Penetration testing

How to Advance In Your Career as a Penetration Tester

Graeme Messina
July 31, 2018 by
Graeme Messina

Penetration testing is essential for maintaining security in modern enterprises, with some organizations hiring staff specifically for this purpose as part of an ongoing security-hardening process. Penetration testing is effective because it allows your security team to intelligently target parts of your system without being too general. This has added benefits: it saves the company time and money as the tests can be carried out in a controlled and modular fashion.

But how do you, as a security professional, advance your own career as a penetration tester? How would you even get started towards such a goal? Perhaps you are already working as a penetration tester, but are looking for ways to advance your career prospects and adding to your skills? We’ll try to cover some of the most important information that relates to finding your way towards getting started, or getting further, as a penetration tester.

Earn two pentesting certifications at once!

Earn two pentesting certifications at once!

Enroll in one boot camp to earn both your Certified Ethical Hacker (CEH) and CompTIA PenTest+ certifications — backed with an Exam Pass Guarantee.

Why Pentesting?

If you are a person that enjoys coming up with unique and sophisticated fixes to problems, then pentesting could be just the job role that you are looking for. It’s a blend of cybersecurity, system administration, application development, programming and more. Perhaps you have an interest in all of the above fields, but you lack natural ability. What then?

There are many related fields that remain in the realm of information security but are not so technically demanding in the sense of being hands-on out in the field. A certification such as the CISSP (Certified Information Systems Security Professional) can help to move your information security career into a managerial or governance role. To find out the current requirements for the CISSP, take a look here.  

Pentesters have excellent earning potential, with PayScale showing that the average salary for a qualified pentester is just over $80,000 USD per year. Other factors such as bonuses, profit sharing and commissions offer even more value for such professionals.

What Career Path Should You Take?

Due to the specialized nature of IT security and penetration testing in general, there are some specific steps that you should definitely follow if you are going to pursue a career as a pentester. Most pentesters have a college degree in computer sciences or a qualification that is recognized as being compliant with the Center for Academic Excellence.

In addition to this, it is necessary for people considering a career in penetration testing to have certifications that offer both practical, hands-on experience, with a strong focus on ethical hacking. Whichever certifications you decide to take, you must ensure that they are DOD 8570-compliant. This means that it is a trusted certification that the DOD see as being good enough for their own employees, which carries stringent requirements.

Getting Started

Pentesting is basically the same as hacking systems, but with permission from management and the company’s knowledge of the activity. Crucially, though, the activity that is carried out is not harmful and can be reversed if need be after the testing has been completed. The reason that it is done in this way is so that if there are any weaknesses or vulnerabilities in the security of the system, then the pentester will find them before anybody else does.

Getting started with hacking can be tricky if you are looking to land a role with a company, especially if you do not have relevant real-world experience. Luckily, there are many different ways that you can learn about and practice different hacking skills.

CTF Challenges

CTF, or Capture the Flag challenges, are a fun way for people that are interested in learning to hack to get involved with basic hands-on challenges. A CTF challenge can be either hosted remotely so that you connect to a website and start solving challenges, or it can be a tournament that is hosted at a central location, where teams of people compete under one roof. Each challenge reveals a solution, also known as a flag, and is valued with a different point score for each one. At the end of the challenge, the team or individual with the most points wins. The challenges start off easy so that beginners can participate and start to learn the basics, but they get progressively more difficult; eventually, only those with advanced programming, cryptography and application-development skills are able to solve challenges.

Web Training Resources

Web application hacking is another skill that pentesters need to develop, as web attacks are very common. There are many different resources on the Internet that offer poorly written websites for you to hack legally, so that you can learn the basics about what vulnerabilities make a website or web application open to attack and how you could protect such sites from attacks.

Internships and Volunteering

If you have the necessary skills that would form a decent foundation for pentesting, such as programming, scripting, development and cybersecurity, then volunteering your time could be a good way for you to gain valuable experience. Internships can also help to give you real world skills when it comes to cybersecurity jobs such as pentesting, even if the role that you take on isn’t explicitly as a pentester. Don’t be afraid to work your way up towards the role of pentester, especially if you lack the experience that is required in the beginning.

Advancing Your Pentesting Career

One of the most effective ways of increasing your earning potential and advancing your career as a pentester is to prove your ethical hacking abilities with certifications. EC-Council is an institution that offers a comprehensive career track for individuals that want to prove their hacking knowledge while making themselves highly desirable to employers.

EC-Council offers internationally recognized certifications that directly relate to penetration testing and ethical hacking. These are:

  • Certified Network Defender
  • Certified Ethical Hacker
  • Certified Ethical Hacker (Practical)
  • EC-Council Certified Security Analyst
  • EC-Council Certified Security Analyst (Practical)
  • Licensed Penetration Tester

The CEH and ECSA certifications now offer practical certifications that help candidates to prove to future employers that they possess not only theoretical penetration-testing knowledge but the ability to practically apply this knowledge in real-world scenarios.

These practical exams are grueling tests of knowledge. The CEH Practical gives candidates only six hours to complete all of the simulations, and the ECSA takes up to 12 hours to complete. The exam environment consists of an entire virtual corporate network with real applications and network configurations for candidates to pentest.

By pursuing these certifications, candidates show themselves to be highly proficient at systematically testing computer networks and systems against both known and unknown security vulnerabilities. These abilities make pentesters a valuable asset to the organization and are excellent team members to have on board.

Having more certifications from other providers can also help to boost your desirability in the job market, as employers generally like to see a mixture of both experience and qualifications.

Other popular pentesting certifications include:

  • GIAC: GIAC Certified Penetration Tester (GPEN)
  • Mile2: Certified Penetration Testing Consultant (CPTC)
  • Mile2: Certified Penetration Testing Engineer (CPTE)
  • Offensive Security: Offensive Security Certified Professional (OSCP)

As you can see, there are a lot of different certification options out there for you to pursue. Each one has its own positives and negatives, depending on which direction you wish to take your pentesting career.

Your IT Security Career Path

If you have been working in the information security field for a long time as a pentester, you might be wondering how you could expand out into another role or specialize in another field. Even if you feel like you might have chosen the wrong specialization to focus on, there are still plenty of options out there for pentesters.

This is because being a pentester involves a lot more than simply performing practical, hands-on tasks every day. There are plenty of compliance and administrative tasks that need to be maintained, such as documentation, reporting and client/product owner correspondence. This means that attention to detail, accountability and professionalism need to be at the forefront of a pentester’s work functions, not just an intimate understanding of computer systems.

Pentesters are able to move in many different directions, based on the individual’s interests and skills.

Some examples are:

  • Information Technology Manager
  • Developer/Programmer
  • Consultant

Pentesters are also in a unique situation in many ways; the skills that they learn can be applied to many different industries and work environments, as IT systems share many commonalities. This opens up opportunities for pentesters to pursue freelance work, open consultancies and start their own security businesses.


Pentesting is a growing field, with more companies finding value in employing full-time specialists that can perform vital security tests on internal systems. Finding individuals with the right balance between experience and qualifications can be challenging, which means that if you have the right skills and the desire to continue learning, you could land yourself a dream job as a penetration tester. Hopefully some of the information that we have shown you today will be useful to you as you continue your career in this exciting line of work!



The Growing Need for Cyber-Security Professionals, Baseline

FREE role-guided training plans

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

Penetration Tester Salary, PayScale

Graeme Messina
Graeme Messina

Graeme is an IT professional with a special interest in computer forensics and computer security. When not building networks and researching the latest developments in network security, he can be found writing technical articles and blog posts at InfoSec Resources and elsewhere.