A group of ethical hackers work in a government IT office

A Key Role in Cyber Security: How to Become a Penetration Tester


Ongoing and radical data breaches and cyberattacks highlight cyber security’s importance to protect digital networks across all industries. Cyber security professionals protect personal and company data. One role gaining prominence in this industry is the penetration tester. These information technology (IT) professionals use their strong knowledge of system networks and coding languages to hack computer systems, networks, or web applications — sometimes within their own organizations — to uncover vulnerabilities prior to attacks.

What Is a Penetration Tester?

Penetration testers, also known as ethical hackers and pen testers, apply advanced programming skills in system administration and coding languages across multiple platforms. In testing network vulnerabilities, they provide security insights and tangible steps to mitigate future cyberattacks.

Aspiring penetration testers require a deep knowledge of technology that includes a strong command of coding languages and operational platforms. A successful penetration tester draws on a combination of formal study and continuous technology adaptation to generate reports and work within a larger team. Penetration testers may work in a consultancy role, a tech company, or the IT department of a larger business. While salaries depend on employment location, they earn an average of $81,460, according to a May 2019 PayScale compensation report.

Steps to Become a Penetration Tester

The path to becoming a penetration tester varies; but, some standard steps lead into this career.

Academic Preparation

Individuals interested in how to become a penetration tester initially should pursue an undergraduate degree in a related field such as cyber security, system administration, computer science, or IT. These degrees offer students a strong understanding of the foundational science, techniques, and systems that supports this role. 

While an undergraduate degree serves as a strong starting point, an advanced degree offers even more mobility and access to higher level positions. For example, a Master’s in Cybersecurity boosts credentials to open the door to new opportunities. As digital protection is vital to every enterprise in any industry, an advanced degree helps penetration testers gain the skills needed to remain on the cutting edge of cyber security.

Get the Right Certifications

Many in the cyber security industry, including those pursuing careers in penetration testing, choose to earn an ethical hacking certification. Many organizations including the U.S. Department of Defense and private companies within the healthcare, finance, and technology industries require their tech staff to hold a Certified Ethical Hacker (CEH) qualification. To earn this certification, individuals must pass an exam that covers core techniques and skills. In addition to earning CEH certification, some digital security experts pursue a Certified in Risk and Information Systems Control (CRISC) or security analysis certification.

Gain On-the-Job Experience

As the IT industry continues its rapid evolution, many growth possibilities exist within cyber security. On-the-job experience in critical area such as network administration, software development, systems engineering provide the skills necessary for more advanced roles managing and overseeing cyber security efforts. 

The Future of Penetration Testing

Recognition of the importance of a penetration tester in cyber security increases demand for these advanced IT professionals. According to the BLS, the information security analyst occupation will grow by 28% from 2016 to 2026, compared with 7% for all occupations. This need exists largely as a result of limited options as the current workforce simply doesn’t have the skills to address cyber security issues. In fact, Forbes reports as many as 3.5 million unfilled cyber security positions by 2021 as a result of the talent gap.

Job security for penetration testers is likely to remain strong as critical communications and business systems move online. In a continuously changing IT ecosystem, corporations must ensure the security of their digital assets.

Learn More

As the nation’s oldest private military college, Norwich University has maintained a leader position in innovative education since 1819. Through its online programs, Norwich delivers relevant and applicable curricula that allow students to make a positive impact in the workplace and communities. Norwich University has a tradition of values-based education where structured, disciplined, and rigorous studies create a challenging and rewarding experience. Online programs, such as the Master of Science in Cybersecurity offer a comprehensive curriculum that supports cyber security careers.

Norwich University is designated as a Center for Academic Excellence in Cyber Defense Education by the National Security Agency and Department of Homeland Security. Its program offers five unique concentrations designed to provide an in-depth examination of policies, procedures, and structure of an information assurance program.

Recommended Readings:
How to Become a Cyber Security Engineer
Information Assurance vs. Information Security
The 5 Pillars of Information Assurance

Global Penetration Testing Market Expansion to Be Persistent During 2018-2026, Business Herald
“The Cybersecurity Talent Gap Is an Industry Crisis,” Forbes
“What Is a Penetration Test and Why Would I Need One for My Company?,” Forbes
Master of Science in Cybersecurity, Norwich University
Average Penetration Tester Salary, PayScale
“The Cybersecurity 202: Here Are the 55 Things the U.S. Government Most Needs to Protect Against Cyberattacks,” The Washington Post
Information Security Analysts, U.S. Bureau of Labor Statistics
Stop.Think.Connect, U.S. Department of Homeland Security