Penetration testers help businesses and organizations identify and resolve security vulnerabilities and weaknesses affecting their digital assets and computer networks. Some hold in-house positions with permanent employers, functioning as part of internal cybersecurity or information technology (IT) teams. Others work for specialized firms that provide penetration-testing services to end clients.
Industries that deal with high volumes of sensitive, personal, classified, or proprietary information tend to bring penetration testers on in higher numbers. Some employers place more emphasis on the candidate's knowledge and experience than their formal educational backgrounds. However, employers increasingly prefer applicants with a bachelor's or master's degree in computer science, IT, cybersecurity, or a related specialization.
The profession tends to attract curious, ethical minds with advanced technical skills. The Bureau of Labor Statistics (BLS) counts penetration testers under the broader umbrella of "information security analysts." The BLS projects a 32% increase in demand for information security analysts between 2018 and 2028, and reports a 2019 median salary of nearly $100,000 per year.
What Does a Penetration Tester Do?
Some penetration testing jobs carry other titles, such as "ethical hacker" or "assurance validator." These terms reflect the main duties of a penetration tester (or "pen tester"): to seek, identify, and attempt to breach existing weaknesses in digital systems and computing networks. These systems and networks include websites, data storage systems, and other IT assets.
Many people confuse penetration testing with vulnerability testing. In actuality, these two cybersecurity specializations have distinct differences. Vulnerability testers look for flaws and weaknesses during a security program's design and setup phases. Penetration testing professionals specifically seek out flaws and weaknesses in existing, active systems.
Penetration testing teams simulate cyberattacks and other security breaches designed to access sensitive, private, or proprietary information. They utilize existing hacking tools and strategies as well as devise their own. During a simulated attack, pen testers document their actions to generate detailed reports indicating how they managed to bypass established security protocols, and to what degree.
Organizationally, penetration testing teams create value by helping their employers avoid the public relations fallout and loss of consumer confidence that accompany actual hacks and cyberattacks. They also help businesses and organizations improve their digital security measures within established budgetary confines.
The sections that follow explore key soft and hard penetration tester skills.
- Key Soft Skills for Penetration Testers
- A Desire to Learn: Hackers and cybercriminals constantly change their strategies and tactics, and technology continually evolves. Penetration testing professionals need to stay updated on the latest developments on both fronts.
- A Teamwork Orientation: Penetration testers often work in teams, with junior members undertaking duties with lower levels of responsibility while reporting to senior members.
- Strong Verbal Communication: Team members must articulate their findings in clear, easy-to-follow language that people without advanced technical knowledge or skills can understand.
- Report Writing: Strong writing skills serve penetration testing professionals well because their duties include producing reports for management and executive teams to review.
- Key Hard Skills for Penetration Testers
- Deep Knowledge of Exploits and Vulnerabilities: Most employers prefer candidates whose knowledge of vulnerabilities and exploits goes beyond automated approaches.
- Scripting and/or Coding: Testers with good working knowledge of scripting and/or coding can save a great deal of time on individual assessments. Thus, they offer greater value to employers.
- Complete Command of Operating Systems: Penetration testing professionals need advanced knowledge of the operating systems they attempt to hack or breach in conducting their assessments.
- Strong Working Knowledge of Networking and Network Protocols: By definition, understanding how hackers and cybercriminals operate requires penetration testers to understand networking and network protocols like TCP/IP, UDP, ARP, DNS, and DHCP.
A Day in the Life of a Penetration Tester
Pen testers spend most of their time conducting assessments and running tests. These duties may target internal or external assets, and testers can work both on site and remotely.
During the morning, the tester or testing team decides on a strategy for the project at hand and sets up the required tools. In some cases, this involves rounding up what professionals call "open source intelligence" or OSINT, which real-life hackers draw on when trying to bypass security measures and initiate attacks.
In the afternoon, teams carry out the tests they spent the morning designing. Teams sometimes subdivide into smaller groups, with one group playing the role of hostile outside hackers and another group assuming the duties of internal cybersecurity personnel tasked with stopping them.
Alternate duties include carrying out simulations designed to assess other aspects of internal risk. For instance, penetration testing teams may target select employees with phishing scams or other false breaches to see what type of responses they get and how those responses affect established security protocols.
Thus, penetration tester requirements involve many different responsibilities. The following list offers five particularly important examples.
Penetration Tester Main Responsibilities
Penetration Tester Salary
According to PayScale data from August 2020, the average penetration tester salary in the U.S. sits at $84,690 per year. However, many factors affect a professional's salary, such as experience. The chart below explains the typical salaries earned by penetration testers at various stages of their careers.
Education also affects salary; applicants with advanced degrees and industry-standard certifications tend to attract offers with higher rates of pay. The same trend applies to positions with more responsibility. Senior team members and team leads usually earn more than junior and entry-level employees.
Industry is another key factor that affects salary. Some industries, such as financial services and military contracting, face greater levels of risk and potential loss in the event of a successful cyberattack. Thus, they tend to pay their testers more in order to attract the best and most qualified job applicants.
Where Can I Work as a Penetration Tester?
Penetration testing professionals work in a range of settings, industries, and sectors. While many hold traditional on-site positions, the profession also supports remote work.
Organizations in both the public and private sectors require the valuable skills that penetration testing specialists offer. Major industries that employ large numbers of penetration testers include healthcare informatics, technology, information security, payment processing and financial services, defense contracting, and government.
Location can also make a major difference in a penetration testing specialist's career. In many major urban centers, cybersecurity and information security specialists command premium salaries that reflect high levels of demand. The table below indicates four large cities where penetration testing professionals tend to enjoy higher-than-average pay rates.
However, in planning a career, remember that salary tells only part of the story. Cost of living and quality of life also merit careful consideration.
As of 2020, the 10 states with the lowest average living costs include (in order from lowest to highest): Mississippi, Indiana, Michigan, Arkansas, Oklahoma, Idaho, Tennessee, Kansas, Texas, and Kentucky. The Council for Community and Economic Research also publishes a regularly updated cost-of-living research tool, which makes for a valuable resource.
|Top-Paying Cities||Percentage Above Average Pay|
Major industries that employ penetration testers include financial services, healthcare, and government. Many companies in the technology sector also hire penetration testers in large numbers, as do businesses that specialize in information security.
Employment opportunities in financial services cover jobs with banks, credit card companies, payment processors, and brokerages. These companies tend to pay relatively well, in large part due to the sensitive nature of the information and assets they control and the potential consequences that can result from successful cyberattacks. Similar trends extend to healthcare and government, although public-sector organizations tend to pay less due to budgetary limitations.
Many leading technology companies employ internal penetration testers as part of their quality assurance commitments. Information security firms typically assign testing teams to short-term jobs for individual end clients, offering more variation in day-to-day duties. Pay rates in these industries also tend to range toward the higher end.
A global online retail giant, Amazon is among the world's largest and most valuable companies. Given the volume of financial transactions that take place through its network and the sensitive nature of the customer information it stores, Amazon also ranks among the leading employers of pen testers.
Founded in 1997, Paylocity is one of the largest providers of online payroll services in the country. The company's services draw heavily on cloud computing, meaning that Paylocity must constantly strive to stay ahead of hackers and cybercriminals targeting their data.
International Business Machines (IBM)
According to PayScale, IBM ranks among the top-paying employers of pen testers. A trusted name in technology for decades, IBM offers a complete lineup of information security services to end clients through its branded X-Force Red program.
How to Become a Penetration Tester
The typical journey to becoming a penetration tester unfolds over several distinct phases, which begin during a candidate's pre-college years. During this time, individuals with the necessary aptitudes often discover and explore their interest in computer science and IT, building basic technical skills and a functional working knowledge of operating systems, scripting, coding, and programming.
From there, aspirants proceed into computer science, computer engineering, IT, or cybersecurity degree programs. Entry-level penetration tester requirements include both educational and experiential components, with a bachelor's degree increasingly serving as the minimum necessary level of schooling. Specialized professional certifications also help.
Candidates then build penetration tester skills by working in lower-level IT positions, including roles in system or network security and administration. After 1-4 years of employment in these areas, emerging professionals typically possess the knowledge and experience needed to land their first testing jobs.
Steps to Becoming a Penetration Tester
- Get a Degree: A bachelor's degree in computer science or engineering, cybersecurity, or IT usually suffices to begin a pen testing career.
- Build Experience: Penetration testing professionals usually build and hone their skills by working in entry-level IT, network management, and network administration positions for at least a year.
- Obtain Certifications: Many reputable organizations offer voluntary credentialing programs that lead to sought-after professional certifications in ethical hacking, security analysis, pen testing, and related fields.
- Transition into Penetration Testing: After completing the previous steps, candidates can typically transition into penetration testing jobs.
Penetration Tester Requirements
The subsections that follow explain how to meet employer requirements for penetration testing positions.
Education Requirements for Penetration Testers
In general, employers of pen testers place more emphasis on technical skills, knowledge, professional proficiencies, and work experience than formal educational credentials. However, education remains a vital aspect of a penetration testing professional's future success, with a bachelor's degree typically functioning as the minimum entry-level education requirement.
Degree programs that emphasize information security and cybersecurity offer particular value, but generalist disciplines like computer science and computer engineering also help students build well-rounded, versatile skill sets. Many generalist programs allow learners to declare a specialization in their upper years, and cybersecurity ranks among the most popular and widely available concentrations.
Master's degrees offer aspiring penetration testers the opportunity to combine advanced education with laser-focused skill specializations. These two factors combine to deliver higher overall earning potential and career advancement opportunities.
A doctorate also remains an option, though working professionals rarely pursue doctoral degrees. Ph.D. degrees appeal more strongly to those interested in research and postsecondary teaching careers, though some practitioners obtain them as an effective way to market themselves to employers seeking the most knowledgeable and capable specialists.
License and Certification Requirements for Penetration Testers
Pen testers do not require licenses, but many respected organizations offer voluntary certification programs that look great on resumes. Examples include:
- PenTest+ Offered by CompTia, the PenTest+ examination comprises up to 85 questions in multiple-choice and applied formats. This intermediate-level exam leads to entry-level penetration testing jobs.
- Certified Ethical Hacker Administered by the prestigious EC-Council, the CEH designation ranks among the most popular and sought-after professional certifications in the information security industry. Passing the certification exam requires deep knowledge of current malware and hacking strategies.
- GIAC Certified Penetration Tester The three-hour GPEN examination covers penetration tester skills, documentation, ethics, and legal considerations. The Global Information Assurance Certification organization administers this test.
Required Experience for Penetration Testers
Many pen testers accrue significant experience in lower-level IT, network security, and information assurance roles before transitioning into this demanding and specialized discipline. Examples of job titles that help aspiring candidates build necessary skills include network administrator, network engineer, security administrator, and system administrator.
Technology job market experts usually recommend a minimum of one year of professional experience in such areas. However, candidates who spend longer periods in preparatory roles typically build up deeper, more versatile skill sets and knowledge bases.
Notably, experience and knowledge outrank the importance of formal educational credentials in the eyes of many employers. Candidates can become pen testers without formal degrees if they have the technical skills and savvy to earn in-demand professional certifications instead.
The Penetration Tester Job Hunt
Employers openly advertise penetration testing vacancies on major job boards and career websites, making them ideal places to start looking. Candidates can also source opportunities by joining professional organizations; participating in continuing education programs, conferences, and workshops; and leveraging their personal and professional networks.
The following list outlines several online resources for finding penetration testing jobs.
This leading professional networking portal maintains job listings from across the U.S. and makes it easy for candidates to apply by linking their profiles.
A popular and fast-growing job board and career-building website, ZipRecruiter maintains listings for pen testers at all stages of their careers.
DICE Cybersecurity Jobs
This New York-based career site specializes in the technology industry and offers candidates results-matching features.
Another specialized resource for tech professionals, this site allows users to conduct quick, easy searches by location, position title, or a combination of both.
Penetration Tester Upward Mobility
Penetration testing professionals often work in teams that include junior and senior associates. Junior team members typically concentrate on supporting roles and functions, while senior leaders take more responsibility for designing and planning testing procedures.
The typical career path of a pen tester involves moving from junior to senior positions as they build experience. However, pen testers can also branch out into other roles after mastering their professions, including:
IT Security Architect
IT Security Manager
Director of Cybersecurity
Frequently Asked Questions
- How long does it take to become a penetration tester?
- Job-seekers usually transition into penetration testing after earning a four-year bachelor's degree and 1-4 years of junior-level IT experience.
- What degree is needed to be a penetration tester?
- For most employers, knowledge and skills take higher priority than formal education. However, many working professionals enter the field after completing a bachelor's or master's degree in computer science, IT, or cybersecurity.
- How much does a penetration tester make?
- As of August 2020, PayScale reports a nationwide average penetration tester salary of $84,690. Actual offers may come with lower or higher salary figures, depending on industry, location, experience, and performance requirements.
- What requirements are there to become a penetration tester?
- Degrees and industry-standard ethical hacking and penetration testing certifications help a great deal, but the only hard requirements for the job include advanced knowledge of the techniques and tools hackers use to breach protected information networks.
- What does a penetration tester do?
- Pen testers design and plan simulations and security assessments designed to probe existing cybersecurity measures for potential weaknesses. They also document their findings in reports and present them to their clients, employers, and superiors.
Professional Organizations for Penetration Testers
- Information Systems Security Association International This collaborative professional network unites cybersecurity professionals worldwide through training programs, workshops, and career services. ISSA also maintains a fellows program for ambitious professionals.
- (ISC)2 This leading nonprofit cybersecurity organization features a membership base of more than 150,000 professionals. It offers respected certifications, exam preparation resources, career services, and many other perks.
- ISACA This enterprise-oriented organization offers benefits including members-only career fairs and job boards, international conferences, and more than 200 local chapters that host training workshops and events. ISACA offers student, recent graduate, and professional membership levels.
- Comp-TIA Another respected global leader in cybersecurity, the Comp-TIA organization offers specialized training programs, continuing education, and certifications. Members also gain access to an exclusive career center.