Penetration Testing Contract Job Trends

Penetration Testing
UK

The table below provides summary statistics and contractor rates for jobs requiring Penetration Testing skills. It covers contract job vacancies from the 6 months leading up to 12 November 2025, with comparisons to the same periods in the previous two years.

 6 months to
12 Nov 2025		 Same period 2024 Same period 2023
Rank 346 395 341
Rank change year-on-year +49 -54 +183
Contract jobs citing Penetration Testing 248 151 307
As % of all contract jobs in the UK 0.70% 0.42% 0.66%
As % of the Processes & Methodologies category 0.78% 0.48% 0.74%
Number of daily rates quoted 172 102 155
10th Percentile £400 £450 £425
25th Percentile £450 £510 £500
Median daily rate (50th Percentile) £550 £583 £550
Median % change year-on-year -5.58% +5.91% -8.33%
75th Percentile £600 £698 £638
90th Percentile £675 £765 £733
UK excluding London median daily rate £475 £550 £550
% change year-on-year -13.64% - -8.33%

All Process and Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all contract job vacancies requiring process or methodology skills.

Contract vacancies with a requirement for process or methodology skills 31,669 31,225 41,270
As % of all contract IT jobs advertised in the UK 90.01% 86.16% 88.58%
Number of daily rates quoted 19,839 18,782 27,829
10th Percentile £297 £310 £308
25th Percentile £404 £413 £425
Median daily rate (50th Percentile) £500 £525 £533
Median % change year-on-year -4.76% -1.43% -3.16%
75th Percentile £623 £638 £650
90th Percentile £725 £738 £745
UK excluding London median daily rate £475 £500 £500
% change year-on-year -5.00% - -
Number of hourly rates quoted 2,054 1,104 1,592
10th Percentile £14.38 £15.10 £14.25
25th Percentile £17.46 £20.12 £18.95
Median hourly rate £25.15 £35.00 £43.17
Median % change year-on-year -28.14% -18.92% +23.33%
75th Percentile £43.75 £63.75 £65.00
90th Percentile £67.00 £73.50 £77.50
UK excluding London median hourly rate £22.53 £33.00 £43.83
% change year-on-year -31.73% -24.70% +51.64%

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of contract IT job postings citing Penetration Testing relative to all contract IT jobs advertised.

Penetration Testing job vacancy trend in the UK

Penetration Testing
Daily Rate Trend

Contractor daily rate distribution trend for jobs in the UK citing Penetration Testing.

Contractor daily rate distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Daily Rate Histogram

Daily rate distribution for jobs citing Penetration Testing over the 6 months to 12 November 2025.

Daily rate histogram for Penetration Testing in the UK

Penetration Testing
Hourly Rate Trend

Contractor hourly rate distribution trend for jobs in the UK citing Penetration Testing.

Contractor hourly rate distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Top 16 Contract Job Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 12 November 2025. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Contract
IT Job Ads		 Median
Daily Rate
Past 6 Months		 Median Daily Rate
% Change
on Same Period
Last Year		 Live
Jobs
England +68 228 £550 -11.65% 171
London +56 128 £575 -8.00% 69
UK excluding London +12 99 £475 -13.64% 105
Work from Home +26 84 £600 -4.00% 107
South East +27 34 £450 -23.73% 29
North of England -35 23 £525 -0.94% 27
Midlands -9 21 £375 -51.61% 17
North West -17 14 £508 -20.90% 20
East Midlands - 14 £375 - 1
South West +10 11 £425 -22.73% 21
West Midlands -24 7 £538 -30.65% 16
Yorkshire -30 5 £501 -8.89% 5
East of England -13 4 £550 +33.33% 7
North East - 4 £700 - 2
Scotland -7 3 - - 4
Northern Ireland - 3 - - 1

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1 7 (2.82%) Confluence
2 5 (2.02%) SharePoint
3 1 (0.40%) IBM Transformation Extender
3 1 (0.40%) SAS
Applications
1 4 (1.61%) Microsoft Project
2 2 (0.81%) Microsoft Office
3 1 (0.40%) GNU Octave
3 1 (0.40%) Microsoft Excel
Business Applications
1 3 (1.21%) Oracle EBS
Cloud Services
1 76 (30.65%) Azure
2 55 (22.18%) AWS
3 45 (18.15%) GCP
4 17 (6.85%) GitHub
5 11 (4.44%) Entra ID
6 10 (4.03%) Azure Sentinel
7 9 (3.63%) Microsoft 365
8 5 (2.02%) Azure DevOps
9 4 (1.61%) Cloudflare
9 4 (1.61%) OCI
9 4 (1.61%) OpenDNS
10 3 (1.21%) npm
10 3 (1.21%) OpenShift
10 3 (1.21%) SaaS
11 2 (0.81%) AWS CloudFormation
11 2 (0.81%) Cloud Computing
11 2 (0.81%) GitHub Actions
11 2 (0.81%) Power Platform
12 1 (0.40%) Google App Engine
12 1 (0.40%) Tessian
Communications & Networking
1 33 (13.31%) Firewall
2 19 (7.66%) Network Security
3 9 (3.63%) SSL
3 9 (3.63%) TCP/IP
4 8 (3.23%) Internet
4 8 (3.23%) Intrusion Detection
4 8 (3.23%) Wireshark
5 7 (2.82%) DNS
5 7 (2.82%) Wireless
6 4 (1.61%) Intranet
6 4 (1.61%) VPN
6 4 (1.61%) Wi-Fi
7 3 (1.21%) Cisco Nexus
7 3 (1.21%) HTTP
7 3 (1.21%) SD-WAN
7 3 (1.21%) VLAN
8 2 (0.81%) HTTPS
8 2 (0.81%) WAN
9 1 (0.40%) DMZ
9 1 (0.40%) MPLS
Database & Business Intelligence
1 3 (1.21%) MongoDB
2 2 (0.81%) Power BI
3 1 (0.40%) Amazon RDS
3 1 (0.40%) DB2
3 1 (0.40%) Oracle Reports
Development Applications
1 34 (13.71%) Burp Suite
2 32 (12.90%) Metasploit
3 18 (7.26%) JIRA
4 17 (6.85%) SonarQube
5 8 (3.23%) GitLab
6 7 (2.82%) Jenkins
7 6 (2.42%) Selenium
7 6 (2.42%) sqlmap
8 4 (1.61%) Git
9 3 (1.21%) Cypress.io
9 3 (1.21%) JMeter
9 3 (1.21%) Postman
9 3 (1.21%) webpack
10 2 (0.81%) Sonatype Nexus
11 1 (0.40%) Cucumber
11 1 (0.40%) Gatling
11 1 (0.40%) Maven
General
1 108 (43.55%) Social Skills
2 34 (13.71%) Public Sector
3 30 (12.10%) Analytical Skills
4 24 (9.68%) Finance
5 15 (6.05%) Banking
6 7 (2.82%) Retail
7 6 (2.42%) Military
8 5 (2.02%) Inclusion and Diversity
9 4 (1.61%) Investment Banking
9 4 (1.61%) Organisational Skills
9 4 (1.61%) Presentation Skills
10 3 (1.21%) German Language
10 3 (1.21%) Legal
11 2 (0.81%) Automotive
11 2 (0.81%) Documentation Skills
11 2 (0.81%) Influencing Skills
12 1 (0.40%) Financial Institution
12 1 (0.40%) Law
12 1 (0.40%) Marketing
12 1 (0.40%) Telecoms
Job Titles
1 80 (32.26%) Penetration Tester
2 78 (31.45%) Tester
3 43 (17.34%) Analyst
4 38 (15.32%) Security Engineer
5 32 (12.90%) Security Analyst
6 22 (8.87%) Cybersecurity Engineer
7 18 (7.26%) Lead
8 12 (4.84%) Information Analyst
8 12 (4.84%) Information Security Analyst
9 9 (3.63%) Senior
10 8 (3.23%) Consultant
10 8 (3.23%) Test Engineer
11 7 (2.82%) Cybersecurity Analyst
11 7 (2.82%) Network Engineer
11 7 (2.82%) Security Manager
12 6 (2.42%) Architect
12 6 (2.42%) Governance Analyst
12 6 (2.42%) Network Security Engineer
12 6 (2.42%) Risk Analyst
12 6 (2.42%) Security Architect
Libraries, Frameworks & Software Standards
1 6 (2.42%) LDAP
2 4 (1.61%) RESTful
2 4 (1.61%) Spring Boot
3 3 (1.21%) .NET
3 3 (1.21%) Jest
3 3 (1.21%) Node.js
3 3 (1.21%) OAuth
3 3 (1.21%) React
4 2 (0.81%) ADO
4 2 (0.81%) CSS
4 2 (0.81%) Flash
4 2 (0.81%) HTML
4 2 (0.81%) JWT
4 2 (0.81%) SAML
4 2 (0.81%) Smart Contracts
4 2 (0.81%) Spring
4 2 (0.81%) Web Services
5 1 (0.40%) Spring Batch
5 1 (0.40%) TensorFlow
5 1 (0.40%) WireMock
Miscellaneous
1 38 (15.32%) Security Posture
2 20 (8.06%) Management Information System
3 15 (6.05%) Cyber Threat
4 14 (5.65%) Cloud Native
5 7 (2.82%) Mobile App
5 7 (2.82%) Security Operations Centre
6 6 (2.42%) Cloud Security Posture
7 5 (2.02%) CSOC
7 5 (2.02%) Operational Technology
8 3 (1.21%) BYOD
8 3 (1.21%) Cyber Defence
8 3 (1.21%) Data Protection Act
8 3 (1.21%) Greenfield Project
8 3 (1.21%) PKI
8 3 (1.21%) Video Conferencing
9 2 (0.81%) Algorithms
9 2 (0.81%) CMDB
9 2 (0.81%) Cyber Kill Chain
9 2 (0.81%) Data Centre
9 2 (0.81%) Public Cloud
Operating Systems
1 30 (12.10%) Linux
2 21 (8.47%) Windows
3 12 (4.84%) Kali Linux
4 11 (4.44%) Unix
5 6 (2.42%) Android
6 3 (1.21%) Apple iOS
7 1 (0.40%) Mac OS X
7 1 (0.40%) VMS
7 1 (0.40%) Windows Server
Processes & Methodologies
1 131 (52.82%) Cybersecurity
2 55 (22.18%) OWASP
3 52 (20.97%) Vulnerability Assessment
4 49 (19.76%) Incident Response
5 46 (18.55%) Cloud Security
6 44 (17.74%) Vulnerability Management
6 44 (17.74%) Vulnerability Remediation
7 43 (17.34%) Security Testing
8 42 (16.94%) Test Automation
9 41 (16.53%) CI/CD
10 38 (15.32%) Application Security
11 37 (14.92%) DevSecOps
12 36 (14.52%) Threat Modelling
13 34 (13.71%) Information Security
13 34 (13.71%) Problem-Solving
14 33 (13.31%) Infrastructure as Code
15 30 (12.10%) SIEM
16 29 (11.69%) Agile
16 29 (11.69%) Data Protection
17 28 (11.29%) Stakeholder Management
Programming Languages
1 47 (18.95%) Python
2 38 (15.32%) Bash
3 22 (8.87%) PowerShell
4 11 (4.44%) Java
5 6 (2.42%) Kusto Query Language
6 5 (2.02%) JavaScript
7 3 (1.21%) Bicep
7 3 (1.21%) C++
7 3 (1.21%) Go
7 3 (1.21%) Shell Script
7 3 (1.21%) SQL
7 3 (1.21%) TypeScript
8 2 (0.81%) C
8 2 (0.81%) C#
8 2 (0.81%) Perl
8 2 (0.81%) Rust
8 2 (0.81%) Solidity
9 1 (0.40%) R
9 1 (0.40%) Swift
Qualifications
1 92 (37.10%) Security Cleared
2 78 (31.45%) SC Cleared
3 43 (17.34%) OSCP
4 40 (16.13%) CHECK Team Member
5 38 (15.32%) CISSP
6 33 (13.31%) CHECK Team Leader
7 31 (12.50%) CREST Certified
8 26 (10.48%) CEH
9 22 (8.87%) CISM
10 17 (6.85%) Degree
11 16 (6.45%) GPEN
12 13 (5.24%) CompTIA Security+
12 13 (5.24%) Tigerscheme
13 11 (4.44%) DV Cleared
14 9 (3.63%) SANS
15 8 (3.23%) Cisco Certification
16 5 (2.02%) MCSA
16 5 (2.02%) MCSE
16 5 (2.02%) Microsoft Certification
16 5 (2.02%) PMP
Quality Assurance & Compliance
1 48 (19.35%) NIST
2 45 (18.15%) ISO/IEC 27001
3 29 (11.69%) GDPR
4 23 (9.27%) NCSC
5 15 (6.05%) GRC
6 13 (5.24%) Cyber Essentials
7 12 (4.84%) PCI DSS
8 11 (4.44%) QA
9 10 (4.03%) Cyber Essentials PLUS
10 7 (2.82%) NIST 800
11 5 (2.02%) HIPAA
12 4 (1.61%) Actionable Recommendations
12 4 (1.61%) California Consumer Privacy Act
12 4 (1.61%) PMO
13 3 (1.21%) EU AI Act
13 3 (1.21%) JSP 440
13 3 (1.21%) Sarbanes-Oxley
13 3 (1.21%) SOC 2
14 2 (0.81%) Accessibility
14 2 (0.81%) ISO 9001
System Software
1 22 (8.87%) Active Directory
2 13 (5.24%) Docker
3 5 (2.02%) Snort
4 4 (1.61%) Squid
5 3 (1.21%) Virtual Machines
6 1 (0.40%) Firmware
Systems Management
1 31 (12.50%) Nmap
2 28 (11.29%) Nessus
3 25 (10.08%) Kubernetes
4 7 (2.82%) Ansible
4 7 (2.82%) Terraform
5 5 (2.02%) CASB
5 5 (2.02%) Nexpose
6 4 (1.61%) Suricata
7 2 (0.81%) HP Fortify
7 2 (0.81%) QRadar
8 1 (0.40%) CSIRT
8 1 (0.40%) Grafana
8 1 (0.40%) Kibana
8 1 (0.40%) Microsoft Intune
8 1 (0.40%) Single Sign-On
Vendors
1 34 (13.71%) Microsoft
2 17 (6.85%) Qualys
3 15 (6.05%) ServiceNow
4 14 (5.65%) Veracode
5 13 (5.24%) Splunk
6 12 (4.84%) Cisco
6 12 (4.84%) Tenable
7 11 (4.44%) CrowdStrike
8 9 (3.63%) CyberArk
8 9 (3.63%) Oracle
8 9 (3.63%) Palo Alto
9 8 (3.23%) Google
10 7 (2.82%) Remedy
10 7 (2.82%) Zscaler
11 6 (2.42%) Salesforce
12 4 (1.61%) Blue Coat
12 4 (1.61%) Carbon Black
12 4 (1.61%) FireEye
12 4 (1.61%) Tanium
13 3 (1.21%) Workday
199 Penetration Testing jobs Nationwide