1

Security Penetration Tester Jobs (NOW HIRING)

Holds or is working toward penetration testing and offensive security certifications appropriate for DoD environments, such as CEH, PenTest+, GPEN, OSCP, or equivalent DoD 8570/8140-approved ...

CCNA Cyber Ops, CCNA-Security, CEH, CFR, Cloud+, CySA+, GCIA, GCIH, GICSP, SCYBER, Security+ CE, SSCP * Demonstrated experience with Kali Linux. * Demonstrated penetration testing tools experience ...

Pen Testers are also responsible for performing security focused services to improve the security ... Leads penetration tests, mentoring junior testers, and providing technical guidance to stakeholders.

Penetration Tester Location: Reston, VA Work Mode - Hybrid role, 2 days' Work from Office ... Experience with security assessment tools, such as Nessus, Metasploit, Burp Suite Pro, Cobalt ...

National Security Programs * Professional, Administrative, and Management Support * Mission and ... Penetration Tester Location: Arlington, VA Security Clearance:Secret Duties and Responsibilities ...

Penetration Tester

Herndon, VA ยท On-site

$131K - $237K/yr

Leidos is seeking a Penetration Tester to support an enterprise IT program. We are looking for a ... Experience performing network security analysis * Experience analyzing network architectures

Holds or is working toward penetration testing and offensive security certifications appropriate for DoD environments, such as CEH, PenTest+, GPEN, OSCP, or equivalent DoD 8570/8140-approved ...

Collaborate closely with clients to develop tailored remediation strategies that drive meaningful security improvements * Push the boundaries of penetration testing innovation through research and ...

Collaborate closely with clients to develop tailored remediation strategies that drive meaningful security improvements * Push the boundaries of penetration testing innovation through research and ...

Penetration Tester

Albany, NY ยท On-site

$60/hr

Identify security flaws in Java code using automated and manual methods. * Create and use custom ... Experience in Penetration Testing/Ethical Hacking with a focus on Java application security.

Knowledge of open security testing standards and projects, including OWASP * Knowledge of databases, applications, and Web server design and implementation * Possess oral and written communication ...

Leidos is seeking a Penetration Tester to support an enterprise IT program. We are looking for a ... Experience performing network security analysis * Experience analyzing network architectures

next page

Showing results 1-20

Security Penetration Tester information

See salary details

$22.5K

$119.9K

$168.5K

How much do security penetration tester jobs pay per year?

As of Jul 17, 2026, the average yearly pay for security penetration tester in the United States is $119,895.00, according to ZipRecruiter salary data. Most workers in this role earn between $96,000.00 and $141,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Security Penetration Tester, and why are they important?

To thrive as a Security Penetration Tester, you need a strong understanding of network security, vulnerability assessment, and ethical hacking, often supported by a degree in computer science or cybersecurity and certifications like OSCP or CEH. Familiarity with penetration testing tools such as Metasploit, Burp Suite, and Nmap, as well as knowledge of scripting languages, is typically required. Exceptional analytical thinking, attention to detail, and effective communication skills help you identify vulnerabilities and clearly report findings. These skills are vital to proactively identifying and mitigating security risks, thereby protecting organizational assets from cyber threats.

What are Security Penetration Testers?

Security Penetration Testers, often called 'pen testers' or ethical hackers, are cybersecurity professionals who simulate cyberattacks on computer systems, networks, and applications. Their goal is to identify vulnerabilities that malicious hackers could exploit. By conducting these controlled tests, they help organizations strengthen their security measures and protect sensitive information. Penetration testers document their findings and provide recommendations to improve defenses. This role requires a deep understanding of security tools, attack methodologies, and current cyber threats.

What are some common challenges Security Penetration Testers face when working with client organizations?

Security Penetration Testers often encounter challenges such as limited access to systems due to strict security policies, incomplete or outdated documentation, and time constraints for testing. Additionally, communicating technical vulnerabilities in a way that is understandable to non-technical stakeholders can be demanding. Building trust with clients and ensuring that findings are addressed rather than overlooked are also important aspects of the role, requiring strong communication and negotiation skills.

What is the difference between Security Penetration Tester vs Vulnerability Analyst?

AspectSecurity Penetration TesterVulnerability Analyst
CertificationsOSCP, CEH, GPENCISA, CISSP, GIAC
Work EnvironmentHands-on testing, simulated attacksVulnerability assessment, reporting
Industry UsageCybersecurity firms, IT departmentsSecurity teams, compliance roles

While both roles focus on identifying security weaknesses, a Security Penetration Tester actively exploits vulnerabilities to test defenses, whereas a Vulnerability Analyst primarily assesses and reports on vulnerabilities without exploiting them. Both roles require similar certifications and are integral to cybersecurity teams, but their day-to-day tasks differ significantly.

Will pentesters be replaced by AI?

Security penetration testers analyze systems for vulnerabilities using manual testing, tools, and knowledge of security protocols. While AI can assist in automating certain tasks like vulnerability scanning, human expertise is essential for complex assessments, creative problem-solving, and interpreting results. AI is more likely to augment rather than replace penetration testers in the cybersecurity field.

Can you make $500,000 a year in cyber security?

Security penetration testers can potentially earn $500,000 annually with extensive experience, advanced skills, and specialized certifications like OSCP or CISSP. Achieving this level often requires working in senior or consulting roles, managing complex projects, or working for large organizations or high-paying clients.

How much do penetration testers make?

Penetration testers typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and location. Senior professionals with advanced skills and certifications like OSCP or CISSP can earn higher salaries, especially in high-demand markets or specialized environments.

Is 40 too old for cyber security?

Security penetration testers can be successful at any age, as the role values experience, problem-solving skills, and continuous learning. Many professionals transition into cybersecurity later in their careers, often obtaining certifications like OSCP or CISSP to demonstrate expertise regardless of age.
More about Security Penetration Tester jobs
What states have the most Security Penetration Tester jobs? States with the most job openings for Security Penetration Tester jobs include:
Infographic showing various Security Penetration Tester job openings in the United States as of July 2026, with employment types broken down into 96% Full Time, 2% Part Time, and 2% Contract. Highlights an 83% Physical, 2% Hybrid, and 15% Remote job distribution, with an average salary of $119,895 per year, or $57.6 per hour.
Penetration Tester

Penetration Tester

PingWind

Alexandria, VA โ€ข On-site

Full-time

Re-posted 2 days ago


Job description

Location: Alexandria, Va
Required Clearance: Top Secret Clearance
Certifications: Holds or is working toward penetration testing and offensive security certifications appropriate for DoD environments, such as CEH, PenTest+, GPEN, OSCP, or equivalent DoD 8570/8140-approved cybersecurity certifications.
Required Education: BS/BA degree
Required Experience: 5 years relevant experience (an additional 4 years experience may be substituted in lieu of degree).
Position Description:
PingWind is seeking a Penetration Tester responsible for supporting authorized penetration testing and security assessment activities to identify, validate, and document vulnerabilities in MODES III systems and cloud-hosted environments in accordance with Government cybersecurity requirements.
Responsibilities:
โ€ข Supports execution of authorized penetration testing activities against MODES III systems, applications, and cloud environments to identify security weaknesses. (PenTest).
โ€ข Assists with planning, scoping, and execution of penetration tests in coordination with Government stakeholders and senior cybersecurity personnel.
โ€ข Conducts technical testing activities, including vulnerability exploitation, validation, and verification, in accordance with approved rules of engagement and security policies.
โ€ข Documents penetration testing results, findings, and supporting evidence, contributing to formal reports and risk documentation.
โ€ข Supports remediation validation and retesting activities to confirm closure of identified vulnerabilities and risk reduction.
โ€ข Follows established ethical hacking standards, testing methodologies, and reporting procedures to ensure compliant and repeatable execution.
Required Qualifications:
โ€ข Must hold or be able to obtain and maintain a Top Secret.
โ€ข Holds or is working toward penetration testing and offensive security certifications appropriate for DoD environments, such as CEH, PenTest+, GPEN, OSCP, or equivalent DoD 8570/8140-approved cybersecurity certifications.
Desired Qualifications:
โ€ข Master's Degree
About PingWind
PingWind is focused on delivering outstanding services to the federal government. We have extensive experience in the fields of cybersecurity, development, IT infrastructure, supply chain management and other professional services such as system design and continuous improvement. PingWind is an SBA certified Service-Disabled Veteran-Owned Small Business (SDVOSB) with offices in Northern Virginia and Huntsville AL.
www.PingWind.com
Salary Range
86K- 119K
The pay range for this job is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) job responsibilities, education, certifications, experience, as well as internal equity mapping and alignment with market data, or other applicable laws.
Veterans are encouraged to apply
PingWind, Inc. does not discriminate in employment opportunities, terms, and conditions of employment, or practices on the basis of race, age, gender, religious or political beliefs, national origin or heritage, disability, sexual orientation, or any characteristic protected by law.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.