Penetration Testing Contract Job Trends

Penetration Testing
UK

The table below provides summary statistics and contractor rates for jobs requiring Penetration Testing skills. It covers vacancies from the 6 months leading up to 15 September 2025, with comparisons to the same periods in the previous two years.

 6 months to
15 Sep 2025		 Same period 2024 Same period 2023
Rank 356 351 428
Rank change year-on-year -5 +77 +135
Contract jobs citing Penetration Testing 205 217 232
As % of all contract jobs advertised in the UK 0.63% 0.57% 0.46%
As % of the Processes & Methodologies category 0.70% 0.66% 0.52%
Number of daily rates quoted 140 160 166
10th Percentile £400 £450 £431
25th Percentile £500 £510 £500
Median daily rate (50th Percentile) £550 £575 £550
Median % change year-on-year -4.35% +4.55% -8.33%
75th Percentile £613 £675 £650
90th Percentile £688 £738 £738
UK excluding London median daily rate £501 £550 £510
% change year-on-year -8.98% +7.84% -15.00%
Number of hourly rates quoted 2 1 1
10th Percentile - - -
25th Percentile £51.25 £81.75 -
Median hourly rate £52.50 £83.50 £80.00
Median % change year-on-year -37.13% +4.38% +39.13%
75th Percentile £53.75 £85.25 -
90th Percentile - - -
UK excluding London median hourly rate £52.50 £83.50 -
% change year-on-year -37.13% - -

All Process and Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all contract job vacancies requiring process or methodology skills.

Contract vacancies with a requirement for process or methodology skills 29,370 32,658 44,778
As % of all contract IT jobs advertised in the UK 90.49% 85.62% 89.13%
Number of daily rates quoted 18,234 20,154 30,464
10th Percentile £300 £310 £313
25th Percentile £403 £413 £425
Median daily rate (50th Percentile) £500 £525 £540
Median % change year-on-year -4.76% -2.78% -1.82%
75th Percentile £625 £638 £650
90th Percentile £725 £750 £750
UK excluding London median daily rate £475 £500 £500
% change year-on-year -5.00% - -
Number of hourly rates quoted 1,777 1,475 1,557
10th Percentile £14.23 £14.84 £14.25
25th Percentile £17.30 £20.00 £18.78
Median hourly rate £25.15 £43.00 £42.50
Median % change year-on-year -41.51% +1.18% +47.06%
75th Percentile £43.75 £65.00 £65.00
90th Percentile £66.70 £75.00 £77.50
UK excluding London median hourly rate £22.50 £43.00 £40.50
% change year-on-year -47.67% +6.17% +76.09%

Penetration Testing
Job Vacancy Trend

Job postings citing Penetration Testing as a proportion of all IT jobs advertised.

Job vacancy trend for Penetration Testing in the UK

Penetration Testing
Daily Rate Trend

Contractor daily rate distribution trend for jobs in the UK citing Penetration Testing.

Contractor daily rate distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Daily Rate Histogram

Daily rate distribution for jobs citing Penetration Testing over the 6 months to 15 September 2025.

Daily rate histogram for Penetration Testing in the UK

Penetration Testing
Hourly Rate Trend

Contractor hourly rate distribution trend for jobs in the UK citing Penetration Testing.

Contractor hourly rate distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Top 15 Contract Job Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 15 September 2025. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Contract
IT Job Ads		 Median
Daily Rate
Past 6 Months		 Median Daily Rate
% Change
on Same Period
Last Year		 Live
Jobs
England +19 184 £550 -5.98% 143
London +33 115 £600 +2.56% 44
Work from Home +17 74 £600 -7.69% 148
UK excluding London -13 73 £501 -8.98% 133
North of England -28 22 £520 -19.98% 27
Midlands +1 20 £400 -38.46% 25
North West -17 19 £508 -23.69% 17
East Midlands - 13 £400 - 7
South East +27 12 £520 -20.00% 30
South West +15 7 £488 -8.02% 18
West Midlands -11 7 £413 -36.54% 17
Scotland -14 7 - - 16
Yorkshire -18 3 £531 -11.46% 9
Northern Ireland - 3 - - 4
East of England +5 2 £550 +33.33% 11

Penetration Testing
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 2 (0.98%) TPMS
2 1 (0.49%) IBM Transformation Extender
2 1 (0.49%) SAS
Applications
1 1 (0.49%) GNU Octave
1 1 (0.49%) Microsoft Excel
1 1 (0.49%) Microsoft Office
Cloud Services
1 76 (37.07%) Azure
2 49 (23.90%) AWS
3 48 (23.41%) GCP
4 22 (10.73%) GitHub
5 11 (5.37%) Azure Sentinel
5 11 (5.37%) Entra ID
6 8 (3.90%) Cloud Computing
7 7 (3.41%) Microsoft 365
8 6 (2.93%) GitHub Actions
9 5 (2.44%) AWS CloudFormation
9 5 (2.44%) Azure DevOps
10 3 (1.46%) Cloudflare
10 3 (1.46%) npm
10 3 (1.46%) OpenDNS
10 3 (1.46%) OpenShift
10 3 (1.46%) SaaS
11 2 (0.98%) Azure Stack
11 2 (0.98%) Microsoft Purview
11 2 (0.98%) Power Platform
12 1 (0.49%) Tessian
Communications & Networking
1 27 (13.17%) Firewall
2 26 (12.68%) Network Security
3 9 (4.39%) SSL
4 8 (3.90%) TCP/IP
5 7 (3.41%) DNS
5 7 (3.41%) Intrusion Detection
6 4 (1.95%) VPN
6 4 (1.95%) Wi-Fi
7 3 (1.46%) Cisco Nexus
7 3 (1.46%) HTTP
7 3 (1.46%) Internet
7 3 (1.46%) SD-WAN
7 3 (1.46%) VLAN
7 3 (1.46%) WAN
7 3 (1.46%) Wireless
8 2 (0.98%) HTTPS
8 2 (0.98%) LAN
9 1 (0.49%) DMZ
9 1 (0.49%) MPLS
9 1 (0.49%) SNMP
Database & Business Intelligence
1 2 (0.98%) Power BI
Development Applications
1 23 (11.22%) Burp Suite
2 22 (10.73%) Metasploit
3 20 (9.76%) SonarQube
4 11 (5.37%) GitLab
4 11 (5.37%) Jenkins
5 6 (2.93%) JIRA
6 5 (2.44%) sqlmap
7 4 (1.95%) Cypress.io
7 4 (1.95%) Git
8 3 (1.46%) webpack
9 2 (0.98%) Cucumber
9 2 (0.98%) Sonatype Nexus
10 1 (0.49%) Gatling
10 1 (0.49%) JMeter
10 1 (0.49%) Maven
10 1 (0.49%) MSI
10 1 (0.49%) REST Assured
10 1 (0.49%) Selenium
10 1 (0.49%) Snyk
10 1 (0.49%) SpecFlow
General
1 91 (44.39%) Social Skills
2 30 (14.63%) Finance
3 23 (11.22%) Analytical Skills
3 23 (11.22%) Public Sector
4 17 (8.29%) Banking
5 7 (3.41%) Retail
6 6 (2.93%) Military
7 5 (2.44%) Financial Institution
8 4 (1.95%) Inclusion and Diversity
8 4 (1.95%) Organisational Skills
9 3 (1.46%) Documentation Skills
9 3 (1.46%) Legal
9 3 (1.46%) Retail Banking
10 2 (0.98%) Aerospace
10 2 (0.98%) Automotive
10 2 (0.98%) French Language
10 2 (0.98%) German Language
10 2 (0.98%) Investment Banking
10 2 (0.98%) Manufacturing
10 2 (0.98%) Marketing
Job Titles
1 51 (24.88%) Penetration Tester
2 49 (23.90%) Tester
3 36 (17.56%) Analyst
3 36 (17.56%) Security Engineer
4 25 (12.20%) Security Analyst
5 23 (11.22%) Cybersecurity Engineer
6 14 (6.83%) Lead
7 13 (6.34%) Architect
7 13 (6.34%) Security Architect
8 12 (5.85%) Information Analyst
8 12 (5.85%) Information Security Analyst
9 11 (5.37%) Security Manager
9 11 (5.37%) Senior
10 7 (3.41%) Security Solutions Architect
10 7 (3.41%) Solutions Architect
11 6 (2.93%) Cybersecurity Analyst
11 6 (2.93%) Governance Analyst
11 6 (2.93%) Operational Security Manager
11 6 (2.93%) Risk Analyst
11 6 (2.93%) Security Operations Manager
Libraries, Frameworks & Software Standards
1 6 (2.93%) LDAP
2 3 (1.46%) Jest
2 3 (1.46%) React
2 3 (1.46%) RESTful
2 3 (1.46%) Spring Boot
3 2 (0.98%) ADO
3 2 (0.98%) CSS
3 2 (0.98%) HTML
3 2 (0.98%) pytest
3 2 (0.98%) Web Services
4 1 (0.49%) Django
4 1 (0.49%) Flutter
4 1 (0.49%) OAuth
4 1 (0.49%) Playwright
4 1 (0.49%) PyTorch
4 1 (0.49%) REST
4 1 (0.49%) Spring
4 1 (0.49%) TensorFlow
4 1 (0.49%) YAML
Miscellaneous
1 43 (20.98%) Security Posture
2 15 (7.32%) Cyber Threat
2 15 (7.32%) Management Information System
3 10 (4.88%) Cloud Native
4 6 (2.93%) Cloud Security Posture
4 6 (2.93%) PKI
5 5 (2.44%) Security Operations Centre
6 4 (1.95%) Data Centre
6 4 (1.95%) Operational Technology
7 3 (1.46%) Algorithms
7 3 (1.46%) Legacy Systems
7 3 (1.46%) Mobile App
7 3 (1.46%) Public Cloud
7 3 (1.46%) Video Conferencing
8 2 (0.98%) CMDB
8 2 (0.98%) Data Protection Act
8 2 (0.98%) Embedded Systems
8 2 (0.98%) Life Science
8 2 (0.98%) Renewable Energy
8 2 (0.98%) Self-Motivation
Operating Systems
1 25 (12.20%) Windows
2 17 (8.29%) Linux
3 12 (5.85%) Unix
4 5 (2.44%) Windows Server
5 4 (1.95%) Android
6 2 (0.98%) Kali Linux
6 2 (0.98%) Windows Server 2016
6 2 (0.98%) Windows Server 2019
7 1 (0.49%) Mac OS X
7 1 (0.49%) VMS
Processes & Methodologies
1 116 (56.59%) Cybersecurity
2 53 (25.85%) Vulnerability Assessment
3 50 (24.39%) Cloud Security
3 50 (24.39%) Vulnerability Management
4 47 (22.93%) Vulnerability Remediation
5 41 (20.00%) CI/CD
5 41 (20.00%) Incident Response
6 35 (17.07%) Problem-Solving
7 34 (16.59%) DevSecOps
7 34 (16.59%) Infrastructure as Code
8 33 (16.10%) SIEM
9 32 (15.61%) Security Testing
10 31 (15.12%) Information Security
11 28 (13.66%) Threat Modelling
12 27 (13.17%) Data Protection
12 27 (13.17%) Security Operations
13 26 (12.68%) Application Security
13 26 (12.68%) OWASP
13 26 (12.68%) Secure Coding
13 26 (12.68%) Stakeholder Management
Programming Languages
1 48 (23.41%) Python
2 33 (16.10%) Bash
3 19 (9.27%) PowerShell
4 10 (4.88%) Java
5 8 (3.90%) JavaScript
6 5 (2.44%) Kusto Query Language
7 4 (1.95%) C++
8 3 (1.46%) Bicep
8 3 (1.46%) Go
8 3 (1.46%) Perl
8 3 (1.46%) Shell Script
8 3 (1.46%) TypeScript
9 2 (0.98%) C
9 2 (0.98%) C#
10 1 (0.49%) R
10 1 (0.49%) SQL
Qualifications
1 68 (33.17%) Security Cleared
2 62 (30.24%) SC Cleared
3 39 (19.02%) CISSP
4 31 (15.12%) CHECK Team Member
5 30 (14.63%) OSCP
6 22 (10.73%) CREST Certified
7 21 (10.24%) CHECK Team Leader
8 19 (9.27%) CEH
9 17 (8.29%) Degree
10 14 (6.83%) CISM
11 13 (6.34%) Tigerscheme
12 12 (5.85%) Cisco Certification
12 12 (5.85%) CompTIA Security+
13 9 (4.39%) GCIH
14 8 (3.90%) (ISC)2 CCSP
14 8 (3.90%) CCSP
15 6 (2.93%) GPEN
15 6 (2.93%) MCSE
15 6 (2.93%) Microsoft Certification
16 5 (2.44%) MCSA
Quality Assurance & Compliance
1 41 (20.00%) ISO/IEC 27001
2 38 (18.54%) NIST
3 30 (14.63%) GDPR
4 15 (7.32%) GRC
4 15 (7.32%) PCI DSS
5 12 (5.85%) NCSC
6 11 (5.37%) HIPAA
6 11 (5.37%) SLA
7 10 (4.88%) Cyber Essentials
7 10 (4.88%) Cyber Essentials PLUS
7 10 (4.88%) QA
8 8 (3.90%) California Consumer Privacy Act
9 2 (0.98%) ISO 9001
10 1 (0.49%) Accessibility
10 1 (0.49%) Actionable Recommendations
10 1 (0.49%) EU AI Act
10 1 (0.49%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
10 1 (0.49%) NIST 800
10 1 (0.49%) Sarbanes-Oxley
10 1 (0.49%) SOC 2
System Software
1 19 (9.27%) Active Directory
2 13 (6.34%) Docker
3 4 (1.95%) Snort
4 3 (1.46%) Squid
4 3 (1.46%) Virtual Machines
5 1 (0.49%) Firmware
Systems Management
1 28 (13.66%) Nessus
2 20 (9.76%) Nmap
3 15 (7.32%) Kubernetes
4 10 (4.88%) Terraform
5 7 (3.41%) Ansible
6 6 (2.93%) CASB
7 5 (2.44%) HP Fortify
8 4 (1.95%) Nexpose
9 3 (1.46%) Progress Chef
9 3 (1.46%) Suricata
10 2 (0.98%) Microsoft Intune
10 2 (0.98%) QRadar
11 1 (0.49%) CSIRT
11 1 (0.49%) NetBackup
11 1 (0.49%) Oracle RMAN
11 1 (0.49%) Single Sign-On
Vendors
1 39 (19.02%) Microsoft
2 20 (9.76%) Qualys
3 14 (6.83%) Veracode
4 12 (5.85%) ServiceNow
4 12 (5.85%) Splunk
4 12 (5.85%) Tenable
5 10 (4.88%) Cisco
5 10 (4.88%) Google
6 8 (3.90%) CrowdStrike
6 8 (3.90%) CyberArk
7 7 (3.41%) Palo Alto
8 6 (2.93%) Salesforce
8 6 (2.93%) Zscaler
9 5 (2.44%) Remedy
10 4 (1.95%) Tanium
11 3 (1.46%) Blue Coat
11 3 (1.46%) Carbon Black
11 3 (1.46%) ForgeRock
11 3 (1.46%) Oracle
11 3 (1.46%) Red Hat
173 Penetration Testing jobs Nationwide