Hours per day worked by IT Security/Pentesters?

Could those of you who work in IT Security/Network Security/Penetration Testing tell me how many hours a day you work on average? For instance, I know that Software Developers / Programmers work around 9 hours a day on average, whilst for many System/Network administrators 10 hours a day of shift work, plus being on call, is considered normal.

I know that one or two of you who work in IT Security mentioned that you work 8-9 hours per day. I wanted to find out if that is the norm since I myself am thinking about moving into IT/Network security or perhaps penetration testing.

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

markulous

Wow, this thread took a weird turn...

Bchen2

InfoTech92 wrote: »

man, sounds lucky to me. I wish I could meet a girl that wouldn't care if I spent that much time on something.

What does that have to do with IT Security?
Regardless of what my job is i maintain a balance between work and life even if it mean having a girlfriend

cyberguypr

Well, girls... penetration testing... actually, never mind.

NetworkNewb

cyberguypr wrote: »

Well, girls... penetration testing... actually, never mind.

........

52575402.jpg

InfoTech92

Bchen2 wrote: »

What does that have to do with IT Security?
Regardless of what my job is i maintain a balance between work and life even if it mean having a girlfriend

LOL what? It was obviously sort of a joke...

Bchen2

InfoTech92 wrote: »

LOL what? It was obviously sort of a joke...

oh hahaha

You got me there
cyberguypr is our jokester in this thread :P since he talks about penetration testing and girls

kurosaki00

docrice wrote: »

I'm curious where you got the impression that security teams generally work less

C'mon everybody knows that!
I kid the sec folks.

Sadly at some points in a career it's normal to work 10 hours a day. Maybe not exactly the whole day in a row but on-call duties, maintenance, installation.
I've had to show up on weekends because there was UPS testing or something in the DC.
So it's pretty normal. So please dont feel discourage if you ever get 10 hours a day, just be sure that is a good job, good pay and learn from it.

beads

From a purely pentesting viewpoint. Yes, your likely to put in roughly 40-45 hours a week pentesting applications and writing some stirring after compromise and audit reports. But its not over just yet! You will likely spend another 20-40 hours a week outside of work learning new tools, techniques and practices at home or in the office. Penetration testing isn't a 9-5 job without double the prep time doing what everyone else eludes to above. We read twitter off and on 12+ hours a day. We play Sir Hackalot in the home lab cause there is some problem we can't stay away from thinking out day and night until its solved. We are building that new lab in VMWare because there was a patch making the old lab feel old and less than cutting edge. We are tinkering and learning new software and development tools while other people sleep. Why? Because we want to and CAN. We are the alpha-geeks who rarely stop thinking about IT. And that's what separates the alpha-geeks from the 9-5 helpdesk types who want to become alpha-geeks.

No paragraphing cause that would ruin the whole rantish effect.

- beads

Bchen2

Keep in mind there are always trade offs if work hours concern you
You can get a regular work schedule like the BA's ,Help Desk, and Computer Repair ppl, I work with
but we are paid lower than engineers IT Security or System Admins ( theses guys are extremely dedicated to study out of work all the time from what I see) I stiill think we make good money helping the end users they treat us good for the most part however im pretty sure most people dont like makin a career in the help desk or desktop. At our company after the help desk we have positions like the help desk manager or desktop and still comes with good hours and decent pay plus theres always something interesting to learn without losing your sane

We go home at 5PM thou and wait till monday to work again thats the difference
Its a question of if you want to chase the money or chase time off.

I would agree with beads thou about pen testing but do it if you have the passion

E Double U

markulous wrote: »

Wow, this thread took a weird turn...

"Boy that escalated quickly. I mean that really got out of hand fast."

Prolifix

Thanks for all the responses, but I guess the first post by danielm probably summed up all the responses in this entire thread - "it depends on the company".

markulous

E Double U wrote: »

"Boy that escalated quickly. I mean that really got out of hand fast."

Brick killed a guy. Did you throw a trident?

InfoTech92

Did I really get negged because of my response in this thread? LMAO!

NetworkNewb

LOL first person I've seen with a red bar! Congratulations!

anoeljr

Probably. Some people are too sensitive about things.

snowchick7669

I just landed a job in IT sec and I'm contracted to do 35 hours a week (I know, I know - even I'm adjusting to it, the days are so short!). This is mainly because the company don't really like paying overtime to non-contractors. I don't know why, but hey it means I get more time to study. I'm not including any time I do outside of work for study/researching topics for projects. I spend probably 2 hours a night doing study and a few hours on the weekends. I don't count it mainly because I choose to do it and I enjoy it.

However, I am essentially 'on call' 24/7 since I have a business mobile. Also, if work needs to be done or there is a project on the go and resource is needed, then it is expected that you will work (and since over time is a pain to approve, it is usually unpaid). The company looks after us though so when you need to put in a bit extra it's not that bad.

InfoTech92

anoeljr wrote: »

Probably. Some people are too sensitive about things.

They definitely are sadly. Can't even get mad, just have to feel bad for people like that. Kind of like the feeling when you see a kitty outside, lost and confused.