Your Next Move: Penetration Tester

by Brianna White | Oct 20, 2017
Your Next Move: Get the Inside Scoop on IT Job Roles

This article is part of an IT Career News series called “Your Next Move.” These articles take an inside look at the roles related to CompTIA certifications. Each article includes the responsibilities, qualifications, related job titles and salary range for the role. As you consider the next move in your IT career, check back with CompTIA to learn more about your job prospects and how to get there.

Attackers are sophisticated and unpredictable, so it’s important to try and understand their motives and approach. Penetration testers are security experts who act like bad guys to identify weaknesses in a network. These weaknesses, also called vulnerabilities, must be managed properly to avoid compromise. Penetration testing and vulnerability management helps prevent cyber-attacks.

What Is a Penetration Tester?

A penetration tester, or pen tester, is considered a white hat or good hacker. Although they must think like a bad guy, the end goal is to help organizations improve their security practices to prevent theft and damage. Pen testers target traditional operating systems and devices as well as emerging technology, including Internet of Things (IoT) devices, mobile devices, embedded systems and more.

Some responsibilities include:

  • Applying appropriate tools for penetration testing.
  • Performing social engineering tests and reviewing physical security where appropriate.
  • Keeping up to date with latest testing and hacking methods.
  • Collecting data and deploying testing methodology.
  • Locating, assessing and managing vulnerabilities.
  • Making suggestions for security improvements and preparing technical responses to security questions.

How to Become a Penetration Tester?

Penetration tester is not an entry-level job – you must gain IT and cybersecurity experience first. To start out, you could work as a systems administrator or programmer to become knowledgeable about how systems work, so finding flaws becomes second nature to you. Having a good understanding of computing operating systems, such as Linux, and network technology is important. Being able to comprehend scripting language also helps, but to be effective you will need operational experience as well. Certifications like CompTIA Security+, CompTIA Cybersecurity Analyst (CySA+) and CompTIA Linux+ can help you validate the skills and experience you have as you work toward your next move.

The Details

Salary Range

The average salary for a penetration tester is $101,000 a year (

Job Outlook

Penetration tester employment is projected to grow 18 percent from 2014 to 2024, much faster than the average for all occupations (U.S. Bureau of Labor Statistics).

Job Titles Related to Penetration Testers

  • Security Analyst
  • Application Security Analyst
  • Vulnerability Assessment Analyst
  • Lead Security Analyst

Read about more IT jobs featured in Your Next Move.

Will your next move be penetration tester? If so, CompTIA Security+, CompTIA CySA+ and CompTIA Linux+ can help you take the next step. Watch for our latest certification, CompTIA Penetration Tester (CPT+), coming in 2018.


  • Zach

    Tuesday, October 24, 2017

    Will CompTIA be extending any beta spots for the CPT+ exam?

  • Tuesday, October 24, 2017

    Yes, CompTIA will host a CPT+ beta exam in Q1 of 2018. We will need IT professionals with 3-4 years of experience in penetration testing and vulnerability assessment and management to take it. As we approach the date, we will launch a CPT+ certification website to advertise the event and reach out to the IT pro community. Stay tuned!

  • James McLaughlin

    Saturday, November 11, 2017

    Yes please send me anything you have on these beta sites I have been pursuing a penetration certification for a while now.

  • Monday, November 13, 2017

    Hi, James! Watch this page for announcements about the beta exam. Good luck!

  • Djole

    Sunday, December 17, 2017

    Hello, I was wondering will this exam is going to be more hands-on focused (something like "OSCP light") or will it be still along the lines of Security+ or CySA+ (predominantly MCQs with a few PBQs/labs)? Thank you.

  • Tuesday, December 19, 2017

    Hi, Djole! The penetration tester exam will include performance-based questions, which are the hands-on skills required for the job, as well as multiple choice. It will assess vulnerability and management skills used to identify weaknesses and manage them.

  • Michael

    Thursday, December 21, 2017

    Has the Details on the Beta Exam come out yet, and what if ware already at the CASP level?

  • Thursday, December 21, 2017

    Hi, Michael! The details of the beta will be released in January, so stay tuned! Even if you already have CASP, you can go back and get CompTIA Cybersecurity Analyst and the forthcoming penetration tester certification to dive deeper into red and blue team skills. Read more about the CompTIA Cybersecurity Career Pathway here:

  • Manuel

    Monday, January 8, 2018

    Hi, any news on the beta test yet?

  • Tuesday, January 9, 2018

    Hi, Manuel! We are still developing the exam but expect to release the beta in the first half of this year. You can watch this page for updates: If you would like to and are qualified to assist in developing the exam, we are looking for subject-matter experts to participate in an item writing workshop in February. Read more here:

  • John

    Friday, January 19, 2018

    Any word on the Pentest+ beta exam yet?

  • Thursday, January 25, 2018

    Hi, John! The beta exam will be available beginning January 31, 2018. Read more about the forthcoming exam here:

  • Tara

    Sunday, February 11, 2018

    Looks for sample questions, but it does not appear to be any available. Please assist.

  • Tuesday, February 13, 2018

    Hi, Tara! Thanks for your comment. We release sample questions after our exams have been in the market. Because CompTIA PenTest+ is not in market yet, there are not sample questions available. Check back in August, after the exam has been out for a month or so. Good luck!

  • Andrew Davidson

    Wednesday, March 14, 2018

    when do the results of the beta test come out so you know if you passed or not?

  • Thursday, March 15, 2018

    Hi, Andrew! At the end of the beta exam period, a numbered score will be issued - no exam objectives will appear in those results, though. Pass/fail information will be available this summer, and candidates will be notified. Good luck!

Leave a Comment

Boost your Career with a Certification

Find out more about our Certifications

How to get Certified

4 Steps to Certification

Already certified? Let us and others know!

Share Your Story