2

Remote Penetration Testing Jobs in Minnesota (NOW HIRING)

Remote Penetration Testing information

See Minnesota salary details

$22K

$117.4K

$165K

How much do remote penetration testing jobs pay per year?

As of Jul 5, 2026, the average yearly pay for remote penetration testing in Minnesota is $117,426.00, according to ZipRecruiter salary data. Most workers in this role earn between $94,000.00 and $138,100.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Remote Penetration Tester, and why are they important?

To thrive as a Remote Penetration Tester, you need a solid understanding of computer networks, cybersecurity principles, and common vulnerabilities, often supported by a degree in computer science or related certifications like OSCP or CEH. Familiarity with penetration testing tools such as Metasploit, Burp Suite, Nmap, and various operating systems is essential. Strong analytical thinking, attention to detail, and clear written communication skills help you effectively discover, document, and explain security findings to clients. These competencies are crucial for accurately identifying risks and helping organizations strengthen their security posture.

Is there a demand for penetration testing?

There is strong demand for penetration testers, including those in remote roles, as organizations prioritize cybersecurity and vulnerability assessments. Skilled professionals with knowledge of tools like Kali Linux, Metasploit, and certifications such as OSCP are especially sought after in the industry.

Will pentesters be replaced by AI?

Remote penetration testers perform manual and creative security assessments that AI currently cannot fully replicate. While AI tools can assist with vulnerability scanning and data analysis, human expertise is essential for identifying complex threats, interpreting results, and developing effective security strategies. The role of pentesters is expected to evolve with technology, but not be entirely replaced by AI.

What is the difference between Remote Penetration Testing vs Vulnerability Assessment Specialist?

AspectRemote Penetration TestingVulnerability Assessment Specialist
CertificationsOSCP, CEH, GPENOSCP, CEH, CISSP
Work EnvironmentHands-on testing, simulated attacksScanning, identifying vulnerabilities
Industry UsageCybersecurity firms, IT departmentsSecurity teams, consulting firms

Remote Penetration Testing involves actively exploiting vulnerabilities to assess security defenses, while Vulnerability Assessment Specialists focus on identifying and prioritizing security weaknesses without exploiting them. Both roles require similar certifications and often work in overlapping environments, but penetration testers perform more in-depth, simulated attack scenarios to evaluate security robustness.

What are some common challenges faced by remote penetration testers, and how can they be addressed?

Remote penetration testers often encounter challenges such as limited access to physical infrastructure, varying levels of client preparedness, and potential communication barriers with on-site teams. To address these issues, it's important to establish clear communication channels, use secure remote access tools, and maintain detailed documentation of testing activities. Building strong relationships with client IT staff and staying up-to-date with remote testing best practices can also help ensure effective and successful engagements.

How much do remote penetration testers make?

Remote penetration testers typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and the complexity of the projects. Senior professionals with advanced skills and certifications like OSCP or CISSP can earn higher salaries, especially when working for specialized firms or as freelancers.

Do penetration testers work remotely?

Many penetration testers work remotely, especially those in freelance or consulting roles, utilizing tools like VPNs, remote access software, and security testing platforms. Remote work allows flexibility, but some employers may require on-site presence for certain assessments or client interactions.

What is remote penetration testing?

Remote penetration testing is a security assessment process where cybersecurity professionals, also known as ethical hackers, attempt to find and exploit vulnerabilities in an organization’s systems, networks, or applications from an offsite location. This simulates a real-world cyberattack to help organizations identify and fix security weaknesses before malicious actors can exploit them. Remote penetration testing is often conducted over the internet, making it a flexible and efficient option for businesses to assess their security posture without requiring onsite visits.
What are the most commonly searched types of Penetration Testing jobs in Minnesota? The most popular types of Penetration Testing jobs in Minnesota are:
What are popular job titles related to Remote Penetration Testing jobs in Minnesota? For Remote Penetration Testing jobs in Minnesota, the most frequently searched job titles are:
What cities in Minnesota are hiring for Remote Penetration Testing jobs? Cities in Minnesota with the most Remote Penetration Testing job openings:

Senior Systems Engineer Identity Access Management - Fully Remote

National Marrow Donor Program

Minneapolis, MN • On-site, Remote

$105K - $130K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 15 days ago


Job description


POSITION SUMMARY:
The Senior Systems Engineer provides senior technical leadership across two core areas: Identity & Access Management (IAM) and IT Productivity & Collaboration services. The position designs, implements, administers, and supports Identity Governance & Administration (IGA) and enterprise identity services (directory services, SSO/federation, MFA/conditional access alignment, and privileged access) using Okta, Active Directory, and Microsoft Entra.
As a Senior Systems Engineer you will identity lifecycle processes (joiner/mover/leaver; provisioning and deprovisioning) and implement access models, policies, and governance that strengthen authentication/authorization, enable least-privilege access, and reduce identity-based risk. In addition, the position serves as technical owner for Microsoft 365 (Teams, SharePoint/OneDrive, Exchange Online) and key adjacent SaaS platforms, delivering secure and reliable operations through monitoring, incident/problem management and on-call participation, change/ITSM execution, and continuous improvement.
The Senior role leads application onboarding and integrations, supports audits, access reviews, penetration testing and vulnerability remediation with evidence and corrective actions, delivers migrations and modernization efforts, manages vendor/licensing optimization and escalations, and maintains documentation, runbooks, and knowledge transfer to ensure sustainable support and a strong employee experience.
Our team has a solid local presence so local, MN based candidates with easy access to our World Headquarters in downtown Minneapolis are preferred.
ACCOUNTABILITIES:
Engineering solutions, design, and administration:
• Design, implement, and maintain IAM/IGA capabilities (directory services, SSO/federation, and privileged access) using Okta, Active Directory, and Microsoft Entra to deliver secure, reliable access.
• Lead discovery and solution delivery for IAM initiatives (requirements, design, build, testing, and rollout); evaluate options and recommend best-fit approaches with internal teams and vendors.
• Automate identity lifecycle (joiner/mover/leaver; provisioning/deprovisioning) and related administration using scripting and modern tooling to reduce manual effort and risk.
• Define and enforce access governance (RBAC/ABAC), policies, workflows, and secure access patterns (SSO/MFA/conditional access alignment and least-privilege role design), including periodic access reviews.
• Support security and compliance by remediating identity-related vulnerabilities and supporting audits, penetration tests, and access reviews with evidence, reporting, and corrective actions.
• Onboard and integrate applications and platforms (SaaS and Microsoft 365) using standards-based connectors/integrations; partner with application owners to validate requirements, data flows, and security controls.
• Own and administer Microsoft 365 and collaboration services (Teams, SharePoint/OneDrive, Exchange Online) and adjacent SaaS tools, including hybrid identity/access integrations and roadmap execution.
• Operate and improve services through monitoring, dashboards/alerts, incident and problem management (RCA/post-incident reviews), and on-call participation; troubleshoot authentication/authorization/provisioning issues to restore service.
• Plan, test, and deliver changes using NMDP change management and ITSM practices; validate outcomes and transition to steady-state support.
• Create and maintain documentation and enablement (standards, runbooks, procedures, and knowledge articles); support tiered support and knowledge transfer with Service Desk/L2.
• Support privileged access practices using approved vaulting and secrets management (e.g., Delinea Secret Server) for administrative accounts, service accounts, and automation credentials.
• Partner with Procurement/Vendor Management on renewals, licensing optimization, and vendor escalations; identify cost-saving opportunities through usage analysis and right-sizing.
• Evaluate and adopt new features and products (including collaboration AI capabilities) via pilots, guardrails, and measured rollouts.
• Other duties as assigned.
REQUIRED QUALIFICATIONS:
Knowledge of:
• IAM/IGA concepts and practices, including identity lifecycle (joiner/mover/leaver), provisioning/deprovisioning, and access recertification.
• Identity standards and protocols (SAML, OAuth/OIDC, SCIM) and how they are used for SSO/federation and application integrations.
• Okta, Active Directory, and Microsoft Entra ID administration and configuration concepts (tenant/directory structure, groups, app assignments, conditional access/access policies).
• Privileged access management principles and controls (least privilege, role-based access, privileged roles/accounts, access request/approval workflows).
• Security and compliance practices related to identity services, including logging/monitoring, vulnerability remediation, audit evidence collection, and access reviews.
• Enterprise IT operations practices (incident/problem management, change control) and creating/supporting technical documentation such as procedures and runbooks.
Ability to:
• Demonstrate strong interpersonal and organizational skills, demonstrated success in working both independently and in a team environment.
• Demonstrate above-average written and oral communication skills.
• Demonstrate strong analytical and creative problem solving, and the ability to manage multiple and rapidly changing priorities.
• Work effectively both independently and collaboratively across technical and non-technical teams.
• Communicate clearly in writing and verbally, including translating technical concepts for varied audiences.
• Analyze complex issues, solve problems systematically, and manage multiple priorities in a fast-changing environment.
• Hands-on experience with the relevant technologies and solutions for fulfilling the activities in the accountabilities section.
Education and/or Experience:
• Bachelor's degree in computer science, Management Information Systems, Computer Science, Information Security or related field (or equivalent related experience and/or education).
• Minimum of five or more years of experience in engineering and supporting solutions in a heterogeneous enterprise IT environment.
PREFERRED QUALIFICATIONS: (Additional qualifications that may make a person even more effective in the role, but are not required for consideration)
• Modern Workplace/Automation: Defines and completes project tasks, including scripting, related to workplace automation, leveraging Intune, SharePoint (including migrations), Viva, PowerApps, Power Automate, Microsoft Power Platform, etc.
• Strong experience with Okta tenant configuration and core components (policies, claims, scopes, access policies) beyond day-to-day administration.
• Experience partnering with application developers and using Okta APIs to automate integrations and workflows.
• Experience with log management and reporting tools (e.g., Varonis, Okta reporting) for monitoring and investigation.
About the Team
NMDP offers regular, full-time employees medical, dental, vision, life and disability, accident/critical illness/hospital, well-being, legal, identity theft and pet benefits. Retirement, paid time off/holidays, leave and incentive plans are also offered to eligible employees. Please reference this link for more information: NMDP Benefit Information