Penetration Testers
Evaluate network system security by conducting simulated internal and external cyberattacks using adversary tools and techniques. Attempt to breach and exploit critical systems and gain access to sensitive information to assess system security.
SOC: 15-1299.04
What You'll Need to Succeed
AI-generatedKey competencies for this occupation at a glance
- KnowledgeDevelop custom exploitation scripts and payloads using Python, PowerShell, Bash, and other scripting languages to test security controls.Advanced
- KnowledgeAnalyze network system vulnerabilities and attack vectors using adversary tools and techniques across multiple operating systems and platforms.Proficient
- Hands-onExecute simulated cyberattacks against critical systems using penetration testing frameworks such as Metasploit, Burp Suite, and Kali Linux.Proficient
- KnowledgeEvaluate system security posture and breach potential by attempting to exploit identified vulnerabilities and gain unauthorized access to sensitive information.Proficient
- KnowledgeAssess web application security and API vulnerabilities through manual code review and automated scanning across diverse technology stacks.Proficient
- KnowledgeSynthesize penetration testing findings into comprehensive security reports documenting attack methodologies, exploited vulnerabilities, and risk-prioritized remediation recommendations.Proficient
- MindsetIntegrate ethical hacking principles with organizational security requirements while maintaining confidentiality and adhering to authorized testing scope and rules of engagement.Proficient
- Hands-onOperate vulnerability scanning and network mapping tools including Nmap, Nessus, and Wireshark to identify security weaknesses.Developing
- Hands-onPerform reverse engineering of binaries and firmware using IDA Pro, Ghidra, and Binary Ninja to identify exploitation opportunities.Developing
- KnowledgeApply MITRE ATT&CK framework tactics and techniques to simulate realistic adversary behavior during red team engagements.Developing
- Hands-onManipulate cloud infrastructure security configurations across AWS, Azure, and Google Cloud platforms to test for misconfigurations and privilege escalation paths.Developing
- MindsetParticipate in collaborative security discussions with IT and development teams to communicate technical vulnerabilities and advocate for secure development practices.Developing
Wage Data According to the Bureau of Labor Statistics
Annual wage data for Penetration Testers (2024)
Estimated Total Employment (U.S.)
439,380
Wage Distribution by Percentile
| Metric | U.S. |
|---|---|
| 10% of workers earn the following or less | $52,650 |
| 10% of workers earn the following or more | $176,800 |
| Workers on average earn | $116,700 |
+ indicates wage is at or above the BLS reporting cap ($239,200/year)
Tools & Technology
Equipment and software commonly used in this occupation
In-Demand Technology
Frequently requested by employers in job postings
Amazon Web Services AWS softwareAnsible softwareApple iOSApple macOSBashCC#C++DockerGitHubGoGoogle AndroidIBM TerraformJavaScriptKubernetesLinuxMicrosoft Active DirectoryMicrosoft Active Server Pages ASPMicrosoft Azure softwareMicrosoft ExcelMicrosoft Office softwareMicrosoft PowerShellMicrosoft SQL ServerOracle JavaOracle Java 2 Platform Enterprise Edition J2EEPHPPerlPythonRubyServiceNowShell scriptSplunk EnterpriseStructured query language SQLUNIX
Technology Skills
Database management systemsFirewall softwareGhidraGoogle Cloud softwareHP WebInspectHex-Rays IDA ProIBM MiddlewareIBM QRadar SIEM