1

Pen Testing Jobs (NOW HIRING)

- Conduct black box, white box vulnerability and penetration testing - Setup threat modesla and protocol fuzzers - Experience in architecture & design reviews with developers at all levels - Develop ...

At least 2 years of experience in Security Testing (Web & Network Pen testing and Secure code analysis) * Hands-on security tester with proficiency in tools like HP Fortify, Web Inspect, Nessus, BURP ...

$75K - $175K/yr

... Pen testing, Consultancy and DFIR) How we will help you PTP attend and sponsor worldwide events every year including Defcon, RSA, ISAC Summits and many more, these are amazing sources of leads PTP ...

Account Executive

Springfield, MA ยท Remote

$75K - $175K/yr

... Pen testing, Consultancy and DFIR) How we will help you PTP attend and sponsor worldwide events every year including Defcon, RSA, ISAC Summits and many more, these are amazing sources of leads PTP ...

Company Description - Conduct black box, white box vulnerability and penetration testing - Setup threat modesla and protocol fuzzers - Experience in architecture & design reviews with developers at ...

$75K - $175K/yr

... Pen testing, Consultancy and DFIR) How we will help you PTP attend and sponsor worldwide events every year including Defcon, RSA, ISAC Summits and many more, these are amazing sources of leads PTP ...

Job Type Full-time Description EOA Technologies is seeking a Cyber Vulnerability Analyst with Penetration Testing/Red Team experience anda deep understanding of adversary tactics, techniques, and ...

Penetration Tester

Washington, DC ยท On-site

$126K - $243K/yr

Consolidate ad-hoc penetration-testing efforts into a unified enterprise pen-testing program with standard methodologies, processes, and reporting. * Establish and maintain Rules of Engagement (ROE ...

Demonstrated experience doing static code analysis (SAST) and dynamic testing (DAST) and/or pen-testing applications. * Experience with Salesforce and/or Oracle applications/platforms and security ...

next page

Showing results 1-20

Pen Testing information

See salary details

$9

$19

$31

How much do pen testing jobs pay per hour?

As of Jul 12, 2026, the average hourly pay for pen testing in the United States is $19.14, according to ZipRecruiter salary data. Most workers in this role earn between $15.38 and $19.23 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Penetration Tester, and why are they important?

To thrive as a Penetration Tester, you need a solid understanding of network security, vulnerability assessment, and ethical hacking, often backed by a degree in computer science or cybersecurity and industry certifications like CEH or OSCP. Familiarity with tools such as Metasploit, Burp Suite, and Nmap, as well as various operating systems, is typically required. Strong analytical thinking, problem-solving skills, and effective communication set top performers apart when explaining findings to technical and non-technical stakeholders. These skills ensure that vulnerabilities are thoroughly identified and addressed, helping organizations protect critical data and systems.

What are some common challenges faced by penetration testers when working on client projects?

Penetration testers often encounter challenges such as limited timeframes to conduct thorough assessments, incomplete or outdated documentation from clients, and the need to clearly communicate technical findings to non-technical stakeholders. They may also face restrictions on testing certain systems due to business constraints or potential operational impact. Building trust with clients and ensuring testing activities do not disrupt critical services are also important aspects of the role.

What is the difference between Pen Testing vs Vulnerability Assessment?

AspectPen TestingVulnerability Assessment
PurposeSimulates attacks to identify exploitable vulnerabilitiesIdentifies and prioritizes security weaknesses
DepthIn-depth, targeted testingBroad, overview of vulnerabilities
CertificationsOSCP, CEH, GPENCISA, CISSP, CEH
Work EnvironmentHands-on, technical testingAnalysis and reporting

Pen Testing involves actively exploiting vulnerabilities to assess security defenses, while Vulnerability Assessment focuses on identifying and prioritizing potential weaknesses without exploiting them. Both are essential for a comprehensive security strategy but serve different roles in cybersecurity testing.

Is pen testing a good career?

Penetration testing, or pen testing, is a cybersecurity role focused on identifying vulnerabilities in systems and networks. It requires technical skills, knowledge of security tools, and often certifications like OSCP or CEH. The field offers high demand, competitive salaries, and opportunities for continuous learning, making it a strong career choice for those interested in cybersecurity.

What is pen testing?

Pen testing, short for penetration testing, is a cybersecurity practice where professionals simulate attacks on a computer system, network, or application to identify vulnerabilities that malicious hackers could exploit. The goal is to proactively find and fix security weaknesses before they can be used in real-world attacks. Pen testers use a variety of tools and techniques to mimic the methods of cybercriminals, and then provide detailed reports with recommendations for improving security. Organizations often conduct pen tests regularly as part of their overall security strategy.

How do I become a pen tester?

To become a penetration tester, you should gain a strong understanding of computer networks, operating systems, and security principles, often through a degree in cybersecurity, computer science, or related fields. Earning industry-recognized certifications such as Offensive Security Certified Professional (OSCP) or Certified Ethical Hacker (CEH) can improve job prospects, and practical experience with tools like Kali Linux, Metasploit, and Wireshark is essential.

What qualifications do you need to be a pen tester?

To become a penetration tester, candidates typically need a strong understanding of networking, operating systems, and security principles, along with proficiency in scripting and using security tools. Relevant certifications such as Certified Ethical Hacker (CEH) or Offensive Security Certified Professional (OSCP) are highly valued. Practical experience through labs, internships, or hands-on projects is also important for demonstrating skills in identifying vulnerabilities and exploiting security flaws.

How much can you make pen testing?

Penetration testers typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and location. Senior roles or those with specialized skills in tools like Kali Linux or Metasploit can earn higher salaries, especially in high-demand industries or regions with a strong cybersecurity market.
More about Pen Testing jobs
What cities are hiring for Pen Testing jobs? Cities with the most Pen Testing job openings:
What states have the most Pen Testing jobs? States with the most job openings for Pen Testing jobs include:
Security Software Engineer - Red Team Pen Tester

Security Software Engineer - Red Team Pen Tester

Data Intelligence LLC

Dahlgren, VA โ€ข Hybrid

Other

Medical, Dental, Vision, Retirement, PTO

Re-posted yesterday


Job description

Data Intelligence LLC
Job Openings >> Security Software Engineer - Red Team Pen Tester
Security Software Engineer - Red Team Pen Tester
Summary
Title: Security Software Engineer - Red Team Pen Tester ID: 1546 Location: Dahlgren, VA
More about this job >
Description

Data Intelligence is seeking a seasoned Security Software Engineer - Red Team / Penetration Tester to join a hands-on offensive security team supporting mission systems in the defense domain. This role is ideal for a pragmatic, technically deep engineer who blends software development, exploitation tooling, and operational red-team experience to assess and harden complex enterprise and DoD environments.This position is fully on-site in Dahlgren, VA.

This position is contingent upon winning contract award.

Key Responsibilities

  • Plan and execute advanced penetration tests and red-team engagements against enterprise, cloud, and mission systems (including VDI, virtualization stacks, network enclaves, identity systems, and web services).
  • Design, develop, and maintain offensive tooling, exploit code, C2 components, and automation to support engagements.
  • Conduct network, host, web application, cloud, and identity-centric assessments (including REST/SOAP web services and modern auth protocols such as OAuth2/SAML/LDAP).
  • Perform vulnerability discovery, exploit development, privilege escalation, lateral movement, persistence techniques, and post-exploitation analysis.
  • Use and extend common pentest frameworks and tools (Kali, Metasploit, Nmap, Cobalt Strike) and integrate custom scripts and modules.
  • Evaluate and document attack paths, IM/SSO/MFA bypass scenarios, and misconfigurations across Microsoft Entra ID (Azure AD), Active Directory, hybrid Microsoft 365 environments, and federation/SSO integrations.
  • Test and evaluate network and security devices (Palo Alto, Cisco, FirePower, IOS/ASA, Nexus) and virtualization/storage platforms (vCenter/vRealize/Horizon, NetApp/ONTAP, SnapMirror).
  • Perform cloud security assessments (AWS, serverless, microservices) and audit cloud configurations and workloads.
  • Produce clear, actionable deliverables: technical findings, exploit proofs-of-concept, attack narratives, remediation guidance, and executive summaries for stakeholders.
  • Collaborate with blue teams, DevSecOps, and engineering teams to validate fixes and drive continuous improvement.


Required Skills/Experience

Education: Bachelor's degree in Computer Science, Engineering, Information Security, or equivalent experience preferred.

Experience: Minimum 5 years of software engineering applied to program development, modeling, or simulation for DoD or IT systems and a minimum 5 years hands-on experience with:

  • Linux: firm grasp / demonstrated knowledge (training such as CompTIA Linux+ or FedVTE Linux+ preferred).
  • Windows & enterprise networks: foundational understanding of Windows enterprise administration (relevant Microsoft coursework/certification experience preferred).

Offensive tooling & techniques: Strong working knowledge and practical use of Kali, Metasploit, Nmap, Cobalt Strike.

Documented operational experience in at least one of the following:

  1. Penetration Testing (government or contractor)
  2. Red Team Operations (government or contractor)
  3. Tool/Software Development (exploits, malware/C2, reverse engineering, bug bounties)
  4. Offensive/defensive programming in Python, C, C#, C++, Go, Perl, PowerShell
  5. Web development / web application penetration testing (PHP, ASP, SQL/NoSQL, Java, HTML), including RESTful and SOAP services and modern authentication schemes

Minimum certification: Must hold one of the following (or equivalent, current):

  • Offensive Security: OSCP, OSCE, OSEE, OSWP
  • SANS: GPEN (SEC560), GWAPT (SEC542), SEC660, GXPN, SEC642, SEC564

Operational tools/platform familiarity: experience with virtualization & VDI stacks (NSX, vCenter, vRealize, Horizon), network/security appliances (Palo Alto, Cisco), storage platforms (NetApp/ONTAP), and virtualization/cloud platforms (VMware, AWS).

Identity & automation: demonstrable experience with Active Directory, Microsoft Entra ID (Azure AD), SSO/MFA, identity federation, and automation using PowerShell / PowerAutomate / Logic Apps / Graph API.

Clearance: Current Top Secret Security Clearance

Desired/Preferred Skills

  • Prior experience conducting Red Team operations in an MDE (Managed Detection & Response / Microsoft Defender for Endpoint) environment.
  • Experience with cloud audit, serverless, microservice architectures and security.
  • Prior development of offensive tooling, exploit chains, or C2 frameworks.
  • Familiarity with DoD and government network enclaves, operational tradecraft, and mission-critical systems.
  • Prior experience working on DoD or national security contracts and understanding of classification and handling of sensitive findings.
  • Strong technical writing and presentation skills; ability to translate technical findings for non-technical leadership.


Data Intelligence, DI is an established small business that has supported the critical missions of our government clients since 2005. We provide full life cycle system development, systems engineering, cybersecurity, and supporting analytical and logistics support to C4ISR and other complex systems. We are an equal opportunity employer that offers competitive salaries, comprehensive benefits, a team-oriented environment, and opportunities for advancement. Our excellent employee retention record reflects our employee focus. We work with Veteran's organization to proactively hire those who have served our country. We offer medical, dental and vision insurance, 401k, PTO and 11 paid holidays.

Data Intelligence is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

Apply Now
ย 
Refer to a Friend
Copyright 2026 Data Intelligence LLC. All rights reserved.
Powered by ApplicantStack Applicant Tracking System
Privacy Policy | Terms of Use