Choose from a wide range of CV templates and customize the design with a single click.
Use ATS-optimised CV and resume templates that pass applicant tracking systems. Our CV builder helps recruiters read, scan, and shortlist your CV faster.
Use professional field-tested resume templates that follow the exact CV rules employers look for.
Create CV
Use professional field-tested resume templates that follow the exact CV rules employers look for.
Create CVIf you're searching “ethical hacker salary US” or asking how much an ethical hacker makes in the USA, the real answer depends on far more than just experience.
Ethical hackers—also known as penetration testers or offensive security specialists—operate in one of the fastest-growing and highest-demand areas of cybersecurity. However, compensation varies significantly depending on certifications, specialization (web, network, red team), and industry (consulting vs Big Tech vs government).
This guide breaks down real US salary ranges, total compensation structures, and how offers are actually determined by recruiters and security hiring managers—so you can understand what you should earn and how to maximize your income.
Entry-Level (0–2 years): $70,000 – $100,000
Mid-Level (3–6 years): $95,000 – $140,000
Senior (7–12 years): $130,000 – $180,000
Lead / Principal (12+ years): $170,000 – $230,000+
Average base salary: $115,000 – $130,000
Median total compensation: $130,000 – $160,000
Per year (average): $130K – $160K total compensation
Per month: $10.5K – $13.5K
Top 10% earners: $200K – $350K+
Monthly earnings vary depending on:
Bonus payouts
Bug bounty participation
Consulting billing rates
$70K – $100K base
$75K – $110K total compensation
Entry-level hiring is heavily influenced by:
Certifications (OSCP is highly valued)
Hands-on labs (Hack The Box, TryHackMe)
Internship or CTF experience
Recruiter Insight: Without real-world testing experience or certifications, candidates often struggle to break into ethical hacking roles.
Entry-level: $75,000 – $110,000
Mid-level: $110,000 – $170,000
Senior: $150,000 – $220,000
Top-tier (Big Tech / elite red teams): $220,000 – $350,000+
Key Insight: Ethical hackers with strong offensive security skills and certifications (OSCP, OSCE, CISSP) can command salaries comparable to senior software engineers.
$95K – $140K base
$110K – $170K total compensation
At this level, candidates are expected to:
Conduct independent penetration tests
Write detailed vulnerability reports
Understand OWASP Top 10 and exploitation techniques
Hiring Manager Perspective: Mid-level hackers are evaluated on real-world exploit capability, not just theoretical knowledge.
$130K – $180K base
$150K – $220K total compensation
Senior ethical hackers:
Lead engagements
Perform advanced exploitation
Simulate real-world attack scenarios
Key Insight: Senior-level compensation increases significantly if candidates have red team or adversary simulation experience.
$170K – $230K+ base
$200K – $350K+ total compensation
These professionals:
Design offensive security strategies
Lead red team operations
Advise executives on security posture
Top 1% Scenario: Elite red teamers or security researchers at Big Tech companies can exceed $400K+ total compensation, especially when including bonuses and bug bounties.
$100K – $150K
High demand due to web vulnerabilities
$95K – $140K
More common, slightly lower ceiling
$130K – $200K+
High scarcity, top-tier salaries
$140K – $220K
One of the fastest-growing and highest-paid areas
Important: Only top-tier hackers consistently earn high incomes through bug bounties.
$90K – $150K
Bonus based on billable utilization
$140K – $220K base
$180K – $350K+ total compensation
Includes:
RSUs
Signing bonuses
Performance bonuses
$130K – $200K
High bonuses tied to risk exposure
$90K – $140K
Stability, lower ceiling
Security clearance premium
$110K – $170K base
Equity upside potential
Recruiter Insight: Consulting firms prioritize utilization, while product companies prioritize deep technical expertise.
Base Salary: 70% – 85%
Bonus: 10% – 20%
Equity: 10% – 40% (mainly in tech companies)
Base: $170,000
Bonus: $25,000
RSUs: $100,000/year
Total Compensation: $295,000
High-impact certifications:
OSCP (baseline expectation)
OSCE (advanced)
CISSP (for senior/lead roles)
Employers prioritize candidates who can:
Exploit vulnerabilities
Chain attacks
Bypass defenses
High-paying niches:
Cloud security
Red teaming
Application security
Top candidates often have:
Public write-ups
CVEs (Common Vulnerabilities and Exposures)
Bug bounty track record
Consulting firms: salary + utilization bonus
Tech companies: salary + equity
Government: salary + stability
Earn OSCP or advanced offensive certifications
Build a public portfolio of exploits
Transition into red teaming or cloud security
Move from consulting to product companies
Exploit development
Reverse engineering
Cloud attack vectors
Active Directory exploitation
These skills can increase salary by $20K–$80K+.
Recruiters assess:
Market demand
Internal salary bands
Your competing offers
Weak Example:
“I just want to get into cybersecurity.”
Good Example:
“Given my OSCP certification and hands-on red team experience, I’m targeting a total compensation package in the $160K–$180K range.”
Demonstrating real exploit experience
Showing business impact (risk reduction)
Having competing offers
Signing bonus (high flexibility)
Equity grants
Base salary (limited but possible)
Ethical hacking salaries are rising due to:
Increasing cyber threats
Cloud adoption
Regulatory requirements
15% – 30% salary growth expected
Highest growth in cloud and AI security
Key Trend: Offensive security is becoming more specialized, and top talent is commanding premium compensation.
An ethical hacker in the US can realistically earn:
$75K–$110K entry-level
$110K–$170K mid-career
$150K–$220K senior level
$200K–$350K+ at top-tier companies
Your earning potential depends on:
Certifications and hands-on experience
Specialization (red team, cloud, exploit dev)
Industry and company type
Negotiation strategy
Bottom line: Ethical hacking is one of the highest-growth and highest-upside careers in cybersecurity. With the right positioning and skills, you can significantly exceed average salary benchmarks and compete for top-tier compensation.
Upload CV
Import from Linkedin
