2

Remote Web Penetration Tester Jobs (NOW HIRING)

... Remote (US) As a penetration tester on BreachLock's US Strategic delivery team, you'll execute manual, methodology-driven engagements across web applications, APIs, and internal networks - including ...

Summary: The Senior Penetration Tester will independently perform penetration testing of ... Knowledge of databases, applications, and Web server design and implementation * Possess oral and ...

ASSYST is seeking a skilled Penetration Tester to join our cybersecurity team in Baltimore, Maryland (Remote). This role involves conducting real-world attack simulations to identify vulnerabilities ...

New

Summary: The Senior Penetration Tester will independently perform penetration testing of ... Knowledge of databases, applications, and Web server design and implementation * Possess oral and ...

About the Role The Penetration Tester works to execute department activities and deliver high ... Execute internal, external, wireless, and web application pen tests * Execute social engineering ...

Summary: The Senior Penetration Tester will independently perform penetration testing of ... Knowledge of databases, applications, and Web server design and implementation * Possess oral and ...

The Penetration Tester is responsible for working as part of the Assessment Team to conduct and ... Conduct security audits, network penetration tests, and web application, API and cloud assessments.

The Penetration Tester is responsible for working as part of the Assessment Team to conduct and ... Conduct security audits, network penetration tests, and web application, API and cloud assessments.

Overview Amyx is seeking a Sr. Penetration Tester for our DOD client to work remotely ... Knowledge of database, applications, and Web server design and implementation * Experience ...

Remote / Hybrid / Travel as Required (U.S.) Security Requirement: Must be eligible to obtain and ... Perform web application penetration testing * Perform cloud security assessments * Perform wireless ...

With Bishop Fox, your responsibilities would include testing web applications, hacking networks ... web application penetration tests * 5+ years of application security experience * Deep ...

Remote / Hybrid / Travel as Required Security Requirement: Must be eligible to obtain and maintain ... Web application assessments * Social engineering assessments * Container security testing

next page

Showing results 1-20

Remote Web Penetration Tester information

See salary details

$22.5K

$119.9K

$168.5K

How much do remote web penetration tester jobs pay per year?

As of Jul 12, 2026, the average yearly pay for remote web penetration tester in the United States is $119,895.00, according to ZipRecruiter salary data. Most workers in this role earn between $96,000.00 and $141,000.00 per year, depending on experience, location, and employer.

How does a Remote Web Penetration Tester typically coordinate with development and security teams during an assessment?

As a Remote Web Penetration Tester, you will regularly collaborate with development and security teams through virtual meetings, secure communication channels, and detailed reporting. You'll often present your findings in real time or via structured reports, clarifying vulnerabilities and recommending mitigation steps. Strong communication skills are key, as you may need to explain complex technical issues to non-technical stakeholders and sometimes assist in prioritizing remediation efforts. This collaborative approach ensures that security improvements are effectively understood and implemented, even when working remotely.

What is a remote web penetration tester?

A remote web penetration tester is a cybersecurity professional who evaluates the security of web applications and websites from a remote location. Their primary role is to identify vulnerabilities, such as coding errors or misconfigurations, that could be exploited by malicious hackers. They use a variety of tools and techniques to simulate attacks, report findings, and recommend solutions, all without being physically present at the client's site. This position often requires strong technical skills, analytical thinking, and up-to-date knowledge of the latest web threats and defenses.

What is the difference between Remote Web Penetration Tester vs Remote Network Security Analyst?

AspectRemote Web Penetration TesterRemote Network Security Analyst
CertificationsOSCP, CEH, GPENCompTIA Security+, CISSP, CEH
Work EnvironmentConducts simulated attacks on web applications remotelyMonitors and analyzes network security remotely
Industry UsageCybersecurity firms, tech companies, consultingFinancial institutions, government agencies, enterprises

The Remote Web Penetration Tester focuses on identifying vulnerabilities in web applications through simulated attacks, requiring certifications like OSCP or CEH. In contrast, the Remote Network Security Analyst monitors and analyzes network traffic to detect threats, often holding certifications like Security+ or CISSP. Both roles are essential in cybersecurity but differ in their focus areas and daily tasks.

What are the key skills and qualifications needed to thrive as a Remote Web Penetration Tester, and why are they important?

To thrive as a Remote Web Penetration Tester, you need a deep understanding of web application security, networking protocols, and vulnerability assessment, often supported by certifications like OSCP or CEH. Familiarity with tools such as Burp Suite, Metasploit, and automated scanners is essential for performing thorough security evaluations. Strong analytical thinking, attention to detail, and clear written communication are critical soft skills for effectively identifying vulnerabilities and reporting findings to clients. These skills ensure comprehensive assessments, actionable reporting, and contribute to the overall security posture of organizations.
More about Remote Web Penetration Tester jobs
What cities are hiring for Remote Web Penetration Tester jobs? Cities with the most Remote Web Penetration Tester job openings:
What are the most commonly searched types of Web Penetration Tester jobs? The most popular types of Web Penetration Tester jobs are:
What states have the most Remote Web Penetration Tester jobs? States with the most job openings for Remote Web Penetration Tester jobs include:
Infographic showing various Remote Web Penetration Tester job openings in the United States as of July 2026, with employment types broken down into 2% Locum Tenens, 94% Full Time, 2% Part Time, and 2% Contract. Highlights an 83% Physical, 2% Hybrid, and 15% Remote job distribution, with an average salary of $119,895 per year, or $57.6 per hour.
NIH - Penetration Tester

NIH - Penetration Tester

cFocus Software Incorporated

Bethesda, MD โ€ข On-site, Remote

Full-time

Posted 12 days ago


Job description

cFocus Software seeks a Penetration Tester to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
  • Public Trust Clearance
  • B.S. Computer Science, Information Technology, or a related field
  • 5+ years of experience conducting penetration testing or offensive cybersecurity operations.
  • Experience performing enterprise penetration testing.
  • Experience with network and application security assessments.
  • Experience documenting technical security findings.
  • Ability to obtain and maintain NIH suitability/background investigation.
  • Active OSCP, OSEP, GPEN, GXPN, CEH, PenTest+, or CISSP

Duties:
  • Conduct enterprise penetration testing activities including:
    • Perform internal and external network penetration testing.
    • Conduct web application penetration testing.
    • Execute infrastructure security testing.
    • Perform cloud penetration testing.
    • Conduct operating system security assessments.
    • Perform wireless security testing.
    • Assess Active Directory security.
    • Conduct application security testing.
    • Simulate real-world cyberattacks using industry-standard offensive security methodologies.
    • Perform controlled exploitation activities to identify security weaknesses.
    • Validate effectiveness of implemented security controls.
    • Identify attack paths and privilege escalation opportunities.
    • Document technical findings and supporting evidence.
  • Prepare comprehensive penetration testing plans
  • Provide Red Team Support