1

Security Penetration Testing Jobs (NOW HIRING)

REQUIRED QUALIFICATIONS 5+ years of experience in security applications and systems Minimum of 5 years of Information Security Engineer/Consultant experience with application penetration testing.

OSCP * GPEN * Baseline Minimum certifications (CEH, CompTIA Security+, GWAPT, CompTIA PenTest+ acceptable) KEY RESPONSIBILITIES PER PWS * Minimum 3 - 5 years of hands-on penetration testing ...

Qualifications • Minimum of 5 years of Information Security Engineer/Consultant experience with application penetration testing. • Minimum of 5 years of demonstrated experience with automated ...

next page

Showing results 1-20

Security Penetration Testing information

See salary details

$61.5K

$152.8K

$205.5K

How much do security penetration testing jobs pay per year?

As of Jul 13, 2026, the average yearly pay for security penetration testing in the United States is $152,773.00, according to ZipRecruiter salary data. Most workers in this role earn between $143,000.00 and $158,500.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Security Penetration Tester, and why are they important?

To thrive as a Security Penetration Tester, you need a solid understanding of network security, operating systems, and ethical hacking, usually supported by a degree in computer science or a related field. Familiarity with tools like Metasploit, Burp Suite, and certifications such as OSCP or CEH are commonly required. Strong analytical thinking, attention to detail, and effective communication skills set standout professionals apart in this role. These skills and qualifications are vital for identifying vulnerabilities, communicating risks, and helping organizations strengthen their security posture.

What is security penetration testing?

Security penetration testing, also known as pen testing, is a simulated cyberattack conducted on a computer system, network, or web application to identify vulnerabilities that could be exploited by hackers. The goal is to proactively find security weaknesses before malicious actors do, helping organizations strengthen their defenses. Penetration testers use a combination of automated tools and manual techniques to mimic real-world attack scenarios. The results are documented in a report, which includes recommendations for improving security.

What is the difference between Security Penetration Testing vs Security Analyst?

AspectSecurity Penetration TestingSecurity Analyst
CertificationsOSCP, CEH, GPENCISSP, Security+
Work EnvironmentProject-based, technical testingMonitoring, incident response
Primary FocusIdentifying vulnerabilities through simulated attacksMonitoring security systems and analyzing threats
Employer & Industry UsageCybersecurity firms, IT departmentsCorporate, government, finance sectors

While both roles focus on cybersecurity, Security Penetration Testing involves actively probing systems for vulnerabilities through simulated attacks, whereas Security Analysts monitor and analyze security threats to protect organizational assets. Both roles require relevant certifications and are essential for comprehensive cybersecurity defense.

What is a penetration tester in security?

A penetration tester, also known as an ethical hacker, is a cybersecurity professional who simulates cyberattacks to identify vulnerabilities in computer systems, networks, and applications. They use tools like vulnerability scanners and follow structured testing methodologies, often holding certifications such as OSCP or CEH, to help organizations improve their security defenses.

Is penetration testing a good career?

Penetration testing is a valuable cybersecurity role that involves identifying vulnerabilities in systems and networks. It offers high demand, competitive salaries, and opportunities for certification such as OSCP or CEH, making it a strong career choice for those interested in cybersecurity and ethical hacking.

Can you make $500,000 a year in cyber security?

Security penetration testers with extensive experience, advanced certifications, and specialized skills can potentially earn $500,000 or more annually, especially in senior or consulting roles. Achieving this level often requires a combination of technical expertise, leadership, and working in high-demand environments or for large organizations. Most professionals in the field earn lower salaries, but top-tier experts can reach or exceed this income level.

What jobs can I get with a security+ certification?

A Security+ certification qualifies you for roles such as security analyst, cybersecurity technician, or network security administrator. These positions involve assessing vulnerabilities, implementing security measures, and monitoring networks using tools like firewalls and intrusion detection systems. The certification demonstrates foundational knowledge in cybersecurity principles and best practices.

What are some common challenges Security Penetration Testers face when conducting assessments in large organizations?

Security Penetration Testers often encounter challenges such as navigating complex network environments, obtaining the necessary permissions to test sensitive systems, and coordinating with multiple stakeholders to minimize business disruptions. Additionally, they must stay updated with evolving security threats and technologies to ensure their testing methods remain effective. Effective communication and clear reporting are also crucial, as conveying findings to both technical and non-technical audiences can directly impact remediation efforts and overall security posture.
More about Security Penetration Testing jobs
What cities are hiring for Security Penetration Testing jobs? Cities with the most Security Penetration Testing job openings:
What states have the most Security Penetration Testing jobs? States with the most job openings for Security Penetration Testing jobs include:
What job categories do people searching Security Penetration Testing jobs look for? The top searched job categories for Security Penetration Testing jobs are:
Infographic showing various Security Penetration Testing job openings in the United States as of July 2026, with employment types broken down into 96% Full Time, 2% Part Time, and 2% Contract. Highlights an 83% Physical, 2% Hybrid, and 15% Remote job distribution, with an average salary of $152,773 per year, or $73.4 per hour.
Penetration Testing Associate

Penetration Testing Associate

KirkpatrickPrice

Bowling Green, KY • On-site

$35K - $60K/yr

Full-time

Posted 10 days ago


Job description

Penetration Testing Associate
About the Role
KirkpatrickPrice is a trusted security partner to organizations of all sizes and maturity levels. Our clients need experts who are experienced, patient, and communicate well: people who help them discover vulnerabilities and learn how to strengthen their defenses. We love empowering and inspiring our clients to effectively protect their most sensitive data.
We're hiring a Penetration Testing Associate to keep our penetration testing program running smoothly behind the scenes. This hybrid role blends light hands-on technical work (maintaining scanning infrastructure, deploying test devices, running pre-scans) with project coordination (engagement kickoffs, client check-ins, scope validation, and onboarding).
It's an ideal first role for someone early in their cybersecurity career who is detail-oriented, comfortable around Linux and networking concepts, and enjoys both technical tasks and working directly with people. You'll partner closely with penetration testers and client success teams to make sure every engagement is set up correctly, on schedule, and within scope. We'll provide documentation, mentorship, and on-the-job training, so prior professional experience is not required.
What You'll Do
Infrastructure & Device Maintenance
  • Perform weekly updates and health checks on all active testing devices, and maintain core testing tools and services on a recurring schedule, including scanners, VPNs, and supporting platforms.
  • Manage cloud and hosted infrastructure (snapshots, backups, server maintenance), troubleshoot device update and connectivity issues over secure tunnels, and keep documentation and asset inventories accurate and current.
  • Deploy and configure physical and virtual testing devices following established procedures, preparing them for shipment or remote setup with secure credential handoff.
  • Provision new team members across penetration testing tools and platforms.

Vulnerability Scanning & Reporting
  • Manage and perform vulnerability scanning for all clients: schedule and run scans, review and validate results, and deliver reports to clients.

Engagement Coordination & Scoping
  • Set up project-tracking boards and coordinate kickoff and check-in calls, confirming network details, verifying pre-engagement questionnaires, resolving access issues, and scheduling pre-scan windows.
  • Proactively follow up with clients to ensure pre-engagement tasks are completed accurately and on time, providing status updates and looping in testers for final confirmation.
  • Confirm engagement targets against agreed scope and securely store credentials and device details in the team's password manager.
  • Run pre-scans ahead of testing weeks and compare results against scope to flag discrepancies before testing begins.

What We're Looking For
Required
  • Strong organizational skills and attention to detail, with reliable follow-through to track and chase down many moving pieces across multiple concurrent engagements.
  • Clear, effective written and verbal communication; comfortable leading client-facing calls and keeping clients accountable for completing pre-engagement tasks on schedule.
  • An IT or cybersecurity education or background: a degree, certifications, coursework, or equivalent hands-on experience in IT, cybersecurity, computer science, or a related field.
  • Foundational familiarity with networking concepts (IP addressing, ports, VPNs, SSH) and Linux command-line environments.
  • Ability to handle sensitive credentials and client information responsibly.

Preferred (Nice to Have)
  • Internships, lab/home-lab experience, or industry certifications beyond the baseline requirement.
  • Exposure to vulnerability scanners or vulnerability management platforms.
  • Familiarity with cloud or hosted infrastructure.
  • Interest in or exposure to offensive security, penetration testing, or red team tooling.
  • Experience with project-tracking or collaboration tools.

Desired Characteristics
Character
  • Possess an extreme level of integrity. The top 1% of wealth holders in America rate integrity as the #1 factor that explains economic success.
  • Apply diligence to every engagement so that the client benefits the most.
  • Passionate about helping clients understand and complete what's needed to keep their testing on track.
  • Strong desire to contribute to and learn from an open and collaborative team. Humility and contribution to the team are valued.
  • Able to communicate clearly with both technical and non-technical audiences.