GMON, GRID, CEH, Cloud+, CySA+, GSEC, PenTest+, Security+, SSCP Responsibilities include: * Evaluate security alerts and analyzes network events to determine their impact on current operations.
GMON, GRID, CEH, Cloud+, CySA+, GSEC, PenTest+, Security+, SSCP Responsibilities include: * Evaluate security alerts and analyzes network events to determine their impact on current operations.
Remote Penetration Tester
Atlanta, GA · Remote
The role requires the ability to successfully pentest an environment and then to strategize and architect security solutions to help remediate deficiencies. Pentests can be initiated by the ...
Remote Penetration Tester
Atlanta, GA · Remote
The role requires the ability to successfully pentest an environment and then to strategize and architect security solutions to help remediate deficiencies. Pentests can be initiated by the ...
GMON, GRID, CEH, Cloud+, CySA+, GSEC, PenTest+, Security+, SSCP Responsibilities include: * Evaluate security alerts and analyzes network events to determine their impact on current operations.
GMON, GRID, CEH, Cloud+, CySA+, GSEC, PenTest+, Security+, SSCP Responsibilities include: * Evaluate security alerts and analyzes network events to determine their impact on current operations.
Security Research Engineer
New York, NY · On-site
$120K - $175K/yr
Run end-to-end pentest engagements for customers using Apex, our open source offensive security tool * Curate, triage, and contextualize findings for customer audiences ranging from engineers to ...
Security Research Engineer
New York, NY · On-site
$120K - $175K/yr
Run end-to-end pentest engagements for customers using Apex, our open source offensive security tool * Curate, triage, and contextualize findings for customer audiences ranging from engineers to ...
Remote Penetration Tester
Atlanta, GA · On-site +1
The role requires the ability to successfully pentest an environment and then to strategize and architect security solutions to help remediate deficiencies. Pentests can be initiated by the ...
Remote Penetration Tester
Atlanta, GA · On-site +1
The role requires the ability to successfully pentest an environment and then to strategize and architect security solutions to help remediate deficiencies. Pentests can be initiated by the ...
GMON, GRID, CEH, Cloud+, CySA+, GSEC, PenTest+, Security+, SSCP Responsibilities include: * Evaluate security alerts and analyzes network events to determine their impact on current operations.
GMON, GRID, CEH, Cloud+, CySA+, GSEC, PenTest+, Security+, SSCP Responsibilities include: * Evaluate security alerts and analyzes network events to determine their impact on current operations.
Lead purple team collaboration efforts from the pentest perspective , working directly with the CBP SOC, detection engineering team , and Cyber Threat Hunt team to execute actions designed to ...
Lead purple team collaboration efforts from the pentest perspective , working directly with the CBP SOC, detection engineering team , and Cyber Threat Hunt team to execute actions designed to ...
CompTIA CySA+, CEH, or PenTest+ certifications are preferred. * Active or interim Secret clearance is required. * Familiarity with VRAM, ACAS, and eMASS tools; basic scripting or automation ...
CompTIA CySA+, CEH, or PenTest+ certifications are preferred. * Active or interim Secret clearance is required. * Familiarity with VRAM, ACAS, and eMASS tools; basic scripting or automation ...
CompTIA CySA+, CompTIA PenTest+, CEH, CFR, GCFA, GCIH and SCYBER) Must possess written and verbal skills to appropriately document and brief Cybersecurity Incidents Working knowledge of at least two ...
CompTIA CySA+, CompTIA PenTest+, CEH, CFR, GCFA, GCIH and SCYBER) Must possess written and verbal skills to appropriately document and brief Cybersecurity Incidents Working knowledge of at least two ...
... GXPN, Pentest+, CEH Marathon TS is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all ...
... GXPN, Pentest+, CEH Marathon TS is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all ...
CySA+, PenTest+, or SecurityX a plus Experience with SIEM, Metasploit, audit logging, vulnerability scanning/remediation, IAVM Experience with security documentation (SSPs, IRPs); CMMC Level 2 / NIST ...
CySA+, PenTest+, or SecurityX a plus Experience with SIEM, Metasploit, audit logging, vulnerability scanning/remediation, IAVM Experience with security documentation (SSPs, IRPs); CMMC Level 2 / NIST ...
GMON, GRID, CEH, Cloud+, CySA+, GSEC, PenTest+, Security+, SSCP Responsibilities include: * Evaluate security alerts and analyzes network events to determine their impact on current operations.
GMON, GRID, CEH, Cloud+, CySA+, GSEC, PenTest+, Security+, SSCP Responsibilities include: * Evaluate security alerts and analyzes network events to determine their impact on current operations.
Cybersecurity Operation Analyst 25-E-03
$80K - $112K/yr
At least one information security certification such as Security+, PenTest+, GCIA, CCNA, OSCP or CISSP is a plus. Experience with Security Information and Event Management (SIEM) platforms ...
Cybersecurity Operation Analyst 25-E-03
$80K - $112K/yr
At least one information security certification such as Security+, PenTest+, GCIA, CCNA, OSCP or CISSP is a plus. Experience with Security Information and Event Management (SIEM) platforms ...
Industry certifications such as SSCP, GSEC, CySA+, PenTest+, CISSP, or CASP+. Education Bachelor's degree with relevant experience or an equivalent combination of education and professional ...
Industry certifications such as SSCP, GSEC, CySA+, PenTest+, CISSP, or CASP+. Education Bachelor's degree with relevant experience or an equivalent combination of education and professional ...
Director of Offensive Security
Dallas, TX · On-site
This is not a scheduled pentest function or a compliance-checkbox red team. You will build and run a standing offensive capability that operates against production with authorization, emulates named ...
Director of Offensive Security
Dallas, TX · On-site
This is not a scheduled pentest function or a compliance-checkbox red team. You will build and run a standing offensive capability that operates against production with authorization, emulates named ...
CCNA Security CySA+/CSA+ GICSP GSEC Security+ CE CND SSCP CASP+ CE CCNP Security CISA CISSP (or Associate) GCED GCIH CCSP CAP CISM GSLC CCISO HCISPP CEH GSNA CFR PenTest+ In lieu of a certification ...
CCNA Security CySA+/CSA+ GICSP GSEC Security+ CE CND SSCP CASP+ CE CCNP Security CISA CISSP (or Associate) GCED GCIH CCSP CAP CISM GSLC CCISO HCISPP CEH GSNA CFR PenTest+ In lieu of a certification ...
SecurityX / CASP+, CGRC/CAP, CISSO, Cloud+, FITSP-A, GCSA, GSEC, PenTest+, Security+ Responsibilities include: * Administer, maintain, and implement software infrastructures and applications to ...
SecurityX / CASP+, CGRC/CAP, CISSO, Cloud+, FITSP-A, GCSA, GSEC, PenTest+, Security+ Responsibilities include: * Administer, maintain, and implement software infrastructures and applications to ...
Be Seen First
Cyber GRC Analyst
Phoenix, AZ · Remote
$65K - $90K/yr
You will own the work -- building and maintaining policies, responding to regulatory audits, tracking remediation from pentest findings, conducting annual NIST-CSF assessments, and managing vendor ...
Quick apply
Be Seen First
Cyber GRC Analyst
Phoenix, AZ · Remote
$65K - $90K/yr
You will own the work -- building and maintaining policies, responding to regulatory audits, tracking remediation from pentest findings, conducting annual NIST-CSF assessments, and managing vendor ...
Data Scientist - A365
Fort Huachuca, AZ · On-site +1
$85K - $95K/yr
CEH(P), GMON, GRID, Cloud+, FITSP-O, GCED, GDSA, GSEC, PenTest+, Security+, CYSA Responsibilities include: * Collaborate with business stakeholders to understand data needs and objectives. * Extract ...
Data Scientist - A365
Fort Huachuca, AZ · On-site +1
$85K - $95K/yr
CEH(P), GMON, GRID, Cloud+, FITSP-O, GCED, GDSA, GSEC, PenTest+, Security+, CYSA Responsibilities include: * Collaborate with business stakeholders to understand data needs and objectives. * Extract ...
ISSE
Scott Air Force Base, IL · On-site
CEH(P), RCCE Level 1, Cloud+, CPTE, FITSP-A, GCED, GCIH, GCSA, GICSP, GSEC, PenTest+, or Security+ Required Education: • DoD 8140 Interim Education Options Desired Education: • Bachelor's degree ...
ISSE
Scott Air Force Base, IL · On-site
CEH(P), RCCE Level 1, Cloud+, CPTE, FITSP-A, GCED, GCIH, GCSA, GICSP, GSEC, PenTest+, or Security+ Required Education: • DoD 8140 Interim Education Options Desired Education: • Bachelor's degree ...
Pentest information
See salary details
$11.54 - $13.46
3% of jobs
$13.46 - $15.38
5% of jobs
$15.38 - $17.31
4% of jobs
$17.31 - $19.23
12% of jobs
$19.29 is the 25th percentile. Wages below this are outliers.
$19.23 - $21.15
16% of jobs
The median wage is $22.73 / hr.
$21.15 - $23.08
12% of jobs
$23.08 - $25
17% of jobs
$25.96 is the 75th percentile. Wages above this are outliers.
$25 - $26.92
12% of jobs
$26.92 - $28.85
7% of jobs
$28.85 - $30.77
6% of jobs
$30.77 - $32.69
5% of jobs
$11
$23
$32
How much do pentest jobs pay per hour?
What are some common challenges pentesters face when conducting security assessments in large organizations?
What are the key skills and qualifications needed to thrive as a Penetration Tester, and why are they important?
What is the difference between Pentest vs Vulnerability Analyst?
| Aspect | Pentest | Vulnerability Analyst |
|---|---|---|
| Certifications | OSCP, CEH, GPEN | OSCP, CEH, CISSP |
| Work Environment | Hands-on testing, simulated attacks | Vulnerability scanning, risk assessment |
| Employer & Industry Usage | Cybersecurity firms, IT departments | Security teams, consulting firms |
While both roles focus on cybersecurity, a Pentest involves actively exploiting vulnerabilities to identify security gaps, whereas a Vulnerability Analyst primarily assesses and reports on vulnerabilities without exploiting them. Both roles require similar certifications and often work in the same environments, but their core activities differ in approach and scope.
What are Pentesters?

Job description
- Evaluate security alerts and analyzes network events to determine their impact on current operations.
- Utilizing specialized technical knowledge, this role conducts initial event triage, formulates response strategies, and helps mitigate threats to the Department of War (DOW) information network.
- The analyst collaborates with senior team members to investigate and resolve security events, synthesizes alert data into actionable reports, and contributes to the continuous improvement of security operations and documentation.
- Active DoD Secret Clearance.
- Demonstrated experience in IDS/SIEM monitoring, event triage, multi-source data analysis, incident response coordination, TTP and exploit knowledge, and end-to-end incident documentation from detection through resolution.
- Cyber Security Controls: Foundational understanding of cybersecurity controls and the importance of adhering to security policies in a professional environment.
- Coordinate across the enterprise to ensure network security devices are being monitored and are receiving or generating alerts.
- Identify security risks and exposures, determine causes of security violations, and suggest procedures to halt future incidents and improve security.
- Familiarity with MISP for threat intelligence sharing, IOC management, and integration with incident response workflows
- Experience with ServiceNow Security Operations (SecOps) module for incident tracking and SLA management
- Proficiency with Elastic Stack or Splunk for SIEM-based alert triage, event correlation, and incident timeline reconstruction
- Working knowledge of NIST SP 800-61 Computer Security Incident Handling Guide and DoD/Army incident response policy frameworks
- Experience developing and exercising incident response playbooks for common cyber-attack scenarios in a DoD environment
- Familiarity with digital forensics tools and techniques for evidence collection, chain of custody, and artifact analysis
- Experience operating in a 24/7 CSSP or SOC environment supporting classified Army or DoW networks
- 100% on-site
- Ability to sit, stand, and walk for extended periods of time
- Fine motor skills, with the ability to operate keyboards, phones, and controls
- Happy - Be Infectious. Happiness multiplies and creates a positive and connected environment where motivation and satisfaction have an outsized effect on everything we do.
- Helpful - Be Supportive. Being helpful is the foundation of teamwork, resulting in a supportive atmosphere where collaboration flourishes, and collective success is celebrated.
- Honest - Be Trustworthy. Honesty serves as our compass, ensuring transparent communication and ethical conduct, essential to who we are and the complex domains we support.
- Humble - Be Grounded. Success is not achieved alone, humility ensures a culture of mutual respect, encouraging open communication, and a willingness to learn from one another and take on any task.
- Hungry - Be Eager. Our hunger for excellence drives an insatiable appetite for innovation and continuous improvement, propelling us forward in the face of new and unprecedented challenges.
- Hustle - Be Driven. Hustle is reflected in our relentless work ethic, where we are each committed to going above and beyond to advance the mission and achieve success.
About Agile Defense
Sourced by ZipRecruiter
Industry
It services
Company size
201 - 500 Employees
Headquarters location
Reston, VA, US
Year founded
1998