1

Penetration Testing Jobs (NOW HIRING)

The Penetration Testing Lead will analyze vulnerabilities, identify gaps in IT security policies and configurations, and deliver actionable recommendations to reduce organizational cyber risk. This ...

The SME will lead complex penetration testing engagements, provide technical consulting to Federal auditors, develop testing methodologies, mentor penetration testers, deliver cybersecurity training ...

The SME will lead complex penetration testing engagements, provide technical consulting to Federal auditors, develop testing methodologies, mentor penetration testers, deliver cybersecurity training ...

New

The Penetration Testing Lead will analyze vulnerabilities, identify gaps in IT security policies and configurations, and deliver actionable recommendations to reduce organizational cyber risk. This ...

The Penetration Testing Lead will analyze vulnerabilities, identify gaps in IT security policies and configurations, and deliver actionable recommendations to reduce organizational cyber risk. This ...

The SME will lead complex penetration testing engagements, provide technical consulting to Federal auditors, develop testing methodologies, mentor penetration testers, deliver cybersecurity training ...

Penetration Tester For AI/ML Systems 7+ years of experience in penetration testing with a focus on AI/ML systems, including hands-on exploitation of vulnerabilities like adversarial attacks, model ...

Role: Penetration Testing / Security Test Engineer Location: Santa Clara, CA Role Summary The Application Security & Penetration Testing Specialist will be responsible for conducting security ...

Conduct application, network, and wireless penetration testing in accordance with approved methodologies and rules of engagement. Identify security flaws in computing platforms, applications, and ...

Conduct application, network, and wireless penetration testing in accordance with approved methodologies and rules of engagement. Identify security flaws in computing platforms, applications, and ...

Conduct application, network, and wireless penetration testing in accordance with approved methodologies and rules of engagement. Identify security flaws in computing platforms, applications, and ...

Conduct application, network, and wireless penetration testing in accordance with approved methodologies and rules of engagement. Identify security flaws in computing platforms, applications, and ...

Conduct application, network, and wireless penetration testing in accordance with approved methodologies and rules of engagement. Identify security flaws in computing platforms, applications, and ...

Conduct application, network, and wireless penetration testing in accordance with approved methodologies and rules of engagement. Identify security flaws in computing platforms, applications, and ...

next page

Showing results 1-20

Penetration Testing information

See salary details

$22.5K

$119.9K

$168.5K

How much do penetration testing jobs pay per year?

As of Jul 6, 2026, the average yearly pay for penetration testing in the United States is $119,895.00, according to ZipRecruiter salary data. Most workers in this role earn between $96,000.00 and $141,000.00 per year, depending on experience, location, and employer.

What are some common challenges faced by penetration testers during client engagements?

Penetration testers often encounter challenges such as limited access to information, time constraints, and complex network environments that can hinder thorough assessments. Additionally, balancing the need to simulate real-world attacks while ensuring no disruption to client operations requires careful planning and communication. Collaborating effectively with IT teams and clearly documenting findings are crucial for ensuring that vulnerabilities are properly understood and addressed.

Will AI replace pentesters?

AI can assist penetration testers by automating repetitive tasks and analyzing large data sets, but it cannot fully replace the critical thinking, creativity, and adaptability required in penetration testing. Human expertise remains essential for identifying complex vulnerabilities, developing attack strategies, and interpreting results. As AI tools evolve, they will serve as valuable supplements rather than substitutes for skilled pentesters.

Is penetration tester a good career?

A penetration tester is a cybersecurity professional who assesses computer systems and networks for vulnerabilities using tools like Kali Linux and Metasploit. The role offers high demand, competitive salaries, and opportunities for specialization and certification, making it a strong career choice for those interested in cybersecurity and ethical hacking.

Can I make $200,000 a year in cyber security?

Penetration testers and cybersecurity professionals can earn $200,000 or more annually, especially with advanced skills, certifications like OSCP or CISSP, and experience in high-demand environments. Senior roles, specialized expertise, and working for large organizations or consulting firms often contribute to higher salaries.

What is the difference between Penetration Testing vs Vulnerability Assessment?

AspectPenetration TestingVulnerability Assessment
PurposeSimulate cyberattacks to identify exploitable vulnerabilitiesIdentify and prioritize security weaknesses
DepthIn-depth, targeted testingBroad, comprehensive scanning
CertificationsOSCP, CEH, GPENOSCP, CEH, Security+
Work EnvironmentHands-on testing, simulated attacksAutomated scans, reports

While both roles focus on security weaknesses, Penetration Testing involves actively exploiting vulnerabilities to assess real-world impact, whereas Vulnerability Assessment identifies potential issues for prioritization. Penetration Testing provides a deeper, more targeted security evaluation, making it essential for comprehensive security testing.

What is penetration testing?

Penetration testing, also known as ethical hacking, is a security practice where professionals simulate cyberattacks on a computer system, network, or application to identify vulnerabilities before malicious hackers can exploit them. The goal is to find and safely exploit weaknesses, assess the impact of potential attacks, and provide recommendations to improve security. Penetration testers use a variety of tools and techniques, often mirroring real-world attack methods, to thoroughly evaluate an organization’s defenses. It is a proactive approach to improving an organization's cybersecurity posture.

How much do penetration testers make?

Penetration testers typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and location. Senior professionals with advanced skills and certifications like OSCP or CISSP can earn higher salaries, especially in high-demand markets or specialized environments.
What cities are hiring for Penetration Testing jobs? Cities with the most Penetration Testing job openings:
What are the most commonly searched types of Penetration Testing jobs? The most popular types of Penetration Testing jobs are:
What states have the most Penetration Testing jobs? States with the most job openings for Penetration Testing jobs include:
Infographic showing various Penetration Testing job openings in the United States as of July 2026, with employment types broken down into 1% Locum Tenens, 94% Full Time, 2% Part Time, 2% Contract, and 1% Summer. Highlights an 83% Physical, 2% Hybrid, and 15% Remote job distribution, with an average salary of $119,895 per year, or $57.6 per hour.

Penetration Testing Lead

kgs

Leesburg, VA

Other

Medical, Dental, Vision, Retirement, PTO

Posted 12 days ago


Job description

Koniag IT Systems, LLC, a Koniag Government Services company, is seeking a Penetration Testing Lead to support KITS and our government customer in Washington, DC. This position is for a Future New Business Opportunity.   
The customer may need support as needed at other locations: Warrenton, VA, Atlantic City, NJ, Melbourne, FL, Oklahoma, OK and Leesburg, VA. 
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.

We are seeking an experienced Penetration Testing Lead to conduct advanced penetration testing activities, simulate cyberattacks, and evaluate the security posture of systems, networks, and applications. The Penetration Testing Lead will analyze vulnerabilities, identify gaps in IT security policies and configurations, and deliver actionable recommendations to reduce organizational cyber risk. This role requires a highly technical leader with demonstrated experience in offensive and defensive cybersecurity operations and penetration testing methodologies.

Essential Functions, Responsibilities & Duties may include, but are not limited to:

  • Perform penetration testing and vulnerability assessments of systems, networks, and applications.
  • Provide detailed analysis of discovered vulnerabilities, gaps, and risks, including assessment of patching and mitigation strategies.
  • Act as an ethical attacker (red team) to simulate cyber intrusions, or as defensive cybersecurity personnel (blue team) to strengthen system resilience.
  • Develop penetration testing Rules of Engagement (ROE), test plans, and reports.
  • Execute tests in alignment with specifications, requirements, and cybersecurity guidance.
  • Provide technical expertise on penetration testing tools, cyber ranges, and simulation environments.
  • Recommend remediation actions to lower overall risk exposure.
  • Lead, supervise, and coordinate penetration testing teams and activities.

Required Qualifications:

  • Bachelor’s degree in Cyber Security, Computer Science, Information Technology, Engineering, Mathematics, or Physics from an accredited institution.
  • Eight (8) years of experience performing penetration testing or related responsibilities described in this position.
  • At least two (2) years of relevant experience must be recent (performed within the last three years).
  • Five (5) years of management and supervisory experience within the required experience timeframe
  • Two (2) of those five (5) years must have been in a lead role.
  • At least one (1) of the following Red Teaming or Blue Teaming certifications:

Red Teaming Certifications:

  • Offensive Security Certified Professional (OSCP)
  • Offensive Security Certified Expert (OSCE)
  • Offensive Security Wireless Professional (OSWP)
  • Offensive Security Web Expert (OSWE)
  • Certified Ethical Hacker (CEH)
  • EC Council Certified Security Analyst (ECSA)
  • CEH Practical
  • ECSA Practical
  • Licensed Penetration Tester (LPT) Master
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Penetration Tester (GPEN)
  • GIAC Web Application Penetration Tester (GWAPT)
  • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
  • GIAC Assessing and Auditing Wireless Networks (GAWN)

Blue Teaming Certifications:

  • Certified Network Defender (CND)
  • Certified Network Defense Architect (CNDA)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Defending Advanced Threats (GDAT)
  • GIAC Defensible Security Architecture (GDSA)
  • GIAC Certified Enterprise Defender (GCED)
  • GIAC Certified Forensic Analyst (GCFA)

Preferred Qualifications:

  • Experience supporting federal agencies or regulated cybersecurity environments.
  • Knowledge of NIST security controls, RMF, cyber ranges, and penetration testing methodologies.
  • Strong communication, reporting, and documentation skills.

Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.

The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com.
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352