Penetration Tester
The role
What does a Penetration Tester do?
Penetration testers often specialize in a number of areas such as networks and infrastructures, Windows, Linux and Mac operating systems, embedded computer systems, web/mobile applications, supervisory control data acquisition (SCADA) control systems, cloud systems and internet of things (IoT) devices.
The details
Penetration Tester career paths
Domain knowledge
- Exploitation analysis
- Vulnerability assessment and management
Related job titles
- Ethical hacker
- Assurance validator
Common certifications
Associated NICE Work Roles
All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.
- Exploitation Analyst
- Target Network Analyst
- Threat / Warning Analyst
Penetration Tester career paths
Plans & pricing
Infosec Skills Personal
$299 / year
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
Infosec Skills Teams
$799 per license / year
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments
FAQ
Frequently asked questions
What does a penetration tester do?
Penetration tester jobs require you to essentially act like a hacker and hack into your organization’s resources. If you were wondering “what is ethical hacking”, it is just this – ethical application of hacking skills. The purpose is to simulate a real hack and cyber security penetration testing is a safer way for organizations to gauge their security than to wait for a real-time hack. On a more granular level, pen testers identify security vulnerabilities in an organization’s digital and physical systems and policies.
How can I become a penetration tester or ethical hacker?
Penetration testers and ethical hackers use a combination of their work experience and ethical hacking skills that they have acquired to help land their first job in this role. The good thing is that you can learn various skills involved in penetration testing online for free.
What education does a penetration tester or ethical hacker need?
Whether your career path will require education is more a function of the job you are applying for than anything else. Some organizations hiring for the role of penetration tester or ethical tester do not have any education requirements, in which case certification is all you need. Other organizations do have an education requirement, so you will need both a degree and certification. For those that do require a degree, there is no one degree they require - whether it be the level of degree or the major.
What certifications does an ethical hacker need?
The top certification, and the only one that you can say you need with firm veracity is the Certified Ethical Hacker cert offered by EC-Council. This cert is the standard and is recognized across multiple industries, so chances are that organization is looking for it. Below are some other certifications that you may want to look into:
- Certified Penetration Tester by Infosec Institute
- CompTIA PenTest+
- GIAC Penetration Tester
- Certified Expert Penetration Tester by Infosec Institute
- EC-Council Licensed Penetration Tester Master
What skills does a penetration tester and ethical hacker need?
Mastering these skills and improving your penetration testing skills is the name of the game when it comes to keeping up with the most up-to-date ethical hacking. The skills you will need as a pen tester are:
- Coding skills in multiple languages to penetrate organizational systems and networks
- Comprehensive information security knowledge
- Computer forensics and system analysis
- Understanding how breaches affect your organization
- Being a clear communicator
- Understanding the human factor
- Being able to plan and create penetration tests
- The ability to test, test, test because that will be much of your day-to-day work
How much can a penetration tester earn?
According to PayScale, the average salary for an ethical hacker/pen tester is $70,096. Those that are at the mid-career level make well over $100,000 per year with the top 10% of ethical hackers earning $149,000. The certified ethical hacker certification will be arguably more than those without a cert, but there is no data specifically on how much that cert will boost your earning level.
Where do penetration testers or ethical hackers work?
One thing about working as a pentester is the wide variety of industries that are looking for penetration testers to test an organization’s security. Below is a sampling of the industries that typically hire pen testers:
- Financial services
- Healthcare
- Government
- Tech
- Enterprise