A penetration tester, also known as a ‘pen tester’, is someone who tests a computer system to see if it has any security vulnerabilities that a malicious actor could exploit.
Penetration testers can find work in a wide range of private firms and government organizations. To secure a position as a penetration tester, you don’t need to have a relevant Bachelor’s or Master’s degree, or any degree at all, for that matter. Many people enter the field without one. However, a Bachelor’s or Master’s degree in computer science, cybersecurity, or IT can be helpful in getting work and securing the top positions.
If you want to learn more about becoming a pen tester, this article outlines the various aspects of this role, which should help you decide whether it’s an ideal fit for you. We’ve put together all the relevant information you need to know about this area of ethical hacking.
Read on to learn more about what a pen tester does, as well as any skills, education, and certifications that are required or helpful for securing work. We reveal how to become a pen tester and cover the latest information about penetration tester salary expectations and where to find the top jobs.
What is penetration testing?
Penetration testing essentially involves an authorized simulated cyberattack, with the aim of finding out how to improve the security of the system. A penetration tester wants to find holes in a system before a hacker can.
Penetration testing aims to prevent ‘black-hat hacking’, which involves breaking into a system with malicious intent. The intention of a black hat hacker might be to install malware, hold computers hostage, or steal passwords, credit card numbers, or other private information.
A penetration tester will carry out a simulated version of these activities by breaching a number of application systems, such as application protocol interfaces (APIs) and frontend/backend servers. This process can be completed manually or using automated software. Penetration testing provides insights that can then be used to fine-tune security, preventing unethical hacks from taking place.
A penetration tester will often carry out an ethical hack in a five-step process:
- Planning: This involves defining the test goals and gathering intelligence.
- Scanning: A penetration tester employs scanning tools to understand how a target responds to an intrusion.
- Gaining access: A pen tester stages web application attacks to uncover a target’s vulnerabilities.
- Maintaining access: An advanced persistent threat (APT) (a prolonged and targeted cyberattack) is imitated to see if a vulnerability can be exploited to maintain access.
- Analysis and WAF configuration: A penetration tester uses the results of his or her simulated cyberattack to configure web application firewall (WAF) settings before testing is run again. This process is repeated until the system is secure.
What does a penetration tester do?
Your exact role as a penetration tester will depend on the organization you work for, as well as your title and the level of seniority of your role. Nonetheless, here are some of the tasks you may see included a penetration tester job description:
- Gathering and analyzing open source intelligence (OSINT) – information from public sources – to find information disclosures (when an application reveals sensitive information).
- Providing expertise on security and testing defensive mechanisms for the organization.
- Conducting assessments on a wide range of technologies, using both automated tools and manual approaches.
- Developing scripts, tools, and methodologies to improve testing processes.
- Testing both wired and wireless networks for any security vulnerabilities.
- Examining results from the assessment to identify findings and develop a holistic view of the system.
- Identifying the root cause of both technical and non-technical findings.
- Publishing a report that documents the findings from the assessment while identifying potential countermeasures.
- Keeping track of and communicating findings from multiple assessments.
- Communicating the methods used to complete assessments.
- Providing technical support in the organization.
There are many useful tools that penetration testers use to carry out their tests. These include Kali Linux, nmap, Metasploit, Wireshark, and John the Ripper, all of which are designed to help pen testers find weaknesses in a system.
What skills are required to become a penetration tester?
Just like with other fields of cybersecurity, penetration testing requires a specific skill set. Based on the duties that a penetration tester will carry out you can expect to need the following core skills in this line of work:
- Knowledge of vulnerabilities outside of tool suites. This means being able to detect vulnerabilities without relying on tools such as Metasploit. As a penetration tester, you don’t want to be helpless if you can’t use a certain tool. The best penetration testers don’t just copy what vulnerability scanners say.
- In-depth understanding of secure web communications and technologies. You need to understand the ins and outs of web communication and technology as well as – and preferably better than – any unethical hacker.
- The ability to write code.
Aside from these core hard skills, there are also various soft skills that a penetration tester will need, such as:
- Attention to detail
- Analytical skills
- The ability to think creatively and strategically
- Ethical integrity (so you can be trusted to deal with confidential information)
- Being a team player
- Excellent written and spoken communication such that you can explain your methods to both a technical and non-technical audience
- Good time management and organizational skills including the ability to meet deadlines
Aside from the above, you need to be an active learner who stays up to date with the latest technology and black-hat hacking techniques. To ensure no security breaches take place, you should always be eager to refine your skills and stay one step ahead of bad actors.
How to become a penetration tester
So, you’ve decided that a pen tester is an appealing career path, but what are the necessary steps to actually obtaining a role in this field? We have devised five steps you should take in order to make this career path a reality.
Here’s how to become a penetration tester:
- Devise a plan
- Consider earning a degree
- Scope out certifications
- Conduct a job search
- Extend your learning
Let’s explore these steps in more detail:
1. Devise a plan
Even if you know that you want to become a penetration tester, you still need a career plan. First, you need to map out how to get started including becoming adept at penetration testing skills, either through self-education or formal education. Next, you may want to think about whether you want to work for a private firm or a government organization. And of course, both private firms and government organizations cover a wide range of areas, such as education, finance, energy, transport, environment, and so on.
It’s also worth thinking about what area of penetration testing you want to get involved in, as this career area has many subsets and specializations. Once you’ve chosen a particular career path aligned with your values, interests, personality, and goals, you should find out what the requirements are for that position. You can contact recruiters directly to enquire if any qualifications are required or preferred.
2. Consider earning a degree
As mentioned previously, it is not necessary to earn a degree to become a penetration tester. Many people, such as those who used to engage in unethical hacking, taught themselves how to hack. There are plenty of resources and tools online that can assist you in this self-education. With enough practice on your own, you can be ready for an entry-level – or even a higher level – penetration testing position.
On the other hand, a relevant degree can also be incredibly useful in giving you the knowledge and skills to carry out penetration testing. It can be a way of learning the skills more efficiently and gaining insights you might miss through self-education. Studying under the direction of experienced professors, as well as alongside other students, can be greatly beneficial.
Degree fields relevant to pen testing include computer science, engineering, cybersecurity, and IT. Reputable degrees worth considering include:
- Rice University’s BA in Computer Science
- Bellevue University’s Bachelor of Science Cybersecurity Degree
- Norwich University’s Bachelor of Science in Cyber Security
See also: Best Online Degrees in Cybersecurity
3. Scope out certifications
Certifications can be useful in broadening your knowledge of penetration testing. Some recruiters may require or prefer certain certifications. If there is a specific role you want to pursue, make sure to research the certifications needed, as you don’t want to waste any time or money on an irrelevant certificate. The top penetration testing certificates include:
- CEH – Certified Ethical Hacker Certification
- GIAC’s (Global Information Assurance Certification) GPEN certification
- IACRB’s CPT – Certified Penetration Tester
- IARCB’s CEPT – Certified Expert Penetration Tester
- CompTIA’s PenTest+
- ESCA – EC Council Certified Security Analyst
4. Conduct a job search
Once you’ve educated yourself to a sufficient level, either through self-learning, a university degree, or certifications (or a combination of these), you can start looking for work. If you have little to no experience as a penetration tester, you will need to focus on entry-level positions. However, if you have some experience, as many pen testers in training do, then you can apply for mid-level positions.
Here are some resources you can check for governmental positions:
If you think you’d rather work in the private sector, there is no shortage of great companies that hire penetration testers. Some of the top companies worth researching are:
You can also find plenty of penetration testing jobs on the major job sites, such as LinkedIn, Indeed, Monster, Glassdoor, and ZipRecruiter, as well as niche sites like CyberSecJobs.com and CyberSecurityJobsite.com.
See the salary section below for companies that pay particularly well in the field of penetration testing.
5. Extend your learning
Landing a job is just one part of the equation when pursuing a career in penetration testing. The other is how you develop in that role or in other roles you move into over time. By continuing to deepen your understanding and refine your skills, you can reach your career objectives quicker, as well as expand your goals, opening yourself up to many more exciting opportunities.
Options for further learning include pursuing a Master’s degree, gaining additional certificates, or supplementing your knowledge by educating yourself on white and black hat hacking in your spare time.
Many Master’s degrees related to penetration testing can be completed online and on a part-time basis, making it possible to integrate your studies with a job and other aspects of your life. It’s even worth asking if your employer will help fund your studies or give you time off in order to complete them.
A few online Master’s degrees to consider are:
- UC Berkeley School of Information’s Master of Information and Cybersecurity (MICS)
- A. James Clark School of Engineering’s Masters of Engineering in Cybersecurity
- University of Delaware’s Master of Science in Cybersecurity
You might, however, want to take a step in another direction and explore a more specific area of cybersecurity. For example, a degree in cybercrime law could appeal to you if you’re more interested in the legal side of hacking.
Penetration testing salary
You may be wondering about the salary prospects for a penetration tester. The good news is that remuneration, including starting salaries for entry-level positions, tends to be quite high. This is because pen testers play a crucial role in maintaining the long-term security of a company’s IT system, so their skills are very much in demand.
When researching salaries for pen testers, you may find a range in terms of the average. A reliable site for checking this information is PayScale, as it aggregates salaries from other sites. According to PayScale:
- The average salary for a penetration tester is $85,167.
- The range of pay for penetration testers is $58,000–$136,000.
It also offers valuable data showing you how you might expect to see your salary increase over time:
|<1 year||1–4 years||5–9 years||10–19 years||20+ years|
Eager to aim for the best-paying jobs? Further information from PayScale identifies some of the top employers of penetration testers and reveals what they pay for the role:
- Booze, Allen, and Hamilton: $81,691
- Acme, Inc.: $109,927
- Paylocity: $97,663
- IBM: $102,510