While no career is entirely future-proof, entering the world of IT—and more specifically, cybersecurity—is a very safe bet. The importance of network security continues to grow as more businesses use, collect, and share data as part of their daily practices. In fact, open cybersecurity positions have grown by 350% in the past eight years and there are currently 3.5 million unfilled jobs in the global market.
In addition to exceptional career stability, what attracts many to information technology is the wide variety of jobs that it affords. Whether your passion lies in cybersecurity or cybercrime, automation or AI, there’s undoubtedly a rewarding, well-paying position waiting for you. Take penetration testing, for example. These “ethical hacker” positions attract curious minds with advanced technical skills for security testing vulnerabilities in digital systems and computing networks.
Sounds exciting, right? Let’s explore the exciting domain of penetration testing, including defining what a penetration test (pen test) is, what penetration testers do, and how to become one.
What is a penetration test?
Also known as a pen test or white-hat hacking, a penetration test is a simulated cyberattack against one’s computer system to find exploitable security vulnerabilities. It helps organizations manage risk, protect clients from data breaches, and increase business continuity. It also helps companies in highly regulated industries like banking, service, and healthcare stay compliant.
Basically, pen testing let businesses know, “Is my data easy to steal?” And this is a very important question to answer. IBM estimates that U.S. companies lose an average of $7.35 million per data breach!
Now that we know why pen testing is so imperative, let’s look at what’s involved. Penetration tests usually have five stages:
Planning—The pen tester determines the goals for the test and does preliminary system reconnaissance.
Scanning—Next, the tester analyzes or “scans” the system to determine how it will respond to their attack.
Breaching—Here, the tester uses cross-site scripting, SQL injection, backdoors, or other strategies to pinpoint where they can break into the system.
Burrowing—Now, the penetration tester sees how long they can stay in the system, what data is compromised, and how much deeper they can burrow into it.
Analyzing—The tester does a detailed configuration review and reports on the results.
Outside of network security testing, pen tests also challenge an organization’s incident response capabilities—i.e., how prepared they are to respond to an attack. The logic here is that the more practice companies get, the better they’ll cope with a real incident.
Penetration testing services.
This leads us into the different categories of testing that you might run as an ethical hacker. Five general services meet varying needs for web applications or software:
External testing
An external penetration test targets company assets that are visible to external parties, such as websites, web applications, domain name servers (DNS), and emails. The goal of these tests is to see if hackers can gain access to and extract data from external systems. This type of penetration testing measures your vulnerability to outside attackers.
Internal testing
An internal penetration test simulates an attack by a malicious insider—someone with access to systems behind a company’s firewall. This pen testing method can be also used to screen employees on their vulnerability to external social engineering or phishing attacks where their credentials can be stolen.
Blind testing
In a blind test, pentesters are given the name of the enterprise that’s being targeted. This gives security personnel a real-time look into how an actual application assault would take place. It's a great way to measure vulnerability in penetration testing that isn't as controlled.
Double-blind testing
In a double-blind test, security personnel have no advance knowledge of a simulated attack. This stops them from shoring up their defenses before an attempted breach and provides a more realistic picture as to what areas need to be addressed. Vulnerability is really clear inside this penetration testing method, because security personal aren't ready for pentesters to hack, so they have to rely on their processes and strategies.
Targeted testing
Lastly, in targeted testing, both the tester and security work together—keeping each other apprised of their movements. This gives the entire pen test team invaluable real-time feedback from a hacker’s point of view. This type of penetration testing is less about vulnerability and more about understanding the best strategies to implement moving forward.
What do penetration testers do?
Penetration testing is often confused with vulnerability testing. In actuality, these are two distinct cybersecurity specializations. Penetration testers source flaws and weaknesses in existing, active systems such as websites, data storage systems, and other IT assets. Vulnerability testers, on the other hand, look for system flaws and weaknesses during a security program’s design and setup phases. While penetration testing and vulnerability testing are both critical, they have unique responses and strategies.
At a high level, pen testers help their clients avoid the loss of consumer confidence and public relations fallout that accompany network security hacks. They also help them implement sound digital security measures that fit within set budgetary constraints.
In addition to the industries we already covered (banking, service, and healthcare), many companies in the technology and information security sectors hire a large number of penetration testers—as do government and private-sector organizations.
Roles and responsibilities.
As for their day-to-day responsibilities, ethical hackers spend most of their time running assessments and tests. These testers can work on-site or remotely and target both internal and external assets (as discussed earlier). A typical day can include:
Using open-source intelligence (OSINT) to determine a simulation’s strategy and timing for bypassing a system’s security measures.
Executing the actual test. Sometimes penetration testers play the role of an outside hacker and other times they simulate the internal cybersecurity specialist trying to stop them.
Using social engineering, phishing scams, or other false breaches to evaluate existing security protocols and responses from targeted employee groups.
Generating detailed reports on how security protocols were bypassed and to what degree.
Making recommendations for improving network security.
Researching new hacking tools and devising their own.
Career path.
Penetration testing professionals often work in teams with junior and senior associates. Junior members usually handle supporting functions and roles, while senior leaders actually plan and design the team’s testing procedures.
Your career as a pen tester will move from junior to senior opportunities as you build experience. And, after mastering your profession, you can move into other management positions, including:
IT security manager
IT security architect
Cybersecurity analyst
Director of cybersecurity
Information security director
How to become a penetration tester.
Education.
The typical journey to becoming a penetration tester begins with gaining basic technical skills and functional working knowledge of operating systems, coding, scripting, and programming. From there, you can work on getting your bachelor’s degree in computer science, IT, cybersecurity, or computer engineering. A degree in information assurance is especially suited for this occupation.
If you’d like to do both simultaneously—gain work experience and get your education—there are many respected online degree programs with flexible scheduling and access options. You should also look for a program that includes applicable certifications, as these certs can:
Help differentiate you from other candidates when looking for a job.
Improve your skills and help you do better in your role.
Position you for promotions or advanced-level opportunities.
For reference, here are the certs that are most relevant for a career in penetration testing services:
Certified Cloud Security Professional (CCSP)–Associate of (ISC)² designation
Systems Security Certified Practitioner (SSCP)–Associate of (ISC)² designation
Certified Encryption Specialist (EC-Council ECES)
A+ (CompTIA)
Cybersecurity Analyst Certification, CySA+ (CompTIA)
Network+ (CompTIA)
Network Vulnerability Assessment Professional (CompTIA)
Network Security Professional (CompTIA)
Security Analytics Professional (CompTIA)
Security+ (CompTIA)
Project+ (CompTIA)
PenTest+ (CompTIA)
IT Operations Specialist (CompTIA)
Secure Infrastructure Specialist (CompTIA)
ITIL®1 Foundation
After you’ve gained several years of experience, earned your bachelor’s, and acquired several certifications, you may also want to consider getting a graduate degree in IT—such as in cybersecurity or IT management. This will help you move into leadership roles and give you a large jump in pay.
Skills.
Being an effective penetration tester requires both creativity and technical chops. Here are the most common hard and soft skills you’ll need for success:
Hard skills
Deep understanding of system exploits and security vulnerabilities (beyond automated approaches).
Good working knowledge of scripting and coding.
Excellent working knowledge of networking and network protocols—TCP/IP, UDP, ARP, DNS, and DHCP.
Advanced command of various operating systems.
Soft skills
Fast learner—Technology and hacker strategies continually evolve. You must stay current on the latest developments.
Team player—You’ll most likely work in a team starting as a junior member.
Excellent communicator—You’ll need to articulate findings in a succinct, easy-to-follow manner that non-tech people can understand.
Solid writer—Writing reports for senior management is a big part of the job.
Penetration tester salary.
In addition to being a rewarding job (you get to work as a full-time ethical hacker!), penetration testing also pays extremely well. According to PayScale, the average annual salary for a pen tester is $85,478. However, Indeed puts the average at $118,708.
Experience and education certainly account for these differences. For example, PayScale reports the average pay for penetration testers with one to four years of experience is $79,000 but lists the pay for professionals with 10 to 19 years of experience at $119,000.
If you earn your master’s degree and target a director-level job in the IT department, such as information security director, you could earn even more. This position’s average annual pay is $177,513 according to Salary.
Great pay, challenging and exciting work, and lots of room for advancement in an industry that’s booming. Being a pen tester definitely has its perks. If you’re technically inclined and have the discipline to pay your dues and get your degree(s), it’s definitely worth the investment. Here’s to a rewarding and lucrative career!