1

Professional Penetration Test Jobs (NOW HIRING)

Professional, Administrative, and Management Support * Mission and Warfighter Support We are a ... Review penetration test stakeholder responses to findings concerning mitigation or remediation ...

Leads penetration tests, mentoring junior testers, and providing technical guidance to stakeholders ... professionals, and staying abreast of emerging threats. Possess extensive knowledge of ...

Penetration Tester

Aurora, CO · On-site

$150K - $195K/yr

Leads penetration tests, mentoring junior testers, and providing technical guidance to stakeholders ... professionals, and staying abreast of emerging threats. Possess extensive knowledge of ...

Penetration Tester

Chantilly, VA · On-site

$150K - $195K/yr

Leads penetration tests, mentoring junior testers, and providing technical guidance to stakeholders ... professionals, and staying abreast of emerging threats. Possess extensive knowledge of ...

next page

Showing results 1-20

Professional Penetration Test information

See salary details

$22.5K

$119.9K

$168.5K

How much do professional penetration test jobs pay per year?

As of Jul 4, 2026, the average yearly pay for professional penetration test in the United States is $119,895.00, according to ZipRecruiter salary data. Most workers in this role earn between $96,000.00 and $141,000.00 per year, depending on experience, location, and employer.

Is penetration testing a good career?

Penetration testing is a valuable cybersecurity role that involves identifying vulnerabilities in computer systems and networks. It requires technical skills, knowledge of security tools, and often certifications like OSCP or CEH. The field offers strong job growth, competitive salaries, and opportunities for continuous learning.

Will pentesters be replaced by AI?

Professional penetration testers perform manual testing, analysis, and creative problem-solving that AI currently cannot fully replicate. While AI tools can assist in identifying vulnerabilities and automating repetitive tasks, human expertise remains essential for complex assessments, interpreting results, and adapting to new threats. The role is expected to evolve with technology, but not be entirely replaced by AI.

What are professional penetration testers?

Professional penetration testers, often called 'pen testers,' are cybersecurity experts who simulate cyberattacks on computer systems, networks, or applications to identify vulnerabilities before they can be exploited by malicious actors. Their job is to assess security defenses, uncover weaknesses, and provide recommendations for remediation. Penetration testers use a combination of automated tools and manual techniques, operating with permission from the organization to ensure ethical and legal compliance. Their work helps companies strengthen their security posture and protect sensitive information.

How much do pentesters get paid?

Professional penetration testers typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and location. Senior or specialized pentesters with certifications like OSCP or CISSP can earn higher salaries, especially in high-demand markets or with consulting firms.

What are some common challenges Professional Penetration Testers face when conducting assessments for clients?

Professional Penetration Testers often encounter challenges such as limited timeframes for comprehensive testing, varying levels of client preparedness, and restricted access to certain systems due to organizational policies. Additionally, clear communication with non-technical stakeholders can be essential to ensure findings are accurately understood and acted upon. Balancing thorough testing with minimal disruption to client operations is also a frequent consideration in this role.

What are the key skills and qualifications needed to thrive as a Professional Penetration Tester, and why are they important?

To thrive as a Professional Penetration Tester, you need in-depth knowledge of networking, operating systems, security protocols, and common vulnerabilities, often supported by a degree in cybersecurity or computer science. Proficiency with tools such as Metasploit, Burp Suite, Nmap, and certifications like OSCP or CEH are typically expected. Strong analytical thinking, problem-solving skills, and clear communication help standout testers effectively assess systems and report findings. These skills ensure accurate vulnerability identification and effective communication with stakeholders to improve overall security posture.

What is the difference between Professional Penetration Test vs Ethical Hacker?

AspectProfessional Penetration TestEthical Hacker
CertificationsOSCP, CEH, CISSPOSCP, CEH, CISSP
Work EnvironmentConducted for organizations to identify vulnerabilitiesMay include bug bounty programs, security assessments
Employer & Industry UsageCompanies, cybersecurity firms, government agenciesSecurity firms, freelance, bug bounty platforms
Search & Comparison IntentUnderstanding roles, certifications, scopeSimilar skills, broader hacking activities

Both roles require similar certifications and work in cybersecurity environments, but a Professional Penetration Test typically refers to a formal, client-specific security assessment, while an Ethical Hacker may engage in broader hacking activities, including bug bounty programs. The penetration test is a structured process, whereas ethical hacking can be more exploratory.

Can you make $500,000 a year in cyber security?

Professional penetration testers and cybersecurity experts can potentially earn $500,000 or more annually, especially with extensive experience, advanced certifications like CISSP or OSCP, and roles in high-demand industries or senior leadership positions. Achieving this level often requires specialized skills, a strong reputation, and sometimes consulting or leadership responsibilities.
What cities are hiring for Professional Penetration Test jobs? Cities with the most Professional Penetration Test job openings:
What are the most commonly searched types of Penetration Test jobs? The most popular types of Penetration Test jobs are:
What states have the most Professional Penetration Test jobs? States with the most job openings for Professional Penetration Test jobs include:
What job categories do people searching Professional Penetration Test jobs look for? The top searched job categories for Professional Penetration Test jobs are:
Penetration Tester with Security Clearance

Penetration Tester with Security Clearance

Peraton

Arlington, VA • On-site

Other

Medical, Dental, Vision, Life, Retirement, PTO

Posted 28 days ago


Peraton rating

8.2

Company rating: 8.2 out of 10

Based on 53 frontline employees who took The Breakroom Quiz

47th of 207 rated it services


Job description

About Peraton Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees solve the most daunting challenges that our customers face. Visit peraton.com to learn how we're keeping people around the world safe and secure. Program Overview Encompasses technical, engineering, data analytics, cyber security, management, operational, logistical, and administrative support for Bureau of Diplomatic Security, Cyber and Technology Security Directorate in three key offices/functional areas: Cyber Monitoring and Operations, Cyber Threat and Investigations, and Technology Innovation and Engineering State. About The Role Peraton is seeking an experienced Cyber Penetration Tester to become part of Peratons' Federal Strategic Cyber programs. Location: Northern VA; Hybrid - flex as long as person can come on-site as/when needed. In this role, you will: * Support the Red Cell Team by performing and leading penetration tests to assess the security of customer systems.
* Identify vulnerabilities and develop recommended remediations to satisfy mandated NIST 800-53 security controls.
* Report and demonstrate findings to system owners and engineers.
* Maintain Red Cell infrastructure.
* Develop or modify tools to automate discovery or exploitation.
Qualifications Basic Qualifications: * Bachelor of Science and 5 years of relevant experience in Cyber/IT, or a Master's of Science and 3 years of relevant experience in Cyber/IT. In lieu of a degree, 4 years of additional IT security or penetration testing experience may be considered.
* Minimum of 2 years with penetration testing experience. * Possess one of the following certifications, OR be able to obtain before start date: * CCNA Cyber Ops, CCNA-Security, CEH, CFR, Cloud+, CySA+, GCIA, GCIH, GICSP, SCYBER, Security+ CE, SSCP
* Demonstrated experience with Kali Linux. * Demonstrated penetration testing tools experience with Nmap, Burp Suite, Metasploit, etc.
* Demonstrated ability in evaluating vulnerabilities, performing root cause analysis, and reporting findings utilizing assessment methodologies such as NIST SP 800-115, Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), OWASP Web Security Testing Guide (WTG), etc.
* Demonstrated ability to lead a penetration test and guide Senior/Junior Penetration Testers.
* U.S. citizenship required. * An active Secret security clearance. * Must have the ability to obtain a final Top Secret security clearance.Preferred: * Active Top Secret or TS/SCI clearance.
* One of the following certifications or an alternate, verifiable certification demonstrating IT security competence:
* CompTIA CASP+
* ISC2 Certified Information Security Professional (CISSP)
* ISC2 Certified Cloud Security Professional (CCSP)
* ISC2 Information Systems Security Engineering Professional (ISSEP)
* One of the following certifications or an alternate, verifiable certification demonstrating practical penetration testing competence:
* Offensive Security Certified Professional (OSCP)
* Offensive Security Certified Professional (OSCP)
* Hack the Box Certified Penetration Testing Specialist (CPTS)
* TCM Security Practical Network Penetration Tester (PNPT)
* GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
* Zero Point Security Red Team Ops II
* Advanced understanding of the following:
* NIST Risk Management Framework (RMF) and the Assessment and Authorization (A&A) process.
* Security principles such as CIA, IAAAA, access control models, risk management, etc.
* Networking principles and technologies such as IP routing, TCP/UDP, VPNs, firewalls, NAT, etc.
* Common network protocols such as SSH, FTP, SMTP, SMB, HTTP, etc.
* Operating system principles such as process management, device management, user management, file systems, etc.
* Data processing principles such as encoding, hashing, encryption, etc.
* Scripting and programming languages such as Bash, Python, PowerShell, JavaScript, etc.
* Common application vulnerabilities and exploits such as outdated components, * permissions mis-configurations, lack of input validation, logging/monitoring failures, etc.
* Common web application vulnerabilities and exploits such as XSS, SQLi, LFI, file uploads, broken authentication mechanisms, etc.
* Active Directory (AD) enumeration and attacks such as kerberoasting, AS-REP roasting, abusing mis-configured privileges, crafting golden tickets, etc.
* Public Key Infrastructure (PKI) and navigating IT environments implementing multifactor authentication.
* Cloud technologies and platforms such as Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), etc.
Details Target Salary Range: $86,000 - $138,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Benefits Statement: Peraton offers eligible employees a variety of benefits including medical, dental, vision, life, health savings account, short/long term disability, EAP, parental leave, 401(k), paid time off (PTO) for vacation, and company paid holidays. A full listing of available benefits can be viewed at https://www.careers.peraton.com/benefits. Application Statements: The application period for the job is estimated to be 30 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates. By applying to this job, you are expressing interest in the role and the Company. During the review of your application, you may be required to participate in an on-camera interview, as well as participate in a process to verify your identity. EEO:Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

What Peraton employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Peraton logo

About Peraton

Sourced by ZipRecruiter

At Peraton, we re at the forefront of delivering the next big thing every day. We re the partner of choice to help solve some of the world s most daunting challenges, delivering bold, new solutions to keep people around the world safer and more secure.

Industry

It services

Company size

10,000+ Employees

Headquarters location

Herndon, VA, US

Year founded

2017