1

Web App Penetration Testing Jobs (NOW HIRING)

Penetration Tester - Intermediate Under general supervision, perform penetration testing of ... Understanding of PCI DSS testing requirements. Knowledge of database, application, and web server ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of ... Understanding of PCI DSS testing requirements. Knowledge of database, application, and web server ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of ... Understanding of PCI DSS testing requirements. Knowledge of database, application, and web server ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of ... Understanding of PCI DSS testing requirements. Knowledge of database, application, and web server ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of ... Understanding of PCI DSS testing requirements. Knowledge of database, application, and web server ...

Penetration Tester

Alpharetta, GA · On-site

$35 - $40/hr

Conduct penetration testing on web applications, APIs, mobile applications, and Active Directory. * Identify and report vulnerabilities using industry-standard tools and methodologies. * Collaborate ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of ... Understanding of PCI DSS testing requirements. Knowledge of database, application, and web server ...

Penetration Tester - Intermediate Under general supervision, perform penetration testing of ... Understanding of PCI DSS testing requirements. Knowledge of database, application, and web server ...

... Web Security Testing Guide (WTG), etc. * Demonstrated ability to lead a penetration test and guide Senior/Junior Penetration Testers. * U.S. citizenship required. * An active Secret security ...

next page

Showing results 1-20

Web APP Penetration Testing information

See salary details

$11

$59

$86

How much do web app penetration testing jobs pay per hour?

As of Jul 3, 2026, the average hourly pay for web app penetration testing in the United States is $59.01, according to ZipRecruiter salary data. Most workers in this role earn between $51.20 and $66.83 per hour, depending on experience, location, and employer.

What is a Web App Penetration Testing job?

A Web App Penetration Testing job involves assessing the security of web applications by simulating real-world attacks. Security professionals use various techniques to identify vulnerabilities like SQL injection, cross-site scripting (XSS), or authentication flaws. The goal is to help organizations strengthen their web applications by providing recommendations for fixing security weaknesses. Testers use tools like Burp Suite, OWASP ZAP, and manual testing techniques to ensure comprehensive coverage. This job requires knowledge of ethical hacking, web technologies, and cybersecurity best practices.

What does a typical workday look like for someone in Web App Penetration Testing?

A typical day in Web App Penetration Testing involves actively assessing web applications for security weaknesses using both automated tools and manual testing techniques, reviewing code when necessary, and documenting findings comprehensively. You may also participate in meetings with developers and stakeholders to discuss vulnerabilities, advise on remediation steps, and help prioritize risk mitigation tasks. Many roles offer a mix of independent analysis and team collaboration, with frequent opportunities to learn about new technologies and threats. This environment encourages continuous learning and offers clear pathways for career growth, such as advancing to a senior tester, security consultant, or application security architect.

What are the key skills and qualifications needed to thrive in the Web App Penetration Testing position, and why are they important?

To thrive as a Web App Penetration Tester, you need a strong understanding of web application security, common vulnerabilities (such as OWASP Top 10), and solid programming/scripting skills, usually underpinned by a degree in computer science or a related field. Familiarity with tools like Burp Suite, OWASP ZAP, Metasploit, and certifications such as OSCP or CEH are highly valued. Attention to detail, analytical thinking, effective communication, and problem-solving are crucial soft skills for this role. These competencies help ensure that vulnerabilities are thoroughly identified, clearly reported, and resolved in collaboration with development teams, ultimately supporting organizational security.

More about Web APP Penetration Testing jobs
What are the most commonly searched types of Web App Penetration Testing jobs? The most popular types of Web App Penetration Testing jobs are:
What states have the most Web App Penetration Testing jobs? States with the most job openings for Web App Penetration Testing jobs include:
What job categories do people searching Web App Penetration Testing jobs look for? The top searched job categories for Web App Penetration Testing jobs are:
Penetration Tester

Penetration Tester

TekSynap

Salt Lake City, UT • On-site

Other

Posted 18 days ago


TekSynap rating

8.1

Company rating: 8.1 out of 10

Based on 5 frontline employees who took The Breakroom Quiz

53rd of 207 rated it services


Job description

Penetration Tester - Intermediate

Under general supervision, perform penetration testing of applications, systems, and network enclaves to identify security weaknesses and vulnerabilities. Assess enterprise systems using offensive cybersecurity techniques and provide actionable recommendations to reduce risk and improve the organization's overall cybersecurity posture.

Conduct application, network, and wireless penetration testing in accordance with approved methodologies and rules of engagement.

Identify security flaws in computing platforms, applications, and network architectures and develop mitigation strategies to address identified risks.

Apply offensive cybersecurity testing techniques, including manual and automated testing methods.

Coordinate penetration testing activities and schedules with internal stakeholders, system owners, and external partners as required.

Perform network vulnerability assessments and exploitation testing across on-premises and enclave-based environments.

Execute wireless security assessments, including identification of rogue access points and insecure configurations.

Analyze test results and document findings, including severity, impact, and recommended remediation actions.

Prepare and deliver technical assessment reports and briefings to leadership and technical teams.

Support compliance-driven testing efforts, including PCI DSS and other applicable security standards.

Contribute to continuous improvement of enterprise cybersecurity posture through lessons learned and testing feedback.

Secret – IT-II (Tier 3) Non-Critical Sensitive Clearance

Possess a certification in penetration testing, such as:

  • Licensed Penetration Tester (LPT)
  • Certified Expert Penetration Tester (CEPT)
  • Certified Ethical Hacker (CEH)
  • Global Information Assurance Certification Penetration Tester (GPEN)

Minimum of 3 years of demonstrated experience performing vulnerability assessments and penetration testing.

Minimum of 2 years of experience conducting network vulnerability assessments and penetration testing methodologies.

Two Years experience with testing tools including NESSUS, METASPLOIT, CANVAS, NMAP, Burp Suite and Kismet.

Minimum of 1 year of experience authoring formal penetration testing or security assessment reports.

Minimum of 2 years of experience using, administering, and troubleshooting Linux operating systems.

Minimum of 2 years of experience using, administering, and troubleshooting Windows Server or Linux servers, including IIS or Apache.

Proficiency with penetration testing and assessment tools, including Nessus, Metasploit, CANVAS, Nmap, Burp Suite, and Kismet.

Strong understanding of TCP/IP protocols, networking concepts, and network architectures.

Knowledge of open security testing standards and projects, including OWASP.

Understanding of PCI DSS testing requirements.

Knowledge of database, application, and web server design and implementation.

Experience with wireless LAN security testing methodologies and tools.

Experience scripting in one or more of the following languages: Perl, Python, Ruby, Bash, or Java.

Demonstrated written documentation and oral presentation skills.

Ability to clearly communicate technical findings to both technical and non-technical audiences.


What TekSynap employees say

Hours and flexibility

Workplace

Get the full story on Breakroom