (OS, web application and mobile app testing) Note: If interested please ...
Blue Team Operator
Washington, DC · On-site
$127K - $138K/yr
... Metasploit Core Impact, etc. * Must be willing to travel up to 50% of time.
Blue Team Operator
Washington, DC · On-site
$127K - $138K/yr
... Metasploit Core Impact, etc. * Must be willing to travel up to 50% of time.
Use and extend common pentest frameworks and tools (Kali, Metasploit, Nmap, Cobalt Strike) and integrate custom scripts and modules. * Evaluate and document attack paths, IM/SSO/MFA bypass scenarios ...
Use and extend common pentest frameworks and tools (Kali, Metasploit, Nmap, Cobalt Strike) and integrate custom scripts and modules. * Evaluate and document attack paths, IM/SSO/MFA bypass scenarios ...
Hands-on experience with tools such as Kali Linux, Metasploit, Burp Suite Pro, Cobalt Strike, Nmap, Nessus, BloodHound, Impacket, and other offensive security platforms used for enumeration ...
Hands-on experience with tools such as Kali Linux, Metasploit, Burp Suite Pro, Cobalt Strike, Nmap, Nessus, BloodHound, Impacket, and other offensive security platforms used for enumeration ...
CNO Developer TS/SCI with Security Clearance
Annapolis Junction, MD · On-site
$103K - $181K/yr
Metasploit) * Proficiency in programming languages such as C, Python, and Assembly * Strong understanding of low-level systems, software design, and security practices * Experience with debuggers ...
CNO Developer TS/SCI with Security Clearance
Annapolis Junction, MD · On-site
$103K - $181K/yr
Metasploit) * Proficiency in programming languages such as C, Python, and Assembly * Strong understanding of low-level systems, software design, and security practices * Experience with debuggers ...
QA Tester - Washington, DC
Washington, DC · On-site
CheckMarx, Client WebInspect, Nmap, Metasploit and Nessus Security Center • Experience with strong vulnerability management (OS, web application and mobile app testing) Note: If interested please ...
QA Tester - Washington, DC
Washington, DC · On-site
CheckMarx, Client WebInspect, Nmap, Metasploit and Nessus Security Center • Experience with strong vulnerability management (OS, web application and mobile app testing) Note: If interested please ...
CNO Developer TS/SCI
Annapolis, MD · On-site
$103K - $181K/yr
Metasploit) * Proficiency in programming languages such as C, Python, and Assembly * Strong understanding of low-level systems, software design, and security practices * Experience with debuggers ...
CNO Developer TS/SCI
Annapolis, MD · On-site
$103K - $181K/yr
Metasploit) * Proficiency in programming languages such as C, Python, and Assembly * Strong understanding of low-level systems, software design, and security practices * Experience with debuggers ...
CySA+, PenTest+, or SecurityX a plus Experience with SIEM, Metasploit, audit logging, vulnerability scanning/remediation, IAVM Experience with security documentation (SSPs, IRPs); CMMC Level 2 / NIST ...
CySA+, PenTest+, or SecurityX a plus Experience with SIEM, Metasploit, audit logging, vulnerability scanning/remediation, IAVM Experience with security documentation (SSPs, IRPs); CMMC Level 2 / NIST ...
Hands-on experience with tools such as Kali Linux, Metasploit, Burp Suite Pro, Cobalt Strike, Nmap, Nessus, BloodHound, Impacket, and other offensive security platforms used for enumeration ...
Hands-on experience with tools such as Kali Linux, Metasploit, Burp Suite Pro, Cobalt Strike, Nmap, Nessus, BloodHound, Impacket, and other offensive security platforms used for enumeration ...
Use and extend common pentest frameworks and tools (Kali, Metasploit, Nmap, Cobalt Strike) and integrate custom scripts and modules. * Evaluate and document attack paths, IM/SSO/MFA bypass scenarios ...
Use and extend common pentest frameworks and tools (Kali, Metasploit, Nmap, Cobalt Strike) and integrate custom scripts and modules. * Evaluate and document attack paths, IM/SSO/MFA bypass scenarios ...
Hands-on experience with tools such as Kali Linux, Metasploit, Burp Suite Pro, Cobalt Strike, Nmap, Nessus, BloodHound, Impacket, and other offensive security platforms used for enumeration ...
Hands-on experience with tools such as Kali Linux, Metasploit, Burp Suite Pro, Cobalt Strike, Nmap, Nessus, BloodHound, Impacket, and other offensive security platforms used for enumeration ...
JOOMLA DRUPAL MacOS openLDAP SAML (Shibboleth) Cisco Networking (DNS) Tomcat Palo Alto Firewalls Nessus Metasploit IPA Wireshark ASP.NET Python LAMP experience (Linux, Apache, MySQL, PHP). Subversion ...
JOOMLA DRUPAL MacOS openLDAP SAML (Shibboleth) Cisco Networking (DNS) Tomcat Palo Alto Firewalls Nessus Metasploit IPA Wireshark ASP.NET Python LAMP experience (Linux, Apache, MySQL, PHP). Subversion ...
Metasploit information
See salary details
$14.45 is the 25th percentile. Wages below this are outliers.
$12.98 - $15.52
43% of jobs
The median wage is $16.34 / hr.
$15.52 - $18.05
22% of jobs
$18.05 - $20.59
9% of jobs
$21.69 is the 75th percentile. Wages above this are outliers.
$20.59 - $23.12
4% of jobs
$23.12 - $25.66
6% of jobs
$25.66 - $28.19
5% of jobs
$28.19 - $30.73
1% of jobs
$30.73 - $33.26
3% of jobs
$33.26 - $35.80
4% of jobs
$35.80 - $38.33
1% of jobs
$38.33 - $40.87
1% of jobs
$12
$21
$40
How much do metasploit jobs pay per hour?
As of Jun 27, 2026, the average hourly pay for metasploit in the United States is $21.23, according to ZipRecruiter salary data. Most workers in this role earn between $14.66 and $25.00 per hour, depending on experience, location, and employer.
What does a typical day look like for someone using Metasploit in a cybersecurity role?
A typical day involves planning and conducting penetration tests, leveraging Metasploit to simulate real-world attack scenarios, and analyzing security vulnerabilities within networks or applications. Professionals document findings, create detailed reports, and collaborate closely with IT teams or clients to explain risks and recommend solutions. They may also spend time updating their knowledge of the latest exploits and security patches to ensure their assessments remain relevant. Teamwork and communication are key, as these roles often require coordination with other security professionals and stakeholders across the organization. This dynamic environment offers continuous opportunities to learn and advance in the ever-evolving field of cybersecurity.
What is Metasploit mainly used for?
Metasploit is a penetration testing framework used by cybersecurity professionals and ethical hackers to identify and exploit security vulnerabilities in computer systems and networks. It provides a collection of tools and exploits to simulate cyberattacks, helping organizations improve their security defenses. Knowledge of scripting and network protocols enhances its effective use in security assessments.
What is a Metasploit job?
A Metasploit job typically involves using the Metasploit Framework for penetration testing, security assessments, and vulnerability exploitation. Professionals in this role may work as ethical hackers, security consultants, or vulnerability analysts to identify and exploit weaknesses in networks, systems, and applications. They use Metasploit to simulate real-world attacks, test defenses, and help organizations improve their cybersecurity posture. Strong knowledge of cybersecurity principles, networking, and scripting is often required for this job.
Is Metasploit paid?
Metasploit is available in both free and paid versions. The free Community Edition provides basic features, while the commercial Pro version offers advanced tools and support for professional penetration testers and security analysts.
What are the key skills and qualifications needed to thrive in the Metasploit position, and why are they important?
To excel in roles focused on Metasploit, candidates should possess in-depth knowledge of penetration testing, vulnerability assessment, and network security. Experience with the Metasploit Framework, as well as relevant certifications like OSCP (Offensive Security Certified Professional) or CEH (Certified Ethical Hacker), are highly valued. Strong analytical thinking, problem-solving abilities, and effective written and verbal communication are crucial soft skills. Mastery of both technical and interpersonal competencies enables professionals to identify security weaknesses and clearly communicate remediation steps to both technical teams and non-technical stakeholders.
What jobs can I get with Pentest+?
Pentest+ certification prepares individuals for roles such as penetration tester, security analyst, vulnerability assessor, or cybersecurity consultant. These positions involve identifying security weaknesses, conducting penetration tests, and improving organizational security posture, often requiring knowledge of tools like Metasploit and network security principles.
Which company owns Metasploit?
Metasploit is owned by Rapid7, a cybersecurity company that acquired the Metasploit Framework in 2017. As a security professional using Metasploit, understanding its ownership helps in assessing support and updates for the tool.
More about Metasploit jobs
What cities are hiring for Metasploit jobs? Cities with the most Metasploit job openings:
What are the most commonly searched types of Metasploit jobs? The most popular types of Metasploit jobs are:
What states have the most Metasploit jobs? States with the most job openings for Metasploit jobs include:
What job categories do people searching Metasploit jobs look for? The top searched job categories for Metasploit jobs are:
Job description
Overview:
Job Title: Penetration Tester
Location: Reston, VA
Work Mode - Hybrid role, 2 days' Work from Office (Wednesday and Thursday)
Must have Skill Set - Red team pentester
Job Description:
Additional - Good to have certifications
Skills:
.NET , C# , JAVA
Job Title: Penetration Tester
Location: Reston, VA
Work Mode - Hybrid role, 2 days' Work from Office (Wednesday and Thursday)
Must have Skill Set - Red team pentester
Job Description:
- Network penetration testing and experience working with network infrastructure
- An understanding of network protocols and their use for command-and-control channels
- Experience carrying out social-engineering assessments
- Development/modification of exploits, shellcode and associated tooling.
- Experience with security assessment tools, such as Nessus, Metasploit, Burp Suite Pro, Cobalt Strike, or Empire
- Understanding of common cryptography techniques
- Experience reviewing source code for security flaws
- Experience conducting wireless security assessments
- Experience conducting web application security assessments
- Experience working with a range of operating systems, including the use of Bash and Powershell, scripts
- Understanding on applications and its architecture built on languages like C#, .NET, Go, Java, or similar
Additional - Good to have certifications
- Offensive Security Certified Professional (OSCP)
- Certified Red Team Professional (CRTP)
- GIAC Penetration Tester (GPEN)
- CREST Penetration Testing / CBEST Qualifications
Skills:
.NET , C# , JAVA
About Orison
Sourced by ZipRecruiter
Industry
Clean energy semiconductors manufacturing
Company size
11 - 50 Employees
Headquarters location
Cody, WY, US
Year founded
2013