... pen testing Preferred Qualifications: Master's degree in computer science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent ...
... pen testing Preferred Qualifications: Master's degree in computer science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent ...
... pen testing Preferred Qualifications: Master's degree in computer science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent ...
... pen testing Preferred Qualifications: Master's degree in computer science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent ...
Senior ISSE/Penetration Tester with Security Clearance
$108.80K - $147.60K/yr
Planning and conducting security verification testing of relevant type 1 devices. * Performing internal and external pen tests against systems to determine vulnerabilities and develop mitigation ...
Senior ISSE/Penetration Tester with Security Clearance
$108.80K - $147.60K/yr
Planning and conducting security verification testing of relevant type 1 devices. * Performing internal and external pen tests against systems to determine vulnerabilities and develop mitigation ...
Senior ISSE/Penetration Tester TS/SCI Polygraph
$117K - $158.80K/yr
Performing physical pen tests and security engineering analysis and assessing the vulnerabilities/solutions for the pen testing. Basic Qualifications * Bachelor's degree in Computer Science ...
Senior ISSE/Penetration Tester TS/SCI Polygraph
$117K - $158.80K/yr
Performing physical pen tests and security engineering analysis and assessing the vulnerabilities/solutions for the pen testing. Basic Qualifications * Bachelor's degree in Computer Science ...
US_West | Application Consultant - Data / Security / Infastructure Solutions_L2
Plano, TX · On-site
$75/hr
Experience with Cybersecurity testing including pen testing and formal verification efforts. Please send it with this information Legal name: Location (City and State): Relocate? Rate: Availability:
US_West | Application Consultant - Data / Security / Infastructure Solutions_L2
Plano, TX · On-site
$75/hr
Experience with Cybersecurity testing including pen testing and formal verification efforts. Please send it with this information Legal name: Location (City and State): Relocate? Rate: Availability:
Penetration Tester
Hillsboro, OR · On-site
Certifications such as GIAC Web Application Penetration Testing (GWAPT) or Offensive Security Certified Professional (OSCP) are strongly preferred. Skill Set pen tester
Penetration Tester
Hillsboro, OR · On-site
Certifications such as GIAC Web Application Penetration Testing (GWAPT) or Offensive Security Certified Professional (OSCP) are strongly preferred. Skill Set pen tester
DevSecOps Engineer[onsite]
Miami, FL · On-site
Demonstrated experience doing static code analysis (SAST) and dynamic testing (DAST) and/or pen-testing applications. * Experience with Salesforce and/or Oracle applications/platforms and security ...
Quick apply
DevSecOps Engineer[onsite]
Miami, FL · On-site
Demonstrated experience doing static code analysis (SAST) and dynamic testing (DAST) and/or pen-testing applications. * Experience with Salesforce and/or Oracle applications/platforms and security ...
Senior ISSE/Penetration Tester TS/SCI Polygraph
Annapolis, MD · On-site
$105.40K - $143K/yr
Performing physical pen tests and security engineering analysis and assessing the vulnerabilities/solutions for the pen testing. Basic Qualifications * Bachelor's degree in Computer Science ...
Senior ISSE/Penetration Tester TS/SCI Polygraph
Annapolis, MD · On-site
$105.40K - $143K/yr
Performing physical pen tests and security engineering analysis and assessing the vulnerabilities/solutions for the pen testing. Basic Qualifications * Bachelor's degree in Computer Science ...
Sr. Network Security Engineer
Chicago, IL · Hybrid
$60.25 - $78.75/hr
Pen Testing Experience
Sr. Network Security Engineer
Chicago, IL · Hybrid
$60.25 - $78.75/hr
Pen Testing Experience
Perform independent pen testing utilizing numerous penetration testing tools and leveraging mainly manual techniques, typically testing will necessitate source code analysis * Write risk prioritized ...
Perform independent pen testing utilizing numerous penetration testing tools and leveraging mainly manual techniques, typically testing will necessitate source code analysis * Write risk prioritized ...
Application Security Engineer -- Pen Testing & Modeling (San Jose)
San Jose, CA · On-site
$69.50 - $93/hr
The role involves manual and penetration testing, vulnerability assessments, and threat modeling. Ideal candidates will have strong skills in tools like Burp Suite, IBM AppScan, and an understanding ...
Application Security Engineer -- Pen Testing & Modeling (San Jose)
San Jose, CA · On-site
$69.50 - $93/hr
The role involves manual and penetration testing, vulnerability assessments, and threat modeling. Ideal candidates will have strong skills in tools like Burp Suite, IBM AppScan, and an understanding ...
They are seeking a Security Engineer III (Pen Tester) to engage with stakeholders, conduct ... Conduct deep testing of web apps, mobile apps (as applicable), and application programming ...
They are seeking a Security Engineer III (Pen Tester) to engage with stakeholders, conduct ... Conduct deep testing of web apps, mobile apps (as applicable), and application programming ...
Interactive On-Net Operator (ION)
Andrews Air Force Base, MD · On-site
$150K - $210K/yr
Three years of pen-testing/red teaming experience within the last five years, and at least six years of technical analysis, military intelligence, DNI, SIGINT analysis, or similar * Strong ...
Quick apply
Interactive On-Net Operator (ION)
Andrews Air Force Base, MD · On-site
$150K - $210K/yr
Three years of pen-testing/red teaming experience within the last five years, and at least six years of technical analysis, military intelligence, DNI, SIGINT analysis, or similar * Strong ...
Interactive On-Net Operator (ION)
Andrews Air Force Base, MD · On-site
$150K - $210K/yr
Three years of pen-testing/red teaming experience within the last five years, and at least six years of technical analysis, military intelligence, DNI, SIGINT analysis, or similar * Strong ...
Quick apply
Interactive On-Net Operator (ION)
Andrews Air Force Base, MD · On-site
$150K - $210K/yr
Three years of pen-testing/red teaming experience within the last five years, and at least six years of technical analysis, military intelligence, DNI, SIGINT analysis, or similar * Strong ...
AI Red Tester/Pen Tester/Ethical Hacker- Long Term Contract - Remote
Montville Township, NJ · On-site
AI Red Tester/Pen Tester/Ethical Hacker- Long Term Contract - Remote For our direct client, a ... Design and execute comprehensive adversarial testing campaigns against AI models, including but not ...
Quick apply
AI Red Tester/Pen Tester/Ethical Hacker- Long Term Contract - Remote
Montville Township, NJ · On-site
AI Red Tester/Pen Tester/Ethical Hacker- Long Term Contract - Remote For our direct client, a ... Design and execute comprehensive adversarial testing campaigns against AI models, including but not ...
Sr Engineer, Penetration Testing
$128K - $173.20K/yr
The Sr. Engineer, Penetration Testing will help ensure that our software, systems and ... Serve as a SME for pen test engagements * Help review and assign bug bounty and responsible ...
Sr Engineer, Penetration Testing
$128K - $173.20K/yr
The Sr. Engineer, Penetration Testing will help ensure that our software, systems and ... Serve as a SME for pen test engagements * Help review and assign bug bounty and responsible ...
Penetration Tester
Hillsboro, OR · On-site
Certifications such as GIAC Web Application Penetration Testing (GWAPT) or Offensive Security Certified Professional (OSCP) are strongly preferred. Skill Set Pen tester
Penetration Tester
Hillsboro, OR · On-site
Certifications such as GIAC Web Application Penetration Testing (GWAPT) or Offensive Security Certified Professional (OSCP) are strongly preferred. Skill Set Pen tester
Pen Tester Location: Annapolis Junction, MD Clearance: FS Poly Required Certifications (at least 1 is required): * GIAC Web Applications Penetration Tester (GWAPT) * GIAC Penetration Tester (GPEN)
Pen Tester Location: Annapolis Junction, MD Clearance: FS Poly Required Certifications (at least 1 is required): * GIAC Web Applications Penetration Tester (GWAPT) * GIAC Penetration Tester (GPEN)
Pen Tester Location: Annapolis Junction, MD Clearance: FS Poly Required Certifications (at least 1 is required): * GIAC Web Applications Penetration Tester (GWAPT) * GIAC Penetration Tester (GPEN)
Quick apply
Pen Tester Location: Annapolis Junction, MD Clearance: FS Poly Required Certifications (at least 1 is required): * GIAC Web Applications Penetration Tester (GWAPT) * GIAC Penetration Tester (GPEN)
ECS is seeking a Cybersecurity Pen Tester Engineer - Senior to support the Army National Guard ... Responsibilities : • Lead penetration testing and adversarial assessments of ARNG networks ...
ECS is seeking a Cybersecurity Pen Tester Engineer - Senior to support the Army National Guard ... Responsibilities : • Lead penetration testing and adversarial assessments of ARNG networks ...
Pen Testing information
See salary details
$9.62 - $11.58
1% of jobs
$11.58 - $13.55
0% of jobs
$13.55 - $15.52
24% of jobs
$15.53 is the 25th percentile. Wages below this are outliers.
$15.52 - $17.48
47% of jobs
$18.08 is the 75th percentile. Wages above this are outliers.
$17.48 - $19.45
9% of jobs
$19.45 - $21.42
8% of jobs
$21.42 - $23.38
8% of jobs
$23.38 - $25.35
2% of jobs
$25.35 - $27.32
0% of jobs
$27.32 - $29.28
0% of jobs
$29.28 - $31.25
0% of jobs
$9
$19
$31
How much do pen testing jobs pay per hour?
As of Jun 2, 2026, the average hourly pay for pen testing in the United States is $19.14, according to ZipRecruiter salary data. Most workers in this role earn between $15.38 and $19.23 per hour, depending on experience, location, and employer.
What are the key skills and qualifications needed to thrive as a Penetration Tester, and why are they important?
To thrive as a Penetration Tester, you need a solid understanding of network security, vulnerability assessment, and ethical hacking, often backed by a degree in computer science or cybersecurity and industry certifications like CEH or OSCP. Familiarity with tools such as Metasploit, Burp Suite, and Nmap, as well as various operating systems, is typically required. Strong analytical thinking, problem-solving skills, and effective communication set top performers apart when explaining findings to technical and non-technical stakeholders. These skills ensure that vulnerabilities are thoroughly identified and addressed, helping organizations protect critical data and systems.
What are some common challenges faced by penetration testers when working on client projects?
Penetration testers often encounter challenges such as limited timeframes to conduct thorough assessments, incomplete or outdated documentation from clients, and the need to clearly communicate technical findings to non-technical stakeholders. They may also face restrictions on testing certain systems due to business constraints or potential operational impact. Building trust with clients and ensuring testing activities do not disrupt critical services are also important aspects of the role.
What is pen testing?
Pen testing, short for penetration testing, is a cybersecurity practice where professionals simulate attacks on a computer system, network, or application to identify vulnerabilities that malicious hackers could exploit. The goal is to proactively find and fix security weaknesses before they can be used in real-world attacks. Pen testers use a variety of tools and techniques to mimic the methods of cybercriminals, and then provide detailed reports with recommendations for improving security. Organizations often conduct pen tests regularly as part of their overall security strategy.
What is the difference between Pen Testing vs Vulnerability Assessment?
| Aspect | Pen Testing | Vulnerability Assessment |
|---|---|---|
| Purpose | Simulates attacks to identify exploitable vulnerabilities | Identifies and prioritizes security weaknesses |
| Depth | In-depth, targeted testing | Broad, overview of vulnerabilities |
| Certifications | OSCP, CEH, GPEN | CISA, CISSP, CEH |
| Work Environment | Hands-on, technical testing | Analysis and reporting |
Pen Testing involves actively exploiting vulnerabilities to assess security defenses, while Vulnerability Assessment focuses on identifying and prioritizing potential weaknesses without exploiting them. Both are essential for a comprehensive security strategy but serve different roles in cybersecurity testing.
More about Pen Testing jobs
What cities are hiring for Pen Testing jobs? Cities with the most Pen Testing job openings:
What states have the most Pen Testing jobs? States with the most job openings for Pen Testing jobs include:
What job categories do people searching Pen Testing jobs look for? The top searched job categories for Pen Testing jobs are:
Contractor
Posted 11 days ago
Job description
I have an opportunity for "WAF Engineer - Fort Worth, Texas _ ONISTE" and I am looking for a candidate who can join Immediately if you are interested, reply to me with your updated resume or if you could refer someone I would really appreciate it.
Position : WAF Engineer
Location : Fort Worth, Texas (Onsite)
Duration : 6 to 12 Months Contract
General Job Description:
The Web Application Security team collaborates with application owners, architects, and developers to integrate security tools such as web application firewalls and bot mitigation to protect American Airlines websites and mobile apps.
This team also collaborates with corporate security fraud teams, privacy teams, and incident response teams in investigations related to websites. This individual is responsible for the analysis, design, implementation, and maintenance of the automation tasks for our product.
This individual is also responsible for collaborating with application owners and security vendors to update/tune Web Application Firewall (WAF) and bot mitigation security policies.
Minimum Qualifications:
Bachelor's degree in computer science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent experience/training
3 years of technology experience, with a focus on information security technology development and administration, web app development, or web application pen testing
Preferred Qualifications:
Master's degree in computer science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent experience/training
5+ years of technology experience, with a focus on information security technology development and administration, web app development, or web application pen testing.
CISSP, CISM, CISA, GIAC or other security certifications are desired.
Strong technical background with Akamai Web Application Firewall (WAF) and bot mitigation security policies
Experience working with Akamai performance and security tools.
Skills, Licenses & Certifications:
Solid comprehension of HTTP protocol and demonstrated ability to troubleshoot using HTTP logs and Splunk or other analytics tools
Strong technical background in web development and familiarity with potential attack vectors/methods
Strong technical background in scripting languages (Python, PowerShell, or JavaScript)
Basic understanding of DNS, Networks, Firewalls, SSL Certificates
Working understanding of Agile Framework
Self-motivated learning, good attitude
Language & Communication Skills:
Ability to effectively communicate both verbally and written with all levels within the organization.
Ability to explain technical concepts and adjust messaging based on the audience, including non-technical groups.
Ability to influence through outstanding interpersonal skills, collaboration, and negotiation skills.
Ability to work well within a team environment, as well as independently.
Regards
Alex . K
NAVTECH INC
1600 Golf Road. Suite 1200, Rolling Meadows, IL 60008
Ph: (224) 348-1340 || Email: alex@navtechusa.com || www.navtechusa.com E-Verified Company
Position : WAF Engineer
Location : Fort Worth, Texas (Onsite)
Duration : 6 to 12 Months Contract
General Job Description:
The Web Application Security team collaborates with application owners, architects, and developers to integrate security tools such as web application firewalls and bot mitigation to protect American Airlines websites and mobile apps.
This team also collaborates with corporate security fraud teams, privacy teams, and incident response teams in investigations related to websites. This individual is responsible for the analysis, design, implementation, and maintenance of the automation tasks for our product.
This individual is also responsible for collaborating with application owners and security vendors to update/tune Web Application Firewall (WAF) and bot mitigation security policies.
Minimum Qualifications:
Bachelor's degree in computer science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent experience/training
3 years of technology experience, with a focus on information security technology development and administration, web app development, or web application pen testing
Preferred Qualifications:
Master's degree in computer science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent experience/training
5+ years of technology experience, with a focus on information security technology development and administration, web app development, or web application pen testing.
CISSP, CISM, CISA, GIAC or other security certifications are desired.
Strong technical background with Akamai Web Application Firewall (WAF) and bot mitigation security policies
Experience working with Akamai performance and security tools.
Skills, Licenses & Certifications:
Solid comprehension of HTTP protocol and demonstrated ability to troubleshoot using HTTP logs and Splunk or other analytics tools
Strong technical background in web development and familiarity with potential attack vectors/methods
Strong technical background in scripting languages (Python, PowerShell, or JavaScript)
Basic understanding of DNS, Networks, Firewalls, SSL Certificates
Working understanding of Agile Framework
Self-motivated learning, good attitude
Language & Communication Skills:
Ability to effectively communicate both verbally and written with all levels within the organization.
Ability to explain technical concepts and adjust messaging based on the audience, including non-technical groups.
Ability to influence through outstanding interpersonal skills, collaboration, and negotiation skills.
Ability to work well within a team environment, as well as independently.
Regards
Alex . K
NAVTECH INC
1600 Golf Road. Suite 1200, Rolling Meadows, IL 60008
Ph: (224) 348-1340 || Email: alex@navtechusa.com || www.navtechusa.com E-Verified Company
About Navtech
Sourced by ZipRecruiter
Industry
Civil engineering construction
Company size
11 - 50 Employees
Headquarters location
New Bloomfield, PA, US
Year founded
1996