1

Pen Testing Jobs in California (NOW HIRING)

Preferred At least 2 years of experience in Security Testing (Web & Network Pen testing and Secure code analysis).. Hands on security tester with proficiency in tools like HP Fortify, Web Inspect ...

Preferred At least 2 years of experience in Security Testing (Web & Network Pen testing and Secure code analysis) Hands on security tester with proficiency in tools like HP Fortify, Web Inspect ...

Responsibilities Conduct black box ,white box security and penetration testing to assess and validate application security Perform manual pen-tests, ability to setup threat models and fuzzers. Be ...

- Conduct black box, white box vulnerability and penetration testing - Setup threat modesla and protocol fuzzers - Experience in architecture & design reviews with developers at all levels - Develop ...

At least 2 years of experience in Security Testing (Web & Network Pen testing and Secure code analysis) * Hands-on security tester with proficiency in tools like HP Fortify, Web Inspect, Nessus, BURP ...

Company Description - Conduct black box, white box vulnerability and penetration testing - Setup threat modesla and protocol fuzzers - Experience in architecture & design reviews with developers at ...

Practical experience interpreting findings from application pen testing, code scanning and open-source scanners to determine the risk and collaborate with developers to resolve them * Understanding ...

Sr. Application Security Engineer

Redlands, CA · On-site

$59 - $79/hr

... testing, and false positive analysis of code, pen test, and open-source security findings • Demonstrated experience determining risk based on analysis/findings using a consistent risk management ...

Lead Application Security Engineer

San Francisco, CA · On-site

$69.25 - $92.50/hr

Strong hands-on web application pen testing skills. You can find real bugs in real code, not just run scanners. * Deep experience reviewing code in TypeScript / Node and Python. You're comfortable ...

Practical experience interpreting findings from application pen testing, code scanning and open-source scanners to determine the risk and collaborate with developers to resolve them * Understanding ...

next page

Showing results 1-20

Pen Testing information

See California salary details

$9

$18

$30

How much do pen testing jobs pay per hour?

As of Jul 13, 2026, the average hourly pay for pen testing in California is $18.89, according to ZipRecruiter salary data. Most workers in this role earn between $15.19 and $18.99 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Penetration Tester, and why are they important?

To thrive as a Penetration Tester, you need a solid understanding of network security, vulnerability assessment, and ethical hacking, often backed by a degree in computer science or cybersecurity and industry certifications like CEH or OSCP. Familiarity with tools such as Metasploit, Burp Suite, and Nmap, as well as various operating systems, is typically required. Strong analytical thinking, problem-solving skills, and effective communication set top performers apart when explaining findings to technical and non-technical stakeholders. These skills ensure that vulnerabilities are thoroughly identified and addressed, helping organizations protect critical data and systems.

What are some common challenges faced by penetration testers when working on client projects?

Penetration testers often encounter challenges such as limited timeframes to conduct thorough assessments, incomplete or outdated documentation from clients, and the need to clearly communicate technical findings to non-technical stakeholders. They may also face restrictions on testing certain systems due to business constraints or potential operational impact. Building trust with clients and ensuring testing activities do not disrupt critical services are also important aspects of the role.

What is the difference between Pen Testing vs Vulnerability Assessment?

AspectPen TestingVulnerability Assessment
PurposeSimulates attacks to identify exploitable vulnerabilitiesIdentifies and prioritizes security weaknesses
DepthIn-depth, targeted testingBroad, overview of vulnerabilities
CertificationsOSCP, CEH, GPENCISA, CISSP, CEH
Work EnvironmentHands-on, technical testingAnalysis and reporting

Pen Testing involves actively exploiting vulnerabilities to assess security defenses, while Vulnerability Assessment focuses on identifying and prioritizing potential weaknesses without exploiting them. Both are essential for a comprehensive security strategy but serve different roles in cybersecurity testing.

Is pen testing a good career?

Penetration testing, or pen testing, is a cybersecurity role focused on identifying vulnerabilities in systems and networks. It requires technical skills, knowledge of security tools, and often certifications like OSCP or CEH. The field offers high demand, competitive salaries, and opportunities for continuous learning, making it a strong career choice for those interested in cybersecurity.

What is pen testing?

Pen testing, short for penetration testing, is a cybersecurity practice where professionals simulate attacks on a computer system, network, or application to identify vulnerabilities that malicious hackers could exploit. The goal is to proactively find and fix security weaknesses before they can be used in real-world attacks. Pen testers use a variety of tools and techniques to mimic the methods of cybercriminals, and then provide detailed reports with recommendations for improving security. Organizations often conduct pen tests regularly as part of their overall security strategy.

How do I become a pen tester?

To become a penetration tester, you should gain a strong understanding of computer networks, operating systems, and security principles, often through a degree in cybersecurity, computer science, or related fields. Earning industry-recognized certifications such as Offensive Security Certified Professional (OSCP) or Certified Ethical Hacker (CEH) can improve job prospects, and practical experience with tools like Kali Linux, Metasploit, and Wireshark is essential.

What qualifications do you need to be a pen tester?

To become a penetration tester, candidates typically need a strong understanding of networking, operating systems, and security principles, along with proficiency in scripting and using security tools. Relevant certifications such as Certified Ethical Hacker (CEH) or Offensive Security Certified Professional (OSCP) are highly valued. Practical experience through labs, internships, or hands-on projects is also important for demonstrating skills in identifying vulnerabilities and exploiting security flaws.

How much can you make pen testing?

Penetration testers typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and location. Senior roles or those with specialized skills in tools like Kali Linux or Metasploit can earn higher salaries, especially in high-demand industries or regions with a strong cybersecurity market.
What cities in California are hiring for Pen Testing jobs? Cities in California with the most Pen Testing job openings:
Security Testing

Security Testing

Sonsoft Inc

Sunnyvale, CA • On-site

Full-time

Posted 21 days ago


Job description

Company Description

Sonsoft , Inc. is a USA based corporation duly organized under the laws of the Commonwealth of Georgia. Sonsoft Inc. is growing at a steady pace specializing in the fields of Software Development, Software Consultancy and Information Technology Enabled Services.

Job Description

Preferred
At least 2 years of experience in Security Testing (Web & Network Pen testing and Secure code analysis)..
Hands on security tester with proficiency in tools like HP Fortify, Web Inspect, Nessus, BURP, IBM Appscan
Expert in security frameworks & standards (OWASP, NIST, ISO27001, Data security, PCI ect)
Sound knowledge of web development & enterprise technology (SOA, Potrals, eComm/teclo products)
Security certifications like CEH / OSCP / CISSP
Ability to understand security NFR & metrics.
Coordinate multiple project & manage stakeholder
Must possess good Analytical & communication skills
Mobile security & Telco domain knowledge would be big plus.
Experience and desire to work in a Global delivery environment

Qualifications

Qualifications Basic

Bachelor's degree or foreign equivalent required from an accredited institution. 
 At least 2 years of experience with Information Security Technology.

Additional Information

Note:-
This is a Full-Time & Permanent job opportunity for you.
Only US Citizen, Green Card HolderGC-EADH4-EAD & L2-EAD can apply.
No OPT-EAD, H1B & TN candidates please.
Please mention your Visa Status in your email or resume.


Sonsoft logo

About Sonsoft

Sourced by ZipRecruiter

Sonsoft , Inc. is a USA based corporation duly organized under the laws of the Commonwealth of Georgia. Sonsoft Inc. is growing at a steady pace specializing in the fields of Software Development, Software Consultancy and Information Technology Enabled Services.

Industry

It services

Company size

51 - 200 Employees

Headquarters location

Alpharetta, GA, US

Year founded

2007