ZipRecruiter

Log In

1

Offensive Security Consultant Jobs (NOW HIRING)

Pensar

Security Research Engineer

New York, NY · On-site

$120K - $175K/yr

Experience with AI/LLM-assisted offensive security or building security automation on top of LLMs * Prior Forward Deployed Engineer, solutions engineering, or consulting experience at a security or ...

IBM

XFR Red Team Operator

... Offensive Security (OSCP/OSCE), SANS (GPEN, GXPN, GWAPT), or CREST CSAT/CSAM or demonstrable equivalent skills • Prior security consulting experience Company : IBM provides technology and ...

IBM

XFR Red Team Operator

... Offensive Security (OSCP/OSCE), SANS (GPEN, GXPN, GWAPT), or CREST CSAT/CSAM or demonstrable equivalent skills • Prior security consulting experience Company : IBM provides technology and ...

IBM

XFR Red Team Operator

... Offensive Security (OSCP/OSCE), SANS (GPEN, GXPN, GWAPT), or CREST CSAT/CSAM or demonstrable equivalent skills • Prior security consulting experience Company : IBM provides technology and ...

IBM

XFR Red Team Operator

... Offensive Security (OSCP/OSCE), SANS (GPEN, GXPN, GWAPT), or CREST CSAT/CSAM or demonstrable equivalent skills • Prior security consulting experience Company : IBM provides technology and ...

IBM

XFR Red Team Operator

... Offensive Security (OSCP/OSCE), SANS (GPEN, GXPN, GWAPT), or CREST CSAT/CSAM or demonstrable equivalent skills • Prior security consulting experience Company : IBM provides technology and ...

IBM

XFR Red Team Operator

... Offensive Security (OSCP/OSCE), SANS (GPEN, GXPN, GWAPT), or CREST CSAT/CSAM or demonstrable equivalent skills • Prior security consulting experience Company : IBM provides technology and ...

Horizon3.ai

Staff Attack Engineer, OCI

It is used by IT Ops/SecOps teams, consulting pentesters, and MSSPs and MSPs. We are a fusion of ... Conduct offensive security research against OCI compute, networking, storage, databases, IAM ...

New

next page

Showing results 1-20

All JobsOffensive Security Consultant Jobs

Offensive Security Consultant information

See salary details

$10

$50

$108

How much do offensive security consultant jobs pay per hour?

As of Jun 13, 2026, the average hourly pay for offensive security consultant in the United States is $50.91, according to ZipRecruiter salary data. Most workers in this role earn between $24.76 and $63.70 per hour, depending on experience, location, and employer.

How does an Offensive Security Consultant typically collaborate with clients and internal teams during a penetration testing engagement?

An Offensive Security Consultant works closely with both clients and internal security teams throughout a penetration testing engagement. At the outset, they meet with clients to define the scope, objectives, and rules of engagement. During the assessment, consultants maintain clear communication to share progress updates and any critical findings that require immediate attention. After the test, they collaborate with internal report reviewers and the client's technical team to present findings, answer questions, and recommend practical remediation steps. This collaborative approach ensures transparency, client trust, and actionable security improvements.

What does an Offensive Security Consultant do?

An Offensive Security Consultant is a cybersecurity professional who specializes in identifying and exploiting vulnerabilities in computer systems, networks, and applications. Their work involves conducting penetration tests, simulating cyberattacks, and providing detailed reports on security weaknesses and how to fix them. By proactively testing security defenses, they help organizations strengthen their overall security posture and protect sensitive data from real-world threats. Offensive Security Consultants often use a variety of tools and techniques to mimic the tactics of malicious hackers, but their goal is to improve, not harm, the client's security.

What is the difference between Offensive Security Consultant vs Penetration Tester?

AspectOffensive Security ConsultantPenetration Tester
CertificationsOSCP, OSWE, CEHOSCP, CEH, GPEN
Work EnvironmentConsulting projects, client sites, security assessmentsSecurity testing, vulnerability assessments, simulated attacks
Employer & Industry UsageSecurity firms, corporate security teams, consulting agenciesSecurity firms, internal security teams, freelance roles

While both roles focus on identifying security vulnerabilities, an Offensive Security Consultant often provides strategic advice and comprehensive security solutions for clients, whereas a Penetration Tester primarily conducts hands-on testing to find specific vulnerabilities. The roles overlap in certifications and work environments, but the Consultant role emphasizes broader security consulting and client interaction.

What are the key skills and qualifications needed to thrive as an Offensive Security Consultant, and why are they important?

To thrive as an Offensive Security Consultant, you need a deep knowledge of penetration testing, vulnerability assessment, and network security, typically supported by a degree in computer science or a related field. Familiarity with tools like Metasploit, Burp Suite, Nmap, and certifications such as OSCP or CEH are highly valued. Strong analytical thinking, effective communication, and problem-solving abilities help you translate technical findings into actionable recommendations for clients. These skills are crucial for identifying security weaknesses and helping organizations defend against cyber threats.
More about Offensive Security Consultant jobs
What job categories do people searching Offensive Security Consultant jobs look for? The top searched job categories for Offensive Security Consultant jobs are:
Offensive Security Consultant jobs near you
Infographic showing various Offensive Security Consultant job openings in the United States as of June 2026, with employment types broken down into 33% Full Time, and 67% Contract. Highlights an 67% In-person, and 33% Remote job distribution, with an average salary of $105,890 per year, or $50.9 per hour.
Senior Security Consultant (Mainframe Penetration Tester)

Senior Security Consultant (Mainframe Penetration Tester)

NetSPI LLC

Minneapolis, MN • On-site

Full-time

Posted 2 days ago

Job description

NetSPI® pioneered Penetration Testing as a Service (PTaaS) and leads the industry in modern pentesting. Combining world-class security professionals with AI and automation, NetSPI delivers clarity, speed, and scale across 50+ pentest types, attack surface management, and vulnerability prioritization. The NetSPI platform streamlines workflows and accelerates remediation, enabling our experts to focus on deep dive testing that uncovers vulnerabilities others miss. Trusted by the top 10 U.S. banks and Fortune 500 companies worldwide, NetSPI has been driving security innovation since

NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at www.netspi.com/careers.

Join the mission as a Senior Security Consultant. We are seeking a skilled and detail-oriented Penetration Tester to conduct thorough security assessments, identify vulnerabilities, and provide expert recommendations to strengthen our clients' security posture. As a Penetration Tester supporting Mainframe testing, you will work closely with clients to deliver clear, actionable reports and contribute to the development of security best practices.

Responsibilities:

  • Perform app, platform, CICS, Db2 or other z/OS-based penetration tests.
  • Create and deliver penetration test reports to clients
  • Collaborate with clients to create remediation strategies that will help improve their security posture
  • Research and develop innovative techniques, tools, and methodologies for penetration testing services
  • Participate in the ongoing development/enhancement of NetSPI services and processes, in addition to thought leadership (via blogs, presentations, white papers, webinars, podcast, vlogs and tweets)
  • Provide pre-sales support by assisting with scoping prospective engagements
  • Act as a resource for internal team members as it relates to in-depth technical questions or best practices
  • Responsible for QA activities in assigned service lines
  • Other duties as assigned

Minimum Requirements:

  • Bachelor’s degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experience
  • 3-5 years of experience in penetration testing, including network, web or mobile application testing
  • Experience with offensive toolkits used for network and application penetration testing
  • Strong communication skills, both verbal and written
  • Knowledge of z/OS fundamentals including, but not limited to: JCL, JES2, USS, Networking and at least one ESM (RACF, ACF2, Top Secret).

Preferred Qualifications:

  • Programming experience in one or more of the following languages: Assembler, C, C++, REXX
  • Experience security or managing z/OS-based systems.
  • Experience with pentesting (PTAS) or other offensive security certifications.

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.