1

Penetration Testing Jobs in Rochester, NY (NOW HIRING)

Internship

Batavia, NY · On-site

$16/hr

Slag work; examines weld for size of bead, penetration and quality continuous code welding and testing. Visually examines completed weld for size of bead, penetration and quality. Strong backs ...

Internship

Batavia, NY · On-site

$16/hr

... bead, penetration and quality continuous code welding and testing. · Visually examines completed weld for size of bead, penetration and quality. · Strong backs, complicated standard or special ...

Internship

Batavia, NY · On-site

$18.50 - $24.50/hr

... penetration and quality continuous code welding and testing. • Visually examines completed weld for size of bead, penetration and quality. • Strong backs, complicated standard or special ...

Welder in Training

Batavia, NY · On-site

$15 - $22/hr

Slag work; examines weld for size of bead, penetration and quality continuous code welding and testing. d. Visually examines completed weld for size of bead, penetration and quality. e. Understand ...

Welder in Training

Batavia, NY · On-site

$15 - $22/hr

Slag work; examines weld for size of bead, penetration and quality continuous code welding and testing. d. Visually examines completed weld for size of bead, penetration and quality. e. Understand ...

Welder - Hiring Now

Batavia, NY · On-site

$18.50 - $24.50/hr

Slag work; examines weld for size of bead, penetration and quality continuous code welding and testing. d. Visually examines completed weld for size of bead, penetration and quality. e. Understand ...

Welder in Training

Batavia, NY · On-site

$15 - $22/hr

Slag work; examines weld for size of bead, penetration and quality continuous code welding and testing. d. Visually examines completed weld for size of bead, penetration and quality. e. Understand ...

Welder in Training

Batavia, NY · On-site

$18.50 - $24.50/hr

Slag work; examines weld for size of bead, penetration and quality continuous code welding and testing. d. Visually examines completed weld for size of bead, penetration and quality. e. Understand ...

Welder - Manufacturing

Batavia, NY · On-site

$18.50 - $24.50/hr

Slag work; examines weld for size of bead, penetration and quality continuous code welding and testing. d. Visually examines completed weld for size of bead, penetration and quality. e. Understand ...

next page

Showing results 1-20

Penetration Testing information

See Rochester, NY salary details

$22.2K

$118.3K

$166.3K

How much do penetration testing jobs pay per year?

As of Jul 14, 2026, the average yearly pay for penetration testing in Rochester, NY is $118,328.00, according to ZipRecruiter salary data. Most workers in this role earn between $94,700.00 and $139,200.00 per year, depending on experience, location, and employer.

What are some common challenges faced by penetration testers during client engagements?

Penetration testers often encounter challenges such as limited access to information, time constraints, and complex network environments that can hinder thorough assessments. Additionally, balancing the need to simulate real-world attacks while ensuring no disruption to client operations requires careful planning and communication. Collaborating effectively with IT teams and clearly documenting findings are crucial for ensuring that vulnerabilities are properly understood and addressed.

Will AI replace pentesters?

AI can assist penetration testers by automating repetitive tasks and analyzing large data sets, but it cannot fully replace the critical thinking, creativity, and adaptability required in penetration testing. Human expertise remains essential for identifying complex vulnerabilities, developing attack strategies, and interpreting results. As AI tools evolve, they will serve as valuable supplements rather than substitutes for skilled pentesters.

Is penetration tester a good career?

A penetration tester is a cybersecurity professional who assesses computer systems and networks for vulnerabilities using tools like Kali Linux and Metasploit. The role offers high demand, competitive salaries, and opportunities for specialization and certification, making it a strong career choice for those interested in cybersecurity and ethical hacking.

Can I make $200,000 a year in cyber security?

Penetration testers and cybersecurity professionals can earn $200,000 or more annually, especially with advanced skills, certifications like OSCP or CISSP, and experience in high-demand environments. Senior roles, specialized expertise, and working for large organizations or consulting firms often contribute to higher salaries.

What is the difference between Penetration Testing vs Vulnerability Assessment?

AspectPenetration TestingVulnerability Assessment
PurposeSimulate cyberattacks to identify exploitable vulnerabilitiesIdentify and prioritize security weaknesses
DepthIn-depth, targeted testingBroad, comprehensive scanning
CertificationsOSCP, CEH, GPENOSCP, CEH, Security+
Work EnvironmentHands-on testing, simulated attacksAutomated scans, reports

While both roles focus on security weaknesses, Penetration Testing involves actively exploiting vulnerabilities to assess real-world impact, whereas Vulnerability Assessment identifies potential issues for prioritization. Penetration Testing provides a deeper, more targeted security evaluation, making it essential for comprehensive security testing.

What is penetration testing?

Penetration testing, also known as ethical hacking, is a security practice where professionals simulate cyberattacks on a computer system, network, or application to identify vulnerabilities before malicious hackers can exploit them. The goal is to find and safely exploit weaknesses, assess the impact of potential attacks, and provide recommendations to improve security. Penetration testers use a variety of tools and techniques, often mirroring real-world attack methods, to thoroughly evaluate an organization’s defenses. It is a proactive approach to improving an organization's cybersecurity posture.

How much do penetration testers make?

Penetration testers typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and location. Senior professionals with advanced skills and certifications like OSCP or CISSP can earn higher salaries, especially in high-demand markets or specialized environments.
What are the most commonly searched types of Penetration Testing jobs in Rochester, NY? The most popular types of Penetration Testing jobs in Rochester, NY are:
What cities near Rochester, NY are hiring for Penetration Testing jobs? Cities near Rochester, NY with the most Penetration Testing job openings:
Infographic showing various Penetration Testing job openings in Rochester, NY as of July 2026, with employment types broken down into 33% Full Time, and 67% Contract. Highlights an 67% In-person, and 33% Remote job distribution, with an average salary of $118,328 per year, or $56.9 per hour.
Senior Information Security Analyst

Senior Information Security Analyst

Cooper Companies

Victor, NY

$117K - $156K/yr

Full-time

Re-posted 8 days ago


Job description

At CooperVision, a division of CooperCompanies, we're driven by a unifying purpose to help people to experience life's beautiful moments. We are connected through our shared values - dedicated, innovative, friendly, partners, and do the right thing. As a leading global manufacturer of contact lenses, we are committed to helping improve the way people see each day. Through our diverse lens portfolio, we tackle the toughest vision challenges - including astigmatism, presbyopia, and childhood myopia. We offer the most complete collection of spherical, toric, and multifocal products available, enabling us to fit 99% of all contact wearers. Learn more at www.coopervision.com.

  • This role is not eligible for employer-sponsored work authorization now or in the future. Applicants must be authorized to work in the United States on a permanent and ongoing basis without the need for future sponsorship (i.e., H1B, STEM OPT extensions, TN, etc.)

Job Summary:

The Senior Information Security Analyst provides advanced security expertise across the enterprise to reduce risk. The role partners with engineering, compliance, audit, and business stakeholders to define and maintain security architecture, baselines, and standards; streamline remediation of vulnerabilities; and continuously improve Security Controls effectiveness.

Knowledge, Skills and Abilities:

  • Expert knowledge of secutiry frameworks and concepts such as NIST 800-53, ISO 27001, CIS Critical Controls, the Cyber Kill Chain, MITRE ATT&CK, and OWASP.
  • Have in-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls.
  • Deep understanding of enterprise infrastructure and security technologies including network switches/routers, firewalls/VPN, DLP, anti-malware, IDS/IPS, SIEM, SMTP/email security, Active Directory/Group Policy, DNS, DHCP, VLANs, and content filtering.
  • Experience with traditional and modern security controls such as SIEM, IDS/IPS, PKI, IAM, antivirus/firewalls, EDR, threat intelligence, security automation/orchestration, deception, and application controls.
  • Ability to conduct vulnerability scanning and penetration testing; incident response and digital forensics.
  • Experience developing policies, procedures, standards, and guidelines
  • Strong analytical, strategic, and tactical thinking; ability to communicate business risk effectively and drive nuanced solutions without impeding innovation.
  • Understanding of common cloud platforms and how to secure them; experience with AWS and/or Azure is a plus.
  • Ability to interact with Cooper personnel and build strong relationships at all levels, and across all business units and organizations, and to understand business imperatives.
  • Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and to work with minimal supervision.
  • Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams, management, and business personnel.

Work Environment:

  • Participate in 24x7x365 on-call rotation for emergencies and escalations.

Experience:

  • 5-10 years of professional IT experience; 3-6 years specifically in Information Security, including work with geographically dispersed teams.
  • Experience supporting audits and meeting regulatory requirements (SOX, HIPAA, PCI, GDPR, GLBA).

Education:

  • Bachelor's degree in computer science, information assurance/cybersecurity, MIS, or equivalent experience.
  • Professional certifications such as GIAC (e.g., GSEC/GCIA), CISSP, CISM, Cisco Security or similar are preferred.

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.

For U.S. locations that require disclosure of compensation, the starting base pay for this role is between $117,341 and $156,454.00 per year and may include cost of living adjustments.  The actual base pay includes many factors and is subject to change and modification in the future.  This position may also be eligible for other types of compensation and benefits.

#LI-AK1

  • Provide leadership and direction for the integration of security culture and design within business and IT strategy; work with the Engineering teams to ensure that security considerations are included in systems architecture and help to identify, evaluate, and select security solutions to meet information security/compliance needs.

  • Mentor and coach junior team members to develop well-rounded information security skill sets; promote a strong security culture and awareness across the organization.

  • Work with compliance teams to ensure solutions meet security policies and procedures.

  • Support compliance with relevant regulations and frameworks (e.g., SOX, HIPAA, PCI, GDPR, GLBA) and privacy laws; prepare for and participate in audits and examinations.

  • Administer and tune security tools (e.g., SIEM, NAC, firewalls, IDS/IPS, secure email gateway) to ensure effective monitoring and detection while enabling business operations.

  • Partner with Security Engineers to ensure security-by-design in systems architecture and delivery of secure solutions; participate in change/project management to validate secure designs and implementations.

  • Define and maintain enterprise security documents (policies, standards, baselines, guidelines, and procedures) and provide detailed hardening guidance to technical teams.

  • Prioritize vulnerability assessment output based on exploitability, impact, and likelihood; coordinate remediation across infrastructure, endpoints, applications, and cloud services.

  • Support compliance with relevant regulations and frameworks (e.g., SOX, HIPAA, PCI, GDPR, GLBA) and privacy laws; prepare for and participate in audits and examinations.

  • Design, scope, and lead deep technical assessments on internal and external systems.

  • Define incident response playbooks for IT and Information Security personnel to follow when responding to common issues (e.g., malware infection, phishing, etc.)

  • Act as a Subject Matter Expert within all Information Security disciplines.

  • Coordinate and help implement significant security projects 

  • Contribute to Business Continuity and Disaster Recovery planning and exercises in coordination with IT and continuity team

  • Influence and communicate business risk and recommended mitigations to technical and non-technical audiences; document clearly for management and stakeholders.

  • Handle sensitive/confidential information, investigations, and incidents in a professional and confidential manner.

  • Perform other duties as assigned.

    Travel Requirements:  5% domestic and/or international travel