Penetration Testers


Salary Median (2020)


Projected Job Growth (2019-2029)

+5.7% (as fast as the average)

Most Common Level of Education

Bachelor's degree


What Penetration Testers Do

Evaluate network system security by conducting simulated internal and external cyberattacks using adversary tools and techniques. Attempt to breach and exploit critical systems and gain access to sensitive information to assess system security.

How Leaders Describe a Typical Day at Work

Founder and CTO ,

Shevirah, Inc.

I'm a serial entrepreneur, penetration tester, security researcher, speaker, trainer, and author. Doing all of these things have prepared me well for founding a startup - as a solo founder, I've had to do literally everything that my company needs.

Global Head of X-Force Red ,


My team, IBM X-Force Red, finds the ways to hack businesses before the bad guys. I specialize in network, application, physical, and device penetration testing as well as vulnerability research. I also occasionally do public speaking or media events on subjects relating to security testing and incident response.

Tasks & Responsibilities May Include

  • Assess the physical security of servers, systems, or network devices to identify vulnerability to temperature, vandalism, or natural disasters.
  • Collect stakeholder data to evaluate risk and to develop mitigation strategies.
  • Conduct network and security system audits using established criteria.
  • Configure information systems to incorporate principles of least functionality and least access.
  • Design security solutions to address known device vulnerabilities.

This page includes information from theO*NET 26.1 Databaseby the U.S. Department of Labor, Employment and Training Administration (USDOL/ETA). Used under theCC BY 4.0license. O*NET® is a trademark of USDOL/ETA.