1

Mid Penetration Tester Jobs (NOW HIRING)

Role Description Penetration Tester (Mid-Senior) Full-Time Remote (US) As a penetration tester on BreachLock's US Strategic delivery team, you'll execute manual, methodology-driven engagements across ...

Overview Avionics Penetration Tester - Mid-Level - TGEE LOCATION: Edwards AFB, CA Salary Range: Estimated $120,000.00 USD - $140,000.00 USD annually JOB STATUS: Full-time CLEARANCE: Secret ...

Apply Early

next page

Showing results 1-20

Mid Penetration Tester information

See salary details

$22.5K

$119.9K

$168.5K

How much do mid penetration tester jobs pay per year?

As of Jul 7, 2026, the average yearly pay for mid penetration tester in the United States is $119,895.00, according to ZipRecruiter salary data. Most workers in this role earn between $96,000.00 and $141,000.00 per year, depending on experience, location, and employer.

Can you make $500,000 a year in cyber security?

Mid penetration testers typically earn between $80,000 and $150,000 annually, with top professionals in senior roles or with specialized skills potentially earning over $200,000. Reaching a $500,000 salary usually requires extensive experience, advanced certifications, leadership positions, or working in high-paying industries or consulting firms. Achieving such a high income in cybersecurity is uncommon and often depends on multiple factors beyond job title alone.

What are Mid Penetration Testers?

Mid Penetration Testers are cybersecurity professionals with intermediate experience who assess and identify vulnerabilities in computer systems, networks, and applications. They simulate cyberattacks to find security weaknesses that could be exploited by malicious hackers. Typically, they analyze results, document findings, and provide recommendations to improve an organization's security posture. Mid-level testers often work as part of a larger security team and may lead smaller projects or mentor junior testers. Their work helps protect sensitive data and maintain compliance with industry standards.

What are the key skills and qualifications needed to thrive as a Mid Penetration Tester, and why are they important?

To thrive as a Mid Penetration Tester, you need a solid grounding in network security, vulnerability assessment, and ethical hacking, typically backed by a relevant degree or certifications such as CEH or OSCP. Familiarity with tools like Metasploit, Burp Suite, Nmap, and reporting systems is essential for conducting thorough security evaluations. Strong analytical thinking, attention to detail, and clear communication skills help you effectively identify threats and convey findings to technical and non-technical stakeholders. These skills are crucial for accurately assessing organizational security and helping teams remediate vulnerabilities to protect critical assets.

Will pentesters be replaced by AI?

Mid penetration testers perform manual security assessments that require critical thinking, creativity, and understanding of complex systems, which AI currently cannot fully replicate. While AI tools can assist in automating certain tasks like vulnerability scanning, human expertise remains essential for interpreting results and developing effective security strategies.

Is 30 too old for cyber security?

Age is not a barrier to becoming a mid penetration tester or working in cybersecurity. Many professionals start or transition into cybersecurity careers later in life, and skills such as problem-solving, certifications like CEH or OSCP, and continuous learning are more important than age. Employers value experience, technical knowledge, and adaptability regardless of age.

Can you make $200,000 in cyber security?

Mid Penetration Testers and other cybersecurity professionals can earn $200,000 or more annually, especially with advanced skills, certifications like OSCP or CISSP, and experience in high-demand environments. Salaries vary based on location, employer, and expertise, with senior roles and specialized skills commanding higher pay.

What is the difference between Mid Penetration Tester vs Penetration Tester?

AspectMid Penetration TesterPenetration Tester
CertificationsCEH, OSCP, CompTIA Security+CEH, OSCP, GPEN, CISSP (entry-level to mid)
Work EnvironmentMid-sized to large organizations, security teamsVaried environments, consulting firms, security firms
Employer & Industry UsageIT security teams, cybersecurity firmsConsulting firms, internal security teams

The Mid Penetration Tester typically has more experience and handles complex security assessments within organizations, whereas the Penetration Tester may be at an earlier stage or handle more straightforward testing. Both roles require similar certifications and work environments, but Mid Penetration Testers often take on more advanced projects and responsibilities.

What are the typical daily responsibilities of a Mid Penetration Tester?

As a Mid Penetration Tester, your daily tasks commonly include planning and conducting security assessments on networks, applications, and systems to identify vulnerabilities. You’ll often be documenting findings, preparing comprehensive reports for clients or internal teams, and sometimes providing recommendations for remediation. Collaboration with security analysts, IT administrators, and developers is frequent to ensure discovered vulnerabilities are addressed effectively. Additionally, you may spend time researching emerging threats and updating testing methodologies to stay current with industry standards.
More about Mid Penetration Tester jobs
What cities are hiring for Mid Penetration Tester jobs? Cities with the most Mid Penetration Tester job openings:
What states have the most Mid Penetration Tester jobs? States with the most job openings for Mid Penetration Tester jobs include:
Infographic showing various Mid Penetration Tester job openings in the United States as of July 2026, with employment types broken down into 74% Full Time, 17% Part Time, 1% Temporary, and 8% Contract. Highlights an 93% Physical, 2% Hybrid, and 5% Remote job distribution, with an average salary of $119,895 per year, or $57.6 per hour.
Penetration Testing - Mid-Level/Senior

Penetration Testing - Mid-Level/Senior

EnDyna

Mclean, VA • On-site

Other

Posted 4 days ago


Job description

Penetration Tester

EnDyna is seeking experienced Penetration Testers to support the Department of Health and Human Services (HHS) Office of Inspector General (OIG) Cyber Assessment Team. The successful candidate will conduct advanced penetration testing, security assessments, vulnerability analysis, exploitation activities, technical reporting, and cybersecurity consulting supporting Federal audit activities.

Candidates will be considered for either Mid-Level or Senior positions based upon education, certifications, and demonstrated experience.

Position Responsibilities

The selected candidate will perform cybersecurity assessments including:

  • Perform external network penetration testing
  • Perform internal network penetration testing
  • Perform web application penetration testing
  • Perform cloud security assessments
  • Perform wireless security assessments
  • Perform mobile application testing
  • Perform container security assessments
  • Perform AI system security assessments
  • Conduct phishing and social engineering assessments
  • Perform information gathering and reconnaissance
  • Enumerate hosts, services, operating systems, applications and network devices
  • Identify vulnerabilities and attack paths
  • Exploit vulnerabilities using approved methodologies
  • Perform post-exploitation activities
  • Demonstrate persistence techniques
  • Evaluate data access and exfiltration opportunities
  • Document countermeasures encountered during testing
  • Validate remediation activities

Security Analysis

  • Analyze vulnerability scan results
  • Correlate findings from multiple tools
  • Eliminate false positives
  • Prioritize vulnerabilities based upon risk
  • Map findings to NIST, CVE, OWASP and Federal guidance
  • Develop mitigation recommendations

Documentation & Reporting

Prepare professional technical documentation including:

  • Rules of Engagement review
  • Attack confirmation lists
  • Penetration testing reports
  • Executive summaries
  • Technical findings
  • Risk analyses
  • Recommendations
  • Supporting evidence
  • Screenshots
  • Logs
  • Testing artifacts

Customer Interaction

  • Participate in planning meetings
  • Conduct entrance conferences
  • Present technical findings
  • Participate in status briefings
  • Explain vulnerabilities to both technical and executive audiences
  • Support audit teams throughout engagements

Technical Assistance

Provide cybersecurity expertise supporting OIG auditors by:

  • Performing vulnerability scans
  • Analyzing scan results
  • Advising auditors on security findings
  • Supporting remote assessments
  • Participating in technical discussions
Required Qualifications

Mid-Level

  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology or related field
  • 4+ years of penetration testing experience
  • Experience performing network and web application penetration testing
  • Experience with vulnerability assessment tools
  • Experience writing professional technical reports
  • Knowledge of TCP/IP networking
  • Understanding of Windows and Linux operating systems

Senior Level

  • Bachelor's degree (Master's preferred)
  • 8+ years of penetration testing experience
  • Experience leading penetration testing engagements
  • Advanced exploitation experience
  • Experience with cloud environments
  • Experience mentoring junior testers
  • Experience briefing executive leadership
  • Strong technical writing skills
Desired Technical Skills

Experience with:

  • Burp Suite Pro
  • Nmap
  • Nessus
  • Metasploit
  • Kali Linux
  • Wireshark
  • BloodHound
  • Impacket
  • CrackMapExec
  • PowerShell
  • Python
  • Azure
  • AWS
  • Docker
  • Kubernetes
  • Active Directory
  • Microsoft Entra ID
  • Wireless testing tools
Preferred Certifications

One or more of:

  • OSCP
  • OSCE
  • OSEP
  • GPEN
  • GWAPT
  • GXPN
  • GCIH
  • CISSP
  • Security+
  • PNPT
  • CRTO
Desired Knowledge

Experience with:

  • NIST SP 800-115
  • OWASP Testing Guide
  • MITRE ATT&CK
  • CVSS
  • Federal cybersecurity environments
  • FISMA
  • FedRAMP

Travel

Occasional travel throughout the United States may be required.

Why Join EnDyna

  • Support one of the Federal Government's premier cybersecurity audit organizations
  • Perform real-world penetration testing
  • Work alongside nationally recognized cybersecurity experts
  • Opportunities for advanced technical growth
  • Flexible remote work environment