1

Penetration Tester Contract Jobs (NOW HIRING)

Contract Penetration Tester At Bishop Fox, security isn't just a job-it's our passion. As leaders in continuous offensive security and penetration testing, we deliver world-class customer experiences.

Contract Penetration Tester At Bishop Fox, securityisn'tjust a job-it'sour passion. As leaders in continuous offensive security and penetration testing, we deliver world-class customer experiences.

Penetration Tester LOCATION Tysons, VA 22182 CLEARANCE TS/SCI Full Poly (Please note this position ... Most contracts allow additional experience (4-5 years) in lieu of a Bachelor's Degree. Some ...

Overview SOSi is seeking a Penetration Tester III to support proactive cyber defense activities in ... May be requested to work evenings and weekends to meet program and contract needs. Working at SOSi ...

Penetration Tester LOCATION Chantilly, VA 20151 CLEARANCE TS/SCI Full Poly (Please note this ... Most contracts allow additional experience (4-5 years) in lieu of a Bachelor's Degree. Some ...

Overview Please note that this position is contingent upon the successful award of a contract ... Summary: The Senior Penetration Tester will independently perform penetration testing of ...

Penetration Tester LOCATION Reston, VA 20190 CLEARANCE TS/SCI Full Poly (Please note this position ... Most contracts allow additional experience (4-5 years) in lieu of a Bachelor's Degree. Some ...

Overview Please note that this position is contingent upon the successful award of a contract ... Summary: The Senior Penetration Tester will independently perform penetration testing of ...

Penetration Tester LOCATION Honolulu, HI 96815 CLEARANCE TS/SCI Full Poly (Please note this ... Most contracts allow additional experience (4-5 years) in lieu of a Bachelor's Degree. Some ...

Penetration Tester LOCATION Aurora, CO 80014 CLEARANCE TS/SCI Full Poly (Please note this position ... Most contracts allow additional experience (4-5 years) in lieu of a Bachelor's Degree. Some ...

Penetration Tester LOCATION Annapolis Junction, MD 20701 CLEARANCE TS/SCI Full Poly (Please note ... Most contracts allow additional experience (4-5 years) in lieu of a Bachelor's Degree. Some ...

Penetration Tester

Herndon, VA · On-site

$86K - $198K/yr

Penetration Tester The Opportunity : Conduct testing and analysis to identify vulnerabilities and ... as well as contract-specific affordability and organizational requirements. The projected ...

Penetration Tester LOCATION San Antonio, TX 78208 CLEARANCE TS/SCI Full Poly (Please note this ... Most contracts allow additional experience (4-5 years) in lieu of a Bachelor's Degree. Some ...

Overview Please note that this position is contingent upon the successful award of a contract ... Summary: The Senior Penetration Tester will independently perform penetration testing of ...

Overview SOSi is seeking a Penetration Tester III to support proactive cyber defense activities in ... May be requested to work evenings and weekends to meet program and contract needs. Working at SOSi ...

next page

Showing results 1-20

Penetration Tester Contract information

See salary details

$22.5K

$119.9K

$168.5K

How much do penetration tester contract jobs pay per year?

As of Jul 16, 2026, the average yearly pay for penetration tester contract in the United States is $119,895.00, according to ZipRecruiter salary data. Most workers in this role earn between $96,000.00 and $141,000.00 per year, depending on experience, location, and employer.

What is the difference between Penetration Tester Contract vs Penetration Tester Full-Time?

AspectPenetration Tester ContractPenetration Tester Full-Time
CredentialsCertifications like OSCP, CEH often requiredSame certifications typically required
Work EnvironmentProject-based, temporary assignmentsPermanent employment, ongoing projects
Employer & Industry UsageConsulting firms, cybersecurity agenciesIn-house security teams, corporations
Search & Comparison IntentFreelance opportunities, short-term rolesLong-term career, stability

In summary, Penetration Tester Contract roles are project-based and often involve short-term assignments with consulting firms, while Penetration Tester Full-Time positions offer permanent employment within organizations. Both roles typically require similar certifications and skills, but differ mainly in employment type and work environment.

What are some common challenges faced by penetration testers working on a contract basis?

Contract penetration testers often encounter challenges such as limited access to internal information, the need to quickly understand a client's environment, and tight project deadlines. They must adapt rapidly to different security policies and toolsets with each new engagement, while maintaining clear communication with diverse client teams. Building trust and delivering concise, actionable reports within the contract timeframe are essential for success and future opportunities.

What are the key skills and qualifications needed to thrive as a Penetration Tester Contractor, and why are they important?

To thrive as a Penetration Tester Contractor, you need a strong understanding of network security, vulnerability assessment, and ethical hacking, typically backed by a degree in computer science or cybersecurity and relevant certifications like OSCP or CEH. Familiarity with penetration testing tools such as Metasploit, Burp Suite, and Nmap, as well as experience with various operating systems, is essential. Strong analytical thinking, attention to detail, and effective client communication are standout soft skills in this role. These competencies ensure accurate identification of security gaps and clear reporting, helping organizations effectively strengthen their cybersecurity posture.

What is a Penetration Tester Contract?

A Penetration Tester Contract is a temporary or project-based agreement where a cybersecurity professional is hired to simulate cyberattacks on an organization’s systems, networks, or applications. The goal is to identify vulnerabilities and security weaknesses before malicious hackers can exploit them. Contractors typically deliver detailed reports on their findings and recommend remediation steps. These contracts can vary in length and scope depending on the organization's needs and the complexity of the systems being tested.

What Does a Contract Penetration Tester Do?

A contract penetration tester assesses the effectiveness of security for a computer network, website, software, or application. You perform your duties on a contract basis and work with various clients. A penetration tester finds, defines, and tries to exploit a vulnerability in their client’s cybersecurity system. In this career, your responsibilities not only include hacking into your client’s network or system, but also reporting on the potential vulnerability and helping the client improve their practices so that they can protect themselves against such a cyber threat when an actual hacker tries to penetrate their defenses.

What cities are hiring for Penetration Tester Contract jobs? Cities with the most Penetration Tester Contract job openings:
What are the most commonly searched types of Penetration Tester jobs? The most popular types of Penetration Tester jobs are:
What states have the most Penetration Tester Contract jobs? States with the most job openings for Penetration Tester Contract jobs include:
What job categories do people searching Penetration Tester Contract jobs look for? The top searched job categories for Penetration Tester Contract jobs are:
Penetration Tester - Contract

Penetration Tester - Contract

Bishop Fox

Remote

Contractor

Re-posted 11 days ago


Job description

Contract Penetration Tester
At Bishop Fox, security isn't just a job-it's our passion. As leaders in continuous offensive security and penetration testing, we deliver world-class customer experiences. Trusted by over a quarter of the Fortune 100, half of the Fortune 10, and top global media companies, we help safeguard digital landscapes. Our Cosmos platform, honored as Best Emerging Technology by SC Media, exemplifies our commitment to innovation.
Joining Bishop Fox means collaborating with a curious and dedicated team. You'll tackle complex challenges for some of the world's most recognized organizations, securing their networks against real-world threats. With nearly 20 years of industry contributions-including 16 open-source tools and 50 security advisories published in the past five years-we're committed to making the digital world safer.
We're looking for talented, experienced professional hackers to help us secure some of the world's most complex software and sophisticated technologies. You'll be working alongside our US and internationally-based teams supporting clients across multiple industries.
Responsibilities
Bishop Fox is looking for experienced contract penetration testers with a primary focus in web application security and strong secondary expertise in cloud, mobile, source code, network, or AI/LLM security.
You'll work on a range of projects, from short-term assessments to longer-term program engagements with well-established clients. In this role, you'll identify vulnerabilities, validate risk, develop creative solutions, and clearly communicate findings and remediation guidance to both technical and executive stakeholders. As a trusted advisor, you'll help clients understand risk and make informed security decisions.
Experience
  • 5+ years of experience planning, conducting, and managing web application penetration tests
  • Deep understanding of application security fundamentals, OWASP Top 10, common vulnerabilities, and secure development best practices
  • Experience assessing vulnerabilities and developing exploits across diverse targets
  • Strong understanding of system and network security, authentication protocols, security protocols, and applied cryptography
  • Ability to communicate complex technical findings clearly and provide practical remediation guidance to technical and executive audiences

Preferred Experience
Deep experience in at least one of the following:
  • Cloud Security - Experience assessing AWS cloud environments, including technologies such as IAM, EC2, VPC, EBS, S3, CloudWatch, and Lambda.
  • Mobile Application Security - Experience testing iOS and/or Android applications, including mobile application architecture, API communication, data storage, authentication flows, and common mobile security vulnerabilities.
  • Source Assisted Application Assessments: Experience evaluating applications across multiple layers, including source code, APIs, infrastructure, and integrations. Strong proficiency in Golang is highly preferred, along with familiarity in languages such as Python, Ruby, PowerShell, Java, and JavaScript.
  • Network Security - Experience with network and system exploitation, including modern tactics, techniques, and procedures such as C2 frameworks, EDR bypass, privilege escalation, password cracking, and lateral movement.
  • AI/LLM Security -Experience assessing non-deterministic security controls.

Employment Sponsorship
This engagement is for independent contractors (1099) and is not eligible for any form of employment sponsorship. Applicants must be legally authorized to work in the United States without requiring visa sponsorship now or in the future. Applicants must be located in the United States.
All new hires must pass a background check as a condition of employment.
Bishop Fox is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.