2

Remote Penetration Tester Jobs in Riverside, CA (NOW HIRING)

Conduct application security assessments, code reviews, API testing, threat modeling, and penetration testing to identify vulnerabilities. Define, maintain, and enforce secure coding standards ...

Remote work options may be considered on a case-by-case basis and if approved by the Company. This ... Help complete Quality documentation, threat modelling, penetration testing, software architecture ...

Cybersecurity Architect

Orange, CA · Remote

$85 - $90/hr

Architect and optimize secure remote access using solutions such as Palo Alto GlobalProtect with ... Experience with vulnerability testing and auditing at infrastructure or application level.

Remote Penetration Tester information

See Riverside, CA salary details

$23.5K

$125.1K

$175.8K

How much do remote penetration tester jobs pay per year?

As of Jul 16, 2026, the average yearly pay for remote penetration tester in Riverside, CA is $125,082.00, according to ZipRecruiter salary data. Most workers in this role earn between $100,200.00 and $147,100.00 per year, depending on experience, location, and employer.

How does a remote penetration tester typically collaborate with in-house IT and security teams during an engagement?

Remote penetration testers often work closely with in-house IT and security teams through virtual meetings, secure communication platforms, and shared documentation. They coordinate to define testing scopes, clarify network boundaries, and discuss any findings in real time. Regular check-ins and status updates ensure transparency and alignment throughout the engagement. This collaborative approach helps address vulnerabilities promptly and fosters knowledge sharing between the remote tester and the organization’s internal teams.

How to make $1000 a week remotely?

A remote penetration tester can earn $1000 or more weekly by completing freelance security assessments, bug bounty programs, or consulting for clients. Building a strong skill set in cybersecurity tools, obtaining relevant certifications, and establishing a reliable client base are essential for consistent high earnings in this field.

How much do remote penetration testers make?

Remote penetration testers typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and the complexity of the projects. Senior professionals with certifications like OSCP or CISSP and strong skills in tools such as Kali Linux or Metasploit can earn higher salaries, especially in high-demand industries.

Can you work remotely as a penetration tester?

Yes, remote penetration testing is common in the cybersecurity industry. Many organizations hire penetration testers to perform assessments remotely using tools like VPNs, remote desktop, and security testing software, often requiring strong technical skills and certifications such as OSCP or CEH.

Will pentesters be replaced by AI?

Remote penetration testers perform manual security assessments that require critical thinking, creativity, and understanding of complex systems, which AI currently cannot fully replicate. While AI tools can assist in automating certain tasks like vulnerability scanning, human expertise remains essential for interpreting results and developing effective security strategies.

What is the difference between Remote Penetration Tester vs Remote Security Analyst?

AspectRemote Penetration TesterRemote Security Analyst
CertificationsOSCP, CEH, GPENCISSP, Security+
Work EnvironmentConducts simulated attacks, often independently or in teamsMonitors security systems, analyzes threats, and implements defenses
Employer & Industry UsageCybersecurity firms, consulting companies, large enterprisesCorporate IT departments, government agencies, financial institutions

Remote Penetration Testers focus on identifying vulnerabilities through simulated attacks, requiring offensive skills and certifications like OSCP or CEH. Remote Security Analysts monitor and defend networks, emphasizing defensive skills and certifications like CISSP. While both roles work remotely in cybersecurity, their core responsibilities and skill sets differ significantly.

What are the key skills and qualifications needed to thrive as a Remote Penetration Tester, and why are they important?

To thrive as a Remote Penetration Tester, you need strong knowledge of cybersecurity principles, network protocols, and operating systems, often supported by certifications like OSCP, CEH, or CISSP. Familiarity with penetration testing tools such as Metasploit, Burp Suite, and Nmap, as well as secure remote collaboration platforms, is essential. Analytical thinking, attention to detail, and clear written communication skills help you document findings and collaborate with clients and teams remotely. These competencies ensure you can effectively identify vulnerabilities, communicate risks, and help organizations strengthen their security posture from any location.

What Is the Job of a Remote Penetration Tester?

Remote penetration testers attempt to hack into an application, network, or computer to assess its security. Instead of working in the office, remote penetration testers complete their tasks from home or another location outside of the office with internet connectivity. As a remote penetration tester, you discuss the security concerns your client may have about their current computer system and develop ways to infiltrate the security of a network or computer hardware using the internet as a pathway. Other job duties may include documenting how you broke through a company's network security and providing recommendations for augmenting the protection of company files. Because of their hacking expertise, some remote penetration testers may be called in to help investigate cyber crimes in criminal cases.

What is a Remote Penetration Tester?

A Remote Penetration Tester is a cybersecurity professional who evaluates the security of computer systems, networks, and applications by simulating cyberattacks from a remote location. Their goal is to identify vulnerabilities that malicious hackers could exploit and to provide recommendations for strengthening security. Working remotely, they use specialized tools and techniques to conduct assessments without being physically present at the client’s site. This role often involves preparing detailed reports and collaborating with IT teams to remediate identified risks.
What are popular job titles related to Remote Penetration Tester jobs in Riverside, CA? For Remote Penetration Tester jobs in Riverside, CA, the most frequently searched job titles are:
What job categories do people searching Remote Penetration Tester jobs in Riverside, CA look for? The top searched job categories for Remote Penetration Tester jobs in Riverside, CA are:
What cities near Riverside, CA are hiring for Remote Penetration Tester jobs? Cities near Riverside, CA with the most Remote Penetration Tester job openings:
Infographic showing various Remote Penetration Tester job openings in Riverside, CA as of July 2026, with employment types broken down into 50% Full Time, 15% Part Time, and 35% Contract. Highlights an 100% Remote job distribution, with an average salary of $125,082 per year, or $60.1 per hour.
Application Security Engineer (REMOTE)

Application Security Engineer (REMOTE)

EnerSys

Chino, CA • Remote

$117K - $146K/yr

Other

Medical, Dental, Vision, Life, Retirement, PTO

Re-posted 14 days ago


EnerSys rating

7.5

Company rating: 7.5 out of 10

Based on 53 frontline employees who took The Breakroom Quiz

257th of 528 rated manufacturers


Job description

EnerSys is a global leader in stored energy solutions for industrial applications. We have over thirty manufacturing and assembly plants worldwide servicing over 10,000 customers in more than 100 countries. Worldwide headquarters are located in Reading, PA, USA with regional headquarters in Europe and Asia. We complement our extensive line of Motive Power and Energy Systems with a full range of integrated services and systems. With sales and service locations throughout the world, and over 100 years of battery experience, EnerSys is the power/full solution for stored DC power products. 

What We're Offering

  • Paid time off plus paid holidays
  • Medical/dental/vision insurance plan
  • Life insurance, short/long term disability, tuition reimbursement, flex spending, and employee stock purchase plan
  • 401K plan
  • Culture: We value and strive for excellence in all that we do through innovative technology by creating long lasting relationships with our stakeholders, co-workers, and customers. We continually strive to foster teamwork, engagement and enhance our employee's skills and competence by providing appropriate training.

Compensation Range: $117,200 - $146,600 

Compensation may vary based on applicant's work experience, education level, skill set, and/or location.  

Job Purpose

The Application Security Engineer is responsible for strengthening the security of our applications, platforms, and development processes. This position partners with software engineers, DevOps teams, and security professionals to embed security into the full software development lifecycle. Collaborate within an expanding Cybersecurity team, and work closely with internal EnerSys teams to ensure new and continued compliance with cybersecurity frameworks and required programs and initiatives.

Essential Duties and Responsibilities

   Serve as a primary liaison between the Cybersecurity and development teams, ensuring security is integrated into design, development, deployment, and operations.
   Conduct application security assessments, code reviews, API testing, threat modeling, and penetration testing to identify vulnerabilities.
   Define, maintain, and enforce secure coding standards, patterns, and best practices.
   Integrate and manage security tooling within CI/CD pipelines, including SAST, DAST, SCA, IaC scanning, and container security solutions.
   Support secure architecture reviews for cloudnative applications, microservices, and containerized workloads.
   Support threat modeling, risk assessments, and security architecture reviews for applications.
   Ensure that all security practices meet regulatory and compliance requirements.
   Develop and deliver cybersecurity training programs for development teams to promote awareness and adherence to best practices.
   Ensure application security practices align with regulatory and compliance frameworks (e.g., NIST CSF, ISO 27001, IEC 62443).
   Keep up to date on emerging threats, incorporating threat intelligence into security practices and providing proactive defenses.
   Monitor and respond to application security threats, incidents and vulnerabilities.
   Stay up to date on regulatory developments and industry trends.
   Manage and maintain third-party vendor and consultant relationships .
   Perform other duties as assigned.

SUPERVISORY RESPONSIBILITIES: N/A

Qualifications

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. 

Must have an active passport and be willing to travel internationally.

Required Qualifications

  • Bachelor's degree in a technical field (e.g., Computer Science, Information Systems, Cybersecurity).
  • 5+ years of experience in Information Security, with at least 3 years focused on application security, secure development, or DevSecOps.
  • Demonstrated experience building and scaling an application security program, either as the lead or a key contributor.
  • Strong knowledge of OWASP Top 10, OWASP ASVS, SANS Top 25, and secure SDLC methodologies.
  • Hands-on experience with application security testing tools such as Burp Suite, Fortify, Checkmarx, Veracode, and ZAP.
  • Experience conducting threat modeling, penetration testing, secure software development, and secure architecture reviews.
  • Practical experience securing cloud environments (AWS or Azure) and implementing cloud-native security controls.
  • Familiarity with Kubernetes security, container hardening, and runtime protection.
  • Strong communication skills with the ability to collaborate and influence across technical and non-technical teams.

Preferred Qualifications

  • Relevant certifications such as CISSP, CSSLP, OSCP, GWAPT, CEH, or GIAC Cloud Security.
  • Experience securing embedded systems and mobile applications.

Reasoning Ability
   Problem management / resolution skills; project management skills; generally accepted security principles.
   Ability to analyze data, resources, and schedules to make decisions that affect a project on a regular basis.
TRAVEL REQUIRED: Up to 15%

General Job Requirements
  • This position will work in an office setting, expect minimal physical demands.

EnerSys provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.  

Know Your Rights

Know Your Rights (Spanish)

We use artificial intelligence to screen, assess and select applicants for open positions, including for the purposes of reviewing and ranking application materials and scoring answers to application questions. Accordingly, decisions about your application and eligibility for employment with EnerSys may be made based exclusively on the automated processing of the personal information that you submit in your application materials.


What EnerSys employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom