Men account for the majority of Penetration Testers in the United States. The overall average income for this group is approximately $78K annually. Total cash compensation to Penetration Testers varies from $44K to $124K; higher pay grades include potential for bonuses and profit sharing as high as $14K each. Experience level is the biggest factor affecting pay for this group, followed by geography. Work is enjoyable for Penetration Testers, who typically claim high levels of job satisfaction. Medical benefits are awarded to most, and a large number earn dental coverage. This snapshot results from replies to PayScale’s salary survey.
A bachelor’s degree in information technology or a cybersecurity-related field is commonly required by employers; experience may sometimes be substituted for education. Relevant certifications may be preferred.
Median Salary by Job – Certification: Offensive Security Certified Professional (OSCP) (United States)
Penetration Tester Tasks
- Follow industry best practice methodologies for penetration testing, and be able to use tools for a basis level assessment.
- Search for security vulnerabilities in web applications, fat/thin client applications, and standard applications, and assess the secure configuration of operating systems and network devices.
- Document findings for management and technical staff and recommend mitigating actions.
- Conduct IT/Cyber Security assessments / penetration tests (hands-on work), as an individual, self-managed tester, or in small project teams.
- Work with customers to determine their need for security assessments, present and explain the employed methodology, and support them with feedback and verification during mitigation.