ZipRecruiter

Log In

1

Penetration Testing Hour Jobs (NOW HIRING)

Helm Point Solutions

TS/SCI with Polygraph Full-Time | Fully Funded | $200K | 40 Hours/Week Keep the Mission Running ... Execute web application penetration testing , vulnerability risk assessments, and physical/social ...

ZTI Solutions, LLC

Penetration Test Lead

Falls Church, VA · On-site

$180K - $210K/yr

Penetration Testing Lead Falls Church, Virginia. Full-time. Important Notice: This position is ... Standard business hours with operational flexibility. Benefits: * 4 Weeks Paid Time Off. * All ...

Booz Allen Hamilton, Inc.

Penetration Tester

Herndon, VA · On-site

$86K - $198K/yr

Conduct testing and analysis to identify vulnerabilities and potential threat vectors in systems ... Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible ...

Booz Allen Hamilton

Penetration Tester

Herndon, VA

$86K - $198K/yr

Conduct testing and analysis to identify vulnerabilities and potential threat vectors in systems ... Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible ...

Booz Allen Hamilton

Penetration Tester

Herndon, VA

$86K - $198K/yr

Conduct testing and analysis to identify vulnerabilities and potential threat vectors in systems ... Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible ...

Booz Allen Hamilton, Inc.

Penetration Tester

Herndon, VA · On-site

$86K - $198K/yr

Conduct testing and analysis to identify vulnerabilities and potential threat vectors in systems ... Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible ...

next page

Showing results 1-20

All JobsPenetration Testing Hour Jobs

Penetration Testing Hour information

See salary details

$22.5K

$119.9K

$168.5K

How much do penetration testing hour jobs pay per year?

As of Jun 18, 2026, the average yearly pay for penetration testing hour in the United States is $119,895.00, according to ZipRecruiter salary data. Most workers in this role earn between $96,000.00 and $141,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Penetration Tester, and why are they important?

To thrive as a Penetration Tester, you need a solid understanding of cybersecurity principles, networking, operating systems, and ethical hacking methodologies, often supported by a relevant degree or certifications like CEH or OSCP. Proficiency with tools such as Metasploit, Burp Suite, Nmap, and vulnerability scanners is typically required. Strong analytical thinking, problem-solving, and clear communication skills help Penetration Testers effectively identify vulnerabilities and convey findings to clients or stakeholders. These skills and qualities are essential to ensure robust security assessments and help organizations address and mitigate potential cyber threats.

What is the difference between Penetration Testing Hour vs Penetration Tester?

AspectPenetration Testing HourPenetration Tester
DefinitionBilling unit for security testing services; a measure of time spent on testingProfessional who conducts security assessments and penetration tests
CredentialsOften hired as a service, credentials vary by providerCertifications like OSCP, CEH, CISSP typically required
Work EnvironmentContract-based, project-specific, often remote or client-siteFull-time or freelance, working in security teams or independently
Industry UsageUsed in billing and project planningUsed to describe the role and expertise of security professionals

In summary, a Penetration Testing Hour is a billing measure for security testing services, while a Penetration Tester is a professional who performs these tests. Understanding the distinction helps clarify whether you're discussing service costs or security expertise.

What are some common challenges faced during a typical penetration testing engagement?

One of the main challenges in penetration testing is dealing with incomplete or outdated documentation, which can make it difficult to understand the full scope of the systems being tested. Testers must also navigate strict time constraints while ensuring thorough coverage and accurate reporting of vulnerabilities. Additionally, coordinating with internal IT teams to avoid disruptions and maintaining clear communication about findings is essential. Adapting quickly to unexpected security controls or changes in the environment is also a common aspect of the role.

What is a Penetration Testing Hour?

A Penetration Testing Hour refers to a unit of time, typically billed by the hour, during which a cybersecurity expert performs simulated cyberattacks on a system, network, or application to identify vulnerabilities. This approach allows organizations to purchase and schedule penetration testing services based on the number of hours required for their specific needs. The tester uses various tools and techniques to uncover security weaknesses and provides recommendations for remediation. This flexible model is often used for targeted assessments or ongoing security testing.
What cities are hiring for Penetration Testing Hour jobs? Cities with the most Penetration Testing Hour job openings:
What states have the most Penetration Testing Hour jobs? States with the most job openings for Penetration Testing Hour jobs include:
Penetration Testing Hour jobs near you
Penetration Test Lead

Penetration Test Lead

ZTI Solutions, LLC

Falls Church, VA

$180K - $210K/yr

Full-time

Medical, Dental, Vision, Retirement, PTO

Posted 29 days ago

Be an early applicant

Job description

Penetration Testing Lead
Falls Church, Virginia.
Full-time.
Important Notice: This position is contingent upon contract award.
Summary:
Penetration Test Leads plan and execute complex offensive security assessments identifying exploitable vulnerabilities before adversaries can. This role leads penetration testing engagements, develops testing methodologies, coordinates with system owners, and produces comprehensive penetration testing reports. Pen Test Leads possess advanced offensive security skills and ensure testing is conducted safely without impacting production operations.
Key Responsibilities:
  • Plan and scope 15-30 penetration testing engagements annually.
  • Execute network penetration tests identifying exploitable vulnerabilities.
  • Conduct web application security assessments (OWASP Top 10).
  • Perform social engineering tests (phishing, vishing, physical security).
  • Lead 2-4 major red team exercises annually.
  • Identify 100-300 exploitable vulnerabilities annually.
  • Document 10-40 critical/high severity findings requiring immediate remediation.
  • Produce 15-30 comprehensive penetration test reports annually.
  • Conduct 50-150 vulnerability revalidation tests verifying fixes.

Performance Metrics:
  • Annual Assessments: 15-30 penetration tests.
  • Systems Tested: 30-80 systems assessed annually.
  • Vulnerabilities Found: 100-300 exploitable issues identified.
  • Critical Findings: 10-40 requiring immediate action.
  • Assessment Reports: 15-30 comprehensive deliverables.
  • Red Team Exercises: 2-4 major exercises annually.
  • Remediation Validation: 50-150 retests annually.

Requirements:
  • Clearance: Secret (NIPR), Top Secret (SIPR), or TS/SCI Eligible (JWICS) based on network assignment.
  • Education: Bachelor's Degree in Information Technology, Cybersecurity, Computer Science, or related field.
  • Experience: 10+ years information security; 5+ years penetration testing experience.
  • Certifications: OSCP or GPEN required; OSCE, GXPN, GWAPT, or other offensive security certifications highly desired.
  • Technical Knowledge: Expert knowledge of penetration testing methodologies (PTES, OWASP, NIST 800-115), network protocols, web applications, exploitation techniques, security controls.

About Advana:
Advana is the Department of Defense Chief Digital and Artificial Intelligence Office's (CDAO) enterprise-wide data, analytics, and AI platform. Advana provides DoD military and civilian decision makers with unprecedented access to enterprise data, tools, and capabilities in a secure environment. The platform hosts hundreds of curated applications across logistics, financial management, personnel, health, and other domains, accelerating decision advantage through accessible, actionable data and AI capabilities.
This position supports comprehensive cybersecurity operations for the Advana platform across three classified networks (NIPR, SIPR, JWICS).
Important Notes:
Position Status:
  • This position is contingent upon contract award.
  • Start date will be determined upon contract award.
  • We will maintain contact with selected candidates throughout the award process.

Work Requirements:
  • U.S. Citizen required.
  • Clearance varies by network: Secret (NIPR), Top Secret (SIPR), or TS/SCI Eligible (JWICS).
  • On-premises work required at Suffolk Building, Falls Church, VA.
  • No remote work options available.
  • Standard business hours with operational flexibility.

Benefits:
  • 4 Weeks Paid Time Off.
  • All Federal Holiday’s Paid Vacation.
  • Four Percent Matching 401K.
  • Full health/vision/dental benefits for the employee and family paid 100% by ZTI Solutions, LLC.

We thank all applicants for their interest. Only candidates selected for interviews will be contacted.

About ZTI Solutions, LLC:

ZTI Solutions, LLC was founded in 1997 in Virginia and is classified as a small business. The company is owned and operated by its founder, Rudy Zadnik, who emphasizes moral and business excellence over increasing company profits. This results in a more customer-oriented attitude towards mission accomplishment, as opposed to growing profits or sales.Our approach to consulting and engineering centers around using only highly skilled personnel who are seasoned industry veterans. All employees hold high-level industry and vendor certifications. We offer a comprehensive set of consulting and staff augmentation services, primarily focused on networking and security consulting in the classified space.