Penetration Tester II
Chandler, AZ · On-site
... device testing. Responsibilities : • Conducting penetration tests on various systems and ... Company : M9 Solutions is a national staffing firm focused on cloud, cyber security, web ...
Penetration Tester II
Chandler, AZ · On-site
... device testing. Responsibilities : • Conducting penetration tests on various systems and ... Company : M9 Solutions is a national staffing firm focused on cloud, cyber security, web ...
Penetration Tester
Washington, DC · On-site
$130K - $145K/yr
Dark Wolf is actively seeking an experienced Penetration Tester to join our innovative team. This ... Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) * Proficiency in the testing ...
Penetration Tester
Washington, DC · On-site
$130K - $145K/yr
Dark Wolf is actively seeking an experienced Penetration Tester to join our innovative team. This ... Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) * Proficiency in the testing ...
Penetration Tester
Washington, DC · Hybrid
$130K - $145K/yr
Dark Wolf is actively seeking an experienced Penetration Tester to join our innovative team. This ... Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) * Proficiency in the testing ...
Penetration Tester
Washington, DC · Hybrid
$130K - $145K/yr
Dark Wolf is actively seeking an experienced Penetration Tester to join our innovative team. This ... Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) * Proficiency in the testing ...
Penetration Tester
Reston, VA · On-site
Network penetration testing and experience working with network infrastructure * An understanding ... Experience conducting web application security assessments * Experience working with a range of ...
Penetration Tester
Reston, VA · On-site
Network penetration testing and experience working with network infrastructure * An understanding ... Experience conducting web application security assessments * Experience working with a range of ...
Penetration Tester
Chantilly, VA · On-site
Conduct penetration testing that uses both active and passive capabilities to expose and exploit IA ... System methodologies including: client/server, web hosting, web content servers, policy servers ...
Penetration Tester
Chantilly, VA · On-site
Conduct penetration testing that uses both active and passive capabilities to expose and exploit IA ... System methodologies including: client/server, web hosting, web content servers, policy servers ...
Penetration Tester
Herndon, VA · Hybrid
$130K - $145K/yr
Dark Wolf is actively seeking an experienced Penetration Tester to join our innovative team. This ... Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) * Proficiency in the testing ...
Quick apply
Penetration Tester
Herndon, VA · Hybrid
$130K - $145K/yr
Dark Wolf is actively seeking an experienced Penetration Tester to join our innovative team. This ... Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) * Proficiency in the testing ...
Senior Penetration Tester
$90K - $150K/yr
Summary: The Senior Penetration Tester will independently perform penetration testing of ... testing standards and projects, including OWASP * Knowledge of databases, applications, and Web ...
Senior Penetration Tester
$90K - $150K/yr
Summary: The Senior Penetration Tester will independently perform penetration testing of ... testing standards and projects, including OWASP * Knowledge of databases, applications, and Web ...
Understanding of all aspects of Penetration Testing with an emphasis on white box testing, black box testing, internal networks, external networks, web applications, and application/code review
Quick apply
Understanding of all aspects of Penetration Testing with an emphasis on white box testing, black box testing, internal networks, external networks, web applications, and application/code review
Senior ISSE/Penetration Tester
$117K - $158K/yr
Performing web app pen tests. * Performing vulnerability risk assessments. * Performing physical ... Must have experience with penetration testing tools. * Must have experience developing and ...
Quick apply
Senior ISSE/Penetration Tester
$117K - $158K/yr
Performing web app pen tests. * Performing vulnerability risk assessments. * Performing physical ... Must have experience with penetration testing tools. * Must have experience developing and ...
Senior Penetration Tester (WebApp and Network)
Charlotte, NC · On-site +1
$50 - $65/hr
Utilizing various penetration testing tools and methodologies to simulate cyber attacks. * Analyzing web applications for weaknesses and vulnerabilities using manual and automated methods.
Senior Penetration Tester (WebApp and Network)
Charlotte, NC · On-site +1
$50 - $65/hr
Utilizing various penetration testing tools and methodologies to simulate cyber attacks. * Analyzing web applications for weaknesses and vulnerabilities using manual and automated methods.
Senior Penetration Tester (WebApp and Network)
Charlotte, NC · On-site
$50 - $65/hr
Utilizing various penetration testing tools and methodologies to simulate cyber attacks. * Analyzing web applications for weaknesses and vulnerabilities using manual and automated methods.
Senior Penetration Tester (WebApp and Network)
Charlotte, NC · On-site
$50 - $65/hr
Utilizing various penetration testing tools and methodologies to simulate cyber attacks. * Analyzing web applications for weaknesses and vulnerabilities using manual and automated methods.
Senior ISSE/Penetration Tester
$117K - $158K/yr
Performing web app pen tests. * Performing vulnerability risk assessments. * Performing physical ... Must have experience with penetration testing tools. * Must have experience developing and ...
Senior ISSE/Penetration Tester
$117K - $158K/yr
Performing web app pen tests. * Performing vulnerability risk assessments. * Performing physical ... Must have experience with penetration testing tools. * Must have experience developing and ...
Penetration Tester
Los Angeles, CA · On-site
Perform offensive engagements including red teaming and penetration testing * Perform penetration tests against external networks, internal networks, web applications, mobile applications, social ...
Penetration Tester
Los Angeles, CA · On-site
Perform offensive engagements including red teaming and penetration testing * Perform penetration tests against external networks, internal networks, web applications, mobile applications, social ...
Senior Penetration Tester
$90K - $150K/yr
Summary: The Senior Penetration Tester will independently perform penetration testing of ... testing standards and projects, including OWASP * Knowledge of databases, applications, and Web ...
Senior Penetration Tester
$90K - $150K/yr
Summary: The Senior Penetration Tester will independently perform penetration testing of ... testing standards and projects, including OWASP * Knowledge of databases, applications, and Web ...
Penetration Tester
Manhattan, NY · On-site
Plan, scope, and execute penetration testing engagements across a variety of environments, including web applications, APIs, cloud platforms, infrastructure, thick-client, and/or mobile applications.
Penetration Tester
Manhattan, NY · On-site
Plan, scope, and execute penetration testing engagements across a variety of environments, including web applications, APIs, cloud platforms, infrastructure, thick-client, and/or mobile applications.
Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, w ... Perform thorough penetration testing across web applications, RESTful APIs, mobile applications ...
Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, w ... Perform thorough penetration testing across web applications, RESTful APIs, mobile applications ...
Senior Penetration Tester
Arlington, VA · On-site
Responsible for conducting security testing and vulnerability assessments. Perform various types of penetration tests, including network, web application, and social engineering assessments. Use both ...
Senior Penetration Tester
Arlington, VA · On-site
Responsible for conducting security testing and vulnerability assessments. Perform various types of penetration tests, including network, web application, and social engineering assessments. Use both ...
Plan, scope, and execute penetration testing engagements across a variety of environments, including web applications, APIs, cloud platforms, infrastructure, thick-client, and/or mobile applications.
Plan, scope, and execute penetration testing engagements across a variety of environments, including web applications, APIs, cloud platforms, infrastructure, thick-client, and/or mobile applications.
Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, w ... Perform thorough penetration testing across web applications, RESTful APIs, mobile applications ...
Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, w ... Perform thorough penetration testing across web applications, RESTful APIs, mobile applications ...
Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, w ... Perform thorough penetration testing across web applications, RESTful APIs, mobile applications ...
Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, w ... Perform thorough penetration testing across web applications, RESTful APIs, mobile applications ...
Web APP Penetration Testing information
See salary details
$11.54 - $18.36
4% of jobs
$18.36 - $25.17
0% of jobs
$25.17 - $31.99
0% of jobs
$31.99 - $38.81
6% of jobs
$38.81 - $45.63
5% of jobs
$50.89 is the 25th percentile. Wages below this are outliers.
$45.63 - $52.45
12% of jobs
The median wage is $59.11 / hr.
$52.45 - $59.27
23% of jobs
$65.74 is the 75th percentile. Wages above this are outliers.
$59.27 - $66.08
26% of jobs
$66.08 - $72.90
13% of jobs
$72.90 - $79.72
3% of jobs
$79.72 - $86.54
7% of jobs
$11
$59
$86
How much do web app penetration testing jobs pay per hour?
As of Jun 7, 2026, the average hourly pay for web app penetration testing in the United States is $59.01, according to ZipRecruiter salary data. Most workers in this role earn between $51.20 and $66.83 per hour, depending on experience, location, and employer.
What is a Web App Penetration Testing job?
A Web App Penetration Testing job involves assessing the security of web applications by simulating real-world attacks. Security professionals use various techniques to identify vulnerabilities like SQL injection, cross-site scripting (XSS), or authentication flaws. The goal is to help organizations strengthen their web applications by providing recommendations for fixing security weaknesses. Testers use tools like Burp Suite, OWASP ZAP, and manual testing techniques to ensure comprehensive coverage. This job requires knowledge of ethical hacking, web technologies, and cybersecurity best practices.
What does a typical workday look like for someone in Web App Penetration Testing?
A typical day in Web App Penetration Testing involves actively assessing web applications for security weaknesses using both automated tools and manual testing techniques, reviewing code when necessary, and documenting findings comprehensively. You may also participate in meetings with developers and stakeholders to discuss vulnerabilities, advise on remediation steps, and help prioritize risk mitigation tasks. Many roles offer a mix of independent analysis and team collaboration, with frequent opportunities to learn about new technologies and threats. This environment encourages continuous learning and offers clear pathways for career growth, such as advancing to a senior tester, security consultant, or application security architect.
What are the key skills and qualifications needed to thrive in the Web App Penetration Testing position, and why are they important?
To thrive as a Web App Penetration Tester, you need a strong understanding of web application security, common vulnerabilities (such as OWASP Top 10), and solid programming/scripting skills, usually underpinned by a degree in computer science or a related field. Familiarity with tools like Burp Suite, OWASP ZAP, Metasploit, and certifications such as OSCP or CEH are highly valued. Attention to detail, analytical thinking, effective communication, and problem-solving are crucial soft skills for this role. These competencies help ensure that vulnerabilities are thoroughly identified, clearly reported, and resolved in collaboration with development teams, ultimately supporting organizational security.
More about Web APP Penetration Testing jobs
What are the most commonly searched types of Web App Penetration Testing jobs? The most popular types of Web App Penetration Testing jobs are:
What states have the most Web App Penetration Testing jobs? States with the most job openings for Web App Penetration Testing jobs include:
What job categories do people searching Web App Penetration Testing jobs look for? The top searched job categories for Web App Penetration Testing jobs are:
- Part Time Oscp
- Contract International Ethical Hacker
- Penetration Tester Ethical Hacker
- Internship Penetration Tester Ethical Hacker
- Part Time Penetration Tester Ethical Hacker
- Overnight Cybersecurity Penetration Tester
- Freelance Cyber Security Ethical Hacking
- Hourly Oscp
- Remote Cyber Security Ethical Hacking
- Cyber Security Penetration
Full-time
Posted 8 days ago
Job description
Job Summary:
M9 Solutions is dedicated to providing IT services and solutions to the Federal Government. They are seeking a Penetration Tester II to support a government contract and conduct various types of penetration tests, including Red Team engagements and IoT device testing.
Responsibilities:
• Conducting penetration tests on various systems and applications.
• Planning and conducting Red Team engagements.
• Performing IoT device penetration testing.
• Conducting Mobile Device Application penetration testing.
• Executing High Value Asset Assessments.
• Utilizing various methodologies for penetration testing.
• Gathering information and conducting comprehensive penetration tests.
Qualifications:
Required:
• Bachelor’s degree.
• At least three (3) years of pen test experience.
• Experience with continuous penetration testing methodologies.
• Experience with planning and conducting Red Team engagements.
• Experience with IoT device penetration testing methodologies.
• Experience with Mobile Device Application penetration testing.
• Experience with Federal and Commercial Cloud technology penetration testing.
• Experience conducting High Value Asset Assessments.
• Knowledge of Red, Blue, and Purple Team assessment processes.
• Knowledge of MITRE ATT&CK frameworks.
• Experience with OSSTMM, OWASP, NIST, PTES, and ISSAF methodologies.
• Experience with a variety of toolsets for gathering information and conducting comprehensive penetration tests.
• Must have at least a GPEN or GXPN certification in addition to one of the following certifications: GRTP, CRTL, OSCP, CRTP, CMWAPT, CEPT, CPT, LPT.
• Must have or be able to obtain CISA AES HVA Assessment Lead or Technical Lead certification.
• Secret Clearance (active).
Company:
M9 Solutions is a national staffing firm focused on cloud, cyber security, web application services, ERP, and BI implementations. Founded in 2007, the company is headquartered in Atlanta, USA, with a team of 51-200 employees. The company is currently Growth Stage.
M9 Solutions is dedicated to providing IT services and solutions to the Federal Government. They are seeking a Penetration Tester II to support a government contract and conduct various types of penetration tests, including Red Team engagements and IoT device testing.
Responsibilities:
• Conducting penetration tests on various systems and applications.
• Planning and conducting Red Team engagements.
• Performing IoT device penetration testing.
• Conducting Mobile Device Application penetration testing.
• Executing High Value Asset Assessments.
• Utilizing various methodologies for penetration testing.
• Gathering information and conducting comprehensive penetration tests.
Qualifications:
Required:
• Bachelor’s degree.
• At least three (3) years of pen test experience.
• Experience with continuous penetration testing methodologies.
• Experience with planning and conducting Red Team engagements.
• Experience with IoT device penetration testing methodologies.
• Experience with Mobile Device Application penetration testing.
• Experience with Federal and Commercial Cloud technology penetration testing.
• Experience conducting High Value Asset Assessments.
• Knowledge of Red, Blue, and Purple Team assessment processes.
• Knowledge of MITRE ATT&CK frameworks.
• Experience with OSSTMM, OWASP, NIST, PTES, and ISSAF methodologies.
• Experience with a variety of toolsets for gathering information and conducting comprehensive penetration tests.
• Must have at least a GPEN or GXPN certification in addition to one of the following certifications: GRTP, CRTL, OSCP, CRTP, CMWAPT, CEPT, CPT, LPT.
• Must have or be able to obtain CISA AES HVA Assessment Lead or Technical Lead certification.
• Secret Clearance (active).
Company:
M9 Solutions is a national staffing firm focused on cloud, cyber security, web application services, ERP, and BI implementations. Founded in 2007, the company is headquartered in Atlanta, USA, with a team of 51-200 employees. The company is currently Growth Stage.