1

Penetration Tester Jobs (NOW HIRING)

Penetration Tester Job Locations US-VA-Arlington Requisition ID 2026-164371 Position Category Cyber Security Clearance Top Secret Responsibilities Peraton is seeking an experienced Cyber Penetration ...

Client Webinspect and HCL Appscan preferred - any other tools is OK as well Minimum 7 years of experience Work with enterprise programs on penetration testing and online application security Worked ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of applications, systems, and network enclaves to identify security weaknesses and vulnerabilities. Assess ...

Coordinate penetration testing activities and schedules with internal stakeholders, system owners, and external partners as required. * Perform network vulnerability assessments and exploitation ...

Penetration Tester

Arlington, VA · On-site

$86K - $138K/yr

Responsibilities Peraton is seeking an experienced Cyber Penetration Tester to become part of Peratons' Federal Strategic Cyber programs. Location: Northern VA; Hybrid - flex as long as person can ...

SkyePoint Decisions is seeking a Penetration Tester to support the Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative ...

Penetration Tester

Chantilly, VA · On-site

$150K - $195K/yr

Overview VTG is looking for multiple levels (Level 2, 3 & 4) of a Penetration Tester in Chantilly VA and Aurora CO. (Note: position is contingent upon program award and the postions are located in ...

Penetration Tester

Arlington, VA · On-site

$95K - $112K/yr

SkyePoint Decisions is seeking a Penetration Tester to support the Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative ...

Penetration Tester

Aurora, CO · On-site

$150K - $195K/yr

Overview VTG is looking for multiple levels (Level 2, 3 & 4) of a Penetration Tester in Chantilly VA and Aurora CO. (Note: position is contingent upon program award and the postions are located in ...

Penetration Tester Job ID: 26-03154 Location: Remote Duration: 12 Months on W2 contract (Possible Extension) Must-Have Skills: * 3+ years of hands-on Penetration Testing / Offensive Security ...

Penetration Tester

Arlington, VA · On-site

$86K - $138K/yr

Responsibilities Peraton is seeking an experienced Cyber Penetration Tester to become part of Peratons' Federal Strategic Cyber programs. Location: Northern VA; Hybrid - flex as long as person can ...

Penetration Tester Location: Reston, VA Work Mode - Hybrid role, 2 days' Work from Office (Wednesday and Thursday) Must have Skill Set - Red team pentester * Network penetration testing and ...

Overview VTG is looking for multiple levels (Level 2, 3 & 4) of a Penetration Tester in Chantilly VA and Aurora CO. (Note: position is contingent upon program award and the postions are located in ...

Penetration Tester

Arlington, VA · On-site

$86K - $138K/yr

Responsibilities Peraton is seeking an experienced Cyber Penetration Tester to become part of Peratons' Federal Strategic Cyber programs. Location: Northern VA; Hybrid - flex as long as person can ...

Junior Penetration Tester Role Purpose The Junior Penetration Tester is an execution-focused role responsible for performing authorized security testing activities under defined methodologies and ...

next page

Showing results 1-20

Penetration Tester information

See salary details

$22.5K

$119.9K

$168.5K

How much do penetration tester jobs pay per year?

As of Jul 6, 2026, the average yearly pay for penetration tester in the United States is $119,895.00, according to ZipRecruiter salary data. Most workers in this role earn between $96,000.00 and $141,000.00 per year, depending on experience, location, and employer.

What Does a Penetration Tester Do?

As a penetration tester, your job is to test the security of a network by attempting to hack into an application, system, or computer. Penetration testing can occur in a variety of ways, from physical interaction with the machine you’re trying to hack to attacks sent over the web. Aside from helping clients test for vulnerabilities, your job also includes explaining how you got in and providing recommendations for stopping others from repeating your actions. In some cases, you may be asked to help investigate cyber crimes or explain methods and techniques in criminal trials. Success in this job is often measured by how many security holes you find and close.

What are some common challenges penetration testers face during client engagements?

Penetration testers often encounter challenges such as limited access to information, strict time constraints, and navigating complex or legacy systems. Additionally, they must balance thorough testing with minimizing disruptions to client operations. Effective communication is crucial, as testers need to clearly document findings and explain technical vulnerabilities to non-technical stakeholders to ensure remediation efforts are understood and prioritized.

What are Penetration Testers?

Penetration Testers, also known as ethical hackers, are cybersecurity professionals who simulate cyberattacks on computer systems, networks, or applications to identify and address security vulnerabilities. Their work helps organizations discover weak points before malicious hackers can exploit them. Penetration testers use a variety of tools and techniques to mimic real-world threats and provide detailed reports with recommendations for improving security. They play a crucial role in maintaining the safety and integrity of an organization’s digital assets.

What is the difference between Penetration Tester vs Vulnerability Analyst?

AspectPenetration TesterVulnerability Analyst
CertificationsOSCP, CEH, GPENCVE, CISSP, GIAC
Work EnvironmentHands-on testing, simulated attacksVulnerability scanning, risk assessment
Employer & IndustryCybersecurity firms, IT departmentsSecurity teams, compliance agencies
Search & Comparison IntentUnderstanding testing roles, skillsIdentifying vulnerabilities, analysis methods

While both roles focus on cybersecurity, a Penetration Tester actively exploits vulnerabilities to test security defenses, whereas a Vulnerability Analyst identifies and assesses weaknesses without exploiting them. Penetration Testers typically perform simulated attacks, requiring hands-on skills and certifications like OSCP or CEH. Vulnerability Analysts focus on scanning and reporting vulnerabilities, often working with tools like Nessus or Qualys. Both roles are essential for a comprehensive security strategy but differ in approach and responsibilities.

What are the key skills and qualifications needed to thrive as a Penetration Tester, and why are they important?

To thrive as a Penetration Tester, you need a solid understanding of networking, operating systems, cybersecurity principles, and typically hold certifications like OSCP or CEH. Proficiency with tools such as Metasploit, Burp Suite, Nmap, and Wireshark is crucial for identifying and exploiting vulnerabilities. Strong analytical thinking, attention to detail, and clear communication skills help Penetration Testers effectively document findings and convey risks to clients. These skills and qualities are vital for uncovering security weaknesses and helping organizations strengthen their defenses against cyber threats.
What cities are hiring for Penetration Tester jobs? Cities with the most Penetration Tester job openings:
What are the most commonly searched types of Penetration Tester jobs? The most popular types of Penetration Tester jobs are:
Who are the top companies hiring for Penetration Tester jobs? The top employers for Penetration Tester jobs are:
What states have the most Penetration Tester jobs? States with the most job openings for Penetration Tester jobs include:
Penetration Tester

Penetration Tester

Peraton

Arlington, VA • On-site

Other

Posted 6 hours ago


Peraton rating

8.2

Company rating: 8.2 out of 10

Based on 53 frontline employees who took The Breakroom Quiz

47th of 207 rated it services


Job description


Penetration Tester
Job Locations
US-VA-Arlington
Requisition ID
2026-164371
Position Category
Cyber Security
Clearance
Top Secret
Responsibilities

Peraton is seeking an experienced Cyber Penetration Tester to become part of Peratons' Federal Strategic Cyber programs.

Location: Northern VA; Hybrid - flex as long as person can come on-site as/when needed.

In this role, you will:

    Support the Red Cell Team by performing and leading penetration tests to assess the security of customer systems.
  • Identify vulnerabilities and develop recommended remediations to satisfy mandated NIST 800-53 security controls.
  • Report and demonstrate findings to system owners and engineers.
  • Maintain Red Cell infrastructure.
  • Develop or modify tools to automate discovery or exploitation.
Qualifications

Basic Qualifications:

  • Bachelor of Science and 5 years of relevant experience in Cyber/IT, or a Master's of Science and 3 years of relevant experience in Cyber/IT. In lieu of a degree, 4 years of additional IT security or penetration testing experience may be considered.
  • Minimum of 2 years with penetration testing experience.
  • Possess one of the following certifications, OR be able to obtain before start date:
    • CCNA Cyber Ops, CCNA-Security, CEH, CFR, Cloud+, CySA+, GCIA, GCIH, GICSP, SCYBER, Security+ CE, SSCP
  • Demonstrated experience with Kali Linux.
  • Demonstrated penetration testing tools experience with Nmap, Burp Suite, Metasploit, etc.
  • Demonstrated ability in evaluating vulnerabilities, performing root cause analysis, and reporting findings utilizing assessment methodologies such as NIST SP 800-115, Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), OWASP Web Security Testing Guide (WTG), etc.
  • Demonstrated ability to lead a penetration test and guide Senior/Junior Penetration Testers.
  • U.S. citizenship required.
  • An active Secret security clearance.
    • Must have the ability to obtain a final Top Secret security clearance.

Preferred:

  • Active Top Secret or TS/SCI clearance.
  • One of the following certifications or an alternate, verifiable certification demonstrating IT security competence:
    • CompTIA CASP+
    • ISC2 Certified Information Security Professional (CISSP)
    • ISC2 Certified Cloud Security Professional (CCSP)
    • ISC2 Information Systems Security Engineering Professional (ISSEP)
  • One of the following certifications or an alternate, verifiable certification demonstrating practical penetration testing competence:
    • Offensive Security Certified Professional (OSCP)
    • Offensive Security Certified Professional (OSCP)
    • Hack the Box Certified Penetration Testing Specialist (CPTS)
    • TCM Security Practical Network Penetration Tester (PNPT)
    • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
    • Zero Point Security Red Team Ops II
  • Advanced understanding of the following:
    • NIST Risk Management Framework (RMF) and the Assessment and Authorization (A&A) process.
    • Security principles such as CIA, IAAAA, access control models, risk management, etc.
    • Networking principles and technologies such as IP routing, TCP/UDP, VPNs, firewalls, NAT, etc.
    • Common network protocols such as SSH, FTP, SMTP, SMB, HTTP, etc.
    • Operating system principles such as process management, device management, user management, file systems, etc.
    • Data processing principles such as encoding, hashing, encryption, etc.
    • Scripting and programming languages such as Bash, Python, PowerShell, JavaScript, etc.
    • Common application vulnerabilities and exploits such as outdated components,
    • permissions mis-configurations, lack of input validation, logging/monitoring failures, etc.
    • Common web application vulnerabilities and exploits such as XSS, SQLi, LFI, file uploads, broken authentication mechanisms, etc.
    • Active Directory (AD) enumeration and attacks such as kerberoasting, AS-REP roasting, abusing mis-configured privileges, crafting golden tickets, etc.
    • Public Key Infrastructure (PKI) and navigating IT environments implementing multifactor authentication.
    • Cloud technologies and platforms such as Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), etc.

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.

Target Salary Range
$86,000 - $138,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
EEO
EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

What Peraton employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Peraton logo

About Peraton

Sourced by ZipRecruiter

At Peraton, we re at the forefront of delivering the next big thing every day. We re the partner of choice to help solve some of the world s most daunting challenges, delivering bold, new solutions to keep people around the world safer and more secure.

Industry

It services

Company size

10,000+ Employees

Headquarters location

Herndon, VA, US

Year founded

2017