Penetration Tester Salary: Your 2025 Guide

Penetration testers, also known as white hat hackers or ethical hackers, identify vulnerabilities to help organizations secure their systems, data, and devices. Taking proactive measures, also known as offensive security, helps organizations protect against cyberattacks. Read on to learn more about penetration tester salaries and the factors that determine them.

What is the average salary of a penetration tester?

According to Glassdoor, the average salary for penetration testers in the US is $143,000 as of July 2025 [1]. This figure includes base salary and additional pay, which may represent profit-sharing, commissions, or bonuses. Various factors can influence your salary as a pen tester, including experience, skills, certifications, industry, and location. You can learn more about each of the factors that impact your earning potential in the following sections.

Experience

As you gain more professional experience, your earning power tends to increase. The approximate average base salary you can anticipate based on your years of experience is as follows [1]:

• Entry-level penetration tester salary (0–1 year): $90,500

• Junior penetration tester salary (1–3 years): $100,500

• Mid-level penetration tester salary (4–6 years): $114,000

• Senior penetration tester salary (7–9 years): $123,000

In-demand skills

Certain skills or specializations can lead to higher pay and increase your competitiveness in the job market. Here are a few commonly requested skills for this role, according to Payscale, alongside average salaries [2]:

• Vulnerability assessment: $101,013

• Network security management: $79,047

• Security testing and auditing: $97,994

Certified penetration tester salary

Earning relevant certifications can increase your income potential, as organizations often value certified professionals who can significantly strengthen their cybersecurity initiatives. Below are some industry-recognized certifications and Professional Certificates worth exploring:

• Certified Ethical Hacker (CEH)

• GIAC Penetration Tester (GPEN)

• Google Cybersecurity Professional Certificate

• Google Cloud Cybersecurity Professional Certificate

• IBM and ISC2 Cybersecurity Specialist Professional Certificate

• Licensed Penetration Tester (LPT)

• GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)

Industry

The industry you choose to work in can also influence your annual income. Below is a list of industries that tend to offer high salaries for penetration testers, based on Glassdoor data as of July 2025 [1]:

• Information technology: $123,500

• Agriculture: $110,500

• Personal consumer services: $120,000

• Financial services: $120,500

• Health care: $123,500

Location

Your income can vary considerably based on your geographic location, with certain cities offering salaries above average. If you're open to relocating, exploring location-specific salary data can help you make an informed decision. However, keep in mind that if you live in a location with a high cost of living, you’ll require a higher salary than you would in a location with a lower cost of living to afford the same lifestyle.

Highest-paying cities for penetration testers 

The following are the top-paying cities for penetration testers in the US [3]:

• McLean, VA: $169,897

• Chantilly, VA: $150,546

• New York, NY: $148,483

• Arlington, VA: $130,274

• Dallas, TX: $123,989

Company 

Pay varies between firms based on several factors, including company size, financial health, and your level of experience and expertise. Company policies can further impact pay variations. In essence, the differences in pay between companies are influenced by a combination of factors, and it's vital to consider these elements when evaluating job offers and negotiating your compensation.

Highest-paying companies for penetration testers

The following list highlights salary ranges for top-paying companies in the US as of July 2025, according to Glassdoor [1]:

• Microsoft: $121,000 to $193,000

• Coalfire: $96,000–$132,000

• Silpi: $89,000–$143,000

• GLP Attorneys: $85,000–$133,000

• Global Payments: $85,000 to $130,000

Demand for penetration testers

The US Bureau of Labor Statistics predicts a 33 percent increase for information security analysts, a job category that encompasses penetration testers, from 2023 to 2033, with around 17,300 new openings each year [4]. Related job titles to consider include security analyst, ethical hacker, and vulnerability assessment analyst [5].

Prepare for a role as a pen tester with Coursera

If you're already in a cybersecurity role and considering transitioning into penetration testing, consider enrolling in IBM's Penetration Testing, Threat Hunting, and Cryptography course, where you'll learn fundamentals like test planning, reporting methods, and industry-standard techniques.

If you’re interested in starting a career in cybersecurity, consider the Google Cybersecurity Professional Certificate on Coursera. This program is designed ​​to help individuals with no previous experience find their first job in the field of cybersecurity. The courses cover topics such as security models and tools that are used to access and address threats.