1

Penetration Testers Jobs (NOW HIRING)

TestPros is looking for an experienced Penetration Testers to support our IT Security consulting work for various Commercial and Federal consulting services projects. Start: Future projects late 2026 ...

Demonstrated ability to lead a penetration test and guide Senior/Junior Penetration Testers. * U.S. citizenship required. * An active Secret security clearance. * Must have the ability to obtain a ...

Demonstrated ability to lead a penetration test and guide Senior/Junior Penetration Testers. * U.S. citizenship required. * An active Secret security clearance. * Must have the ability to obtain a ...

Demonstrated ability to lead a penetration test and guide Senior/Junior Penetration Testers. * U.S. citizenship required. * An active Secret security clearance. * Must have the ability to obtain a ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of applications, systems, and network enclaves to identify security weaknesses and vulnerabilities. Assess ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of applications, systems, and network enclaves to identify security weaknesses and vulnerabilities. Assess ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of applications, systems, and network enclaves to identify security weaknesses and vulnerabilities. Assess ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of applications, systems, and network enclaves to identify security weaknesses and vulnerabilities. Assess ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of applications, systems, and network enclaves to identify security weaknesses and vulnerabilities. Assess ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of applications, systems, and network enclaves to identify security weaknesses and vulnerabilities. Assess ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of applications, systems, and network enclaves to identify security weaknesses and vulnerabilities. Assess ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of applications, systems, and network enclaves to identify security weaknesses and vulnerabilities. Assess ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of applications, systems, and network enclaves to identify security weaknesses and vulnerabilities. Assess ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of applications, systems, and network enclaves to identify security weaknesses and vulnerabilities. Assess ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of applications, systems, and network enclaves to identify security weaknesses and vulnerabilities. Assess ...

next page

Showing results 1-20

Penetration Testers information

See salary details

$22.5K

$119.9K

$168.5K

How much do penetration testers jobs pay per year?

As of Jul 6, 2026, the average yearly pay for penetration testers in the United States is $119,895.00, according to ZipRecruiter salary data. Most workers in this role earn between $96,000.00 and $141,000.00 per year, depending on experience, location, and employer.

Will pentesters be replaced by AI?

Penetration testers perform manual security assessments that require critical thinking, creativity, and understanding of complex systems, which AI currently cannot fully replicate. While AI tools can assist in automating certain tasks like vulnerability scanning, human expertise remains essential for interpreting results and developing effective security strategies.

What are some common challenges Penetration Testers face when working with client organizations?

Penetration Testers often encounter challenges such as limited access to information, strict testing timeframes, and varying levels of security maturity within client organizations. Gaining necessary permissions and ensuring clear communication about the testing scope are essential to avoid misunderstandings. Additionally, Penetration Testers must frequently adapt to rapidly changing technologies and environments, making continuous learning and flexibility important for success.

How much does a penetration tester make?

Penetration testers typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and location. Senior roles or those with advanced skills in tools like Kali Linux or Metasploit can earn higher salaries, especially in high-demand markets.

Is penetration tester a good career?

A penetration tester is a cybersecurity professional who assesses computer systems and networks for vulnerabilities using tools like Kali Linux and Metasploit. The role offers high demand, competitive salaries, and opportunities for specialization and certification, such as OSCP or CISSP. It requires strong technical skills, problem-solving ability, and ongoing learning to stay current with evolving threats.

What are penetration testers?

Penetration testers, also known as ethical hackers, are cybersecurity professionals who simulate cyberattacks on computer systems, networks, and applications to identify vulnerabilities before malicious hackers can exploit them. Their goal is to find security weaknesses and report their findings to organizations, helping them strengthen their defenses. Penetration testers use a combination of automated tools and manual techniques to assess security risks and recommend remediation strategies. This role requires a deep understanding of IT systems, security protocols, and the latest hacking methods.

What is the difference between Penetration Testers vs Security Analysts?

AspectPenetration TestersSecurity Analysts
CertificationsOSCP, CEH, GPENCISSP, Security+
Work EnvironmentSimulated attacks, offensive securityMonitoring, incident response
Employer & Industry UsageCybersecurity firms, IT departmentsCorporate, government, finance sectors
Search & Comparison IntentUnderstanding offensive security rolesDefensive security roles

Penetration Testers focus on simulating cyberattacks to identify vulnerabilities, while Security Analysts monitor and respond to security threats. Both roles require cybersecurity certifications but differ in their approach—offensive versus defensive. Penetration Testers are proactive, testing systems for weaknesses, whereas Security Analysts are reactive, managing security incidents. Understanding these differences helps organizations build comprehensive security teams.

What are the key skills and qualifications needed to thrive as a Penetration Tester, and why are they important?

To thrive as a Penetration Tester, you need a solid understanding of network security, operating systems, and vulnerability assessment, typically supported by a degree in computer science or cybersecurity and relevant certifications like OSCP or CEH. Familiarity with tools such as Metasploit, Burp Suite, Nmap, and Wireshark is essential for effectively simulating cyberattacks and identifying system weaknesses. Strong analytical thinking, problem-solving skills, and clear communication help Penetration Testers document findings and collaborate with teams. These skills and qualities are vital for identifying security gaps, reducing organizational risk, and ensuring robust defense against evolving cyber threats.

What do penetration testers do?

Penetration testers, also known as ethical hackers, evaluate the security of computer systems, networks, and applications by simulating cyberattacks to identify vulnerabilities. They use tools like vulnerability scanners and follow industry standards such as OSCP or CEH certifications to assess security defenses and recommend improvements.
More about Penetration Testers jobs
What cities are hiring for Penetration Testers jobs? Cities with the most Penetration Testers job openings:
What states have the most Penetration Testers jobs? States with the most job openings for Penetration Testers jobs include:
Infographic showing various Penetration Testers job openings in the United States as of June 2026, with employment types broken down into 96% Full Time, 2% Part Time, and 2% Contract. Highlights an 83% Physical, 3% Hybrid, and 14% Remote job distribution, with an average salary of $119,895 per year, or $57.6 per hour.
Penetration Testing - Mid-Level/Senior

Penetration Testing - Mid-Level/Senior

Endyna

Mclean, VA • On-site

Contractor

Posted 4 days ago


Job description

Location: Remote / Hybrid / Travel as Required (U.S.)
Security Requirement:
Must be eligible to obtain and maintain an HHS Tier 4 High Risk Public Trust.
About EnDyna
EnDyna is seeking experienced Penetration Testers to support the Department of Health and Human Services (HHS) Office of Inspector General (OIG) Cyber Assessment Team. The successful candidate will conduct advanced penetration testing, security assessments, vulnerability analysis, exploitation activities, technical reporting, and cybersecurity consulting supporting Federal audit activities.
Candidates will be considered for either Mid-Level or Senior positions based upon education, certifications, and demonstrated experience.
Position Responsibilities
The selected candidate will perform cybersecurity assessments including:
Penetration Testing
  • Perform external network penetration testing
  • Perform internal network penetration testing
  • Perform web application penetration testing
  • Perform cloud security assessments
  • Perform wireless security assessments
  • Perform mobile application testing
  • Perform container security assessments
  • Perform AI system security assessments
  • Conduct phishing and social engineering assessments
  • Perform information gathering and reconnaissance
  • Enumerate hosts, services, operating systems, applications and network devices
  • Identify vulnerabilities and attack paths
  • Exploit vulnerabilities using approved methodologies
  • Perform post-exploitation activities
  • Demonstrate persistence techniques
  • Evaluate data access and exfiltration opportunities
  • Document countermeasures encountered during testing
  • Validate remediation activities

Security Analysis
  • Analyze vulnerability scan results
  • Correlate findings from multiple tools
  • Eliminate false positives
  • Prioritize vulnerabilities based upon risk
  • Map findings to NIST, CVE, OWASP and Federal guidance
  • Develop mitigation recommendations

Documentation & Reporting
Prepare professional technical documentation including:
  • Rules of Engagement review
  • Attack confirmation lists
  • Penetration testing reports
  • Executive summaries
  • Technical findings
  • Risk analyses
  • Recommendations
  • Supporting evidence
  • Screenshots
  • Logs
  • Testing artifacts

Customer Interaction
  • Participate in planning meetings
  • Conduct entrance conferences
  • Present technical findings
  • Participate in status briefings
  • Explain vulnerabilities to both technical and executive audiences
  • Support audit teams throughout engagements

Technical Assistance
Provide cybersecurity expertise supporting OIG auditors by:
  • Performing vulnerability scans
  • Analyzing scan results
  • Advising auditors on security findings
  • Supporting remote assessments
  • Participating in technical discussions

Required Qualifications
Mid-Level
  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology or related field
  • 4+ years of penetration testing experience
  • Experience performing network and web application penetration testing
  • Experience with vulnerability assessment tools
  • Experience writing professional technical reports
  • Knowledge of TCP/IP networking
  • Understanding of Windows and Linux operating systems

Senior Level
  • Bachelor's degree (Master's preferred)
  • 8+ years of penetration testing experience
  • Experience leading penetration testing engagements
  • Advanced exploitation experience
  • Experience with cloud environments
  • Experience mentoring junior testers
  • Experience briefing executive leadership
  • Strong technical writing skills

Desired Technical Skills
Experience with:
  • Burp Suite Pro
  • Nmap
  • Nessus
  • Metasploit
  • Kali Linux
  • Wireshark
  • BloodHound
  • Impacket
  • CrackMapExec
  • PowerShell
  • Python
  • Azure
  • AWS
  • Docker
  • Kubernetes
  • Active Directory
  • Microsoft Entra ID
  • Wireless testing tools

Preferred Certifications
One or more of:
  • OSCP
  • OSCE
  • OSEP
  • GPEN
  • GWAPT
  • GXPN
  • GCIH
  • CISSP
  • Security+
  • PNPT
  • CRTO

Desired Knowledge
Experience with:
  • NIST SP 800-115
  • OWASP Testing Guide
  • MITRE ATT&CK
  • CVSS
  • Federal cybersecurity environments
  • FISMA
  • FedRAMP

Travel
Occasional travel throughout the United States may be required.
Why Join EnDyna
  • Support one of the Federal Government's premier cybersecurity audit organizations
  • Perform real-world penetration testing
  • Work alongside nationally recognized cybersecurity experts
  • Opportunities for advanced technical growth
  • Flexible remote work environment