Learn about average penetration tester salaries based on experience, location, industry, and more.
Penetration testers, also known as white hat hackers or ethical hackers, identify vulnerabilities to help organizations secure their systems, data, and devices. Taking proactive measures, also known as offensive security, helps organizations protect against cyberattacks. Read on to learn more about penetration tester salaries and the factors that determine them.
According to Glassdoor, the average salary for penetration testers in the US is $143,000 as of July 2025 [1]. This figure includes base salary and additional pay, which may represent profit-sharing, commissions, or bonuses. Various factors can influence your salary as a pen tester, including experience, skills, certifications, industry, and location. You can learn more about each of the factors that impact your earning potential in the following sections.
As you gain more professional experience, your earning power tends to increase. The approximate average base salary you can anticipate based on your years of experience is as follows [1]:
Entry-level penetration tester salary (0–1 year): $90,500
Junior penetration tester salary (1–3 years): $100,500
Mid-level penetration tester salary (4–6 years): $114,000
Senior penetration tester salary (7–9 years): $123,000
Certain skills or specializations can lead to higher pay and increase your competitiveness in the job market. Here are a few commonly requested skills for this role, according to Payscale, alongside average salaries [2]:
Vulnerability assessment: $101,013
Network security management: $79,047
Security testing and auditing: $97,994
Earning relevant certifications can increase your income potential, as organizations often value certified professionals who can significantly strengthen their cybersecurity initiatives. Below are some industry-recognized certifications and Professional Certificates worth exploring:
GIAC Penetration Tester (GPEN)
IBM and ISC2 Cybersecurity Specialist Professional Certificate
GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
The industry you choose to work in can also influence your annual income. Below is a list of industries that tend to offer high salaries for penetration testers, based on Glassdoor data as of July 2025 [1]:
Information technology: $123,500
Agriculture: $110,500
Personal consumer services: $120,000
Financial services: $120,500
Health care: $123,500
Your income can vary considerably based on your geographic location, with certain cities offering salaries above average. If you're open to relocating, exploring location-specific salary data can help you make an informed decision. However, keep in mind that if you live in a location with a high cost of living, you’ll require a higher salary than you would in a location with a lower cost of living to afford the same lifestyle.
The following are the top-paying cities for penetration testers in the US [3]:
McLean, VA: $169,897
Chantilly, VA: $150,546
New York, NY: $148,483
Arlington, VA: $130,274
Dallas, TX: $123,989
Pay varies between firms based on several factors, including company size, financial health, and your level of experience and expertise. Company policies can further impact pay variations. In essence, the differences in pay between companies are influenced by a combination of factors, and it's vital to consider these elements when evaluating job offers and negotiating your compensation.
The following list highlights salary ranges for top-paying companies in the US as of July 2025, according to Glassdoor [1]:
Microsoft: $121,000 to $193,000
Coalfire: $96,000–$132,000
Silpi: $89,000–$143,000
GLP Attorneys: $85,000–$133,000
Global Payments: $85,000 to $130,000
The US Bureau of Labor Statistics predicts a 33 percent increase for information security analysts, a job category that encompasses penetration testers, from 2023 to 2033, with around 17,300 new openings each year [4]. Related job titles to consider include security analyst, ethical hacker, and vulnerability assessment analyst [5].
If you're already in a cybersecurity role and considering transitioning into penetration testing, consider enrolling in IBM's Penetration Testing, Threat Hunting, and Cryptography course, where you'll learn fundamentals like test planning, reporting methods, and industry-standard techniques.
If you’re interested in starting a career in cybersecurity, consider the Google Cybersecurity Professional Certificate on Coursera. This program is designed to help individuals with no previous experience find their first job in the field of cybersecurity. The courses cover topics such as security models and tools that are used to access and address threats.
Glassdoor. “Salary: Penetration Tester in the United States, https://www.glassdoor.com/Salaries/penetration-tester-salary-SRCH_KO0,18.htm.” Accessed July 16, 2025.
Payscale. "Penetration Tester Salary, https://www.payscale.com/research/US/Job=Penetration_Tester/Salary." Accessed July 16, 2025.
Indeed. "Penetration Tester Salaries, https://www.indeed.com/career/penetration-tester/salaries." Accessed July 16, 2025.
US Bureau of Labor Statistics. “Information Security Analysts: Occupational Outlook Handbook, https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm.” Accessed July 16, 2025.
CompTIA. "Your Next Move: Penetration Tester, https://www.comptia.org/en-us/blog/your-next-move-penetration-tester/." Accessed July 16, 2025.
Editorial Team
Coursera’s editorial team is comprised of highly experienced professional editors, writers, and fact...
This content has been made available for informational purposes only. Learners are advised to conduct additional research to ensure that courses and other credentials pursued meet their personal, professional, and financial goals.