Penetration Testing Contracts

Penetration Testing
UK

The table below provides summary statistics for contract job vacancies requiring Penetration Testing skills. It includes a benchmarking guide to the contractor rates offered in vacancies that cited Penetration Testing over the 6 months leading up to 4 October 2024, comparing them to the same period in the previous two years.

6 months to
4 Oct 2024
Same period 2023 Same period 2022
Rank 383 393 555
Rank change year-on-year +10 +162 +3
Contract jobs citing Penetration Testing 169 255 313
As % of all contract jobs advertised in the UK 0.44% 0.52% 0.37%
As % of the Processes & Methodologies category 0.52% 0.59% 0.41%
Number of daily rates quoted 121 174 224
10th Percentile £450 £441 £452
25th Percentile £505 £500 £500
Median daily rate (50th Percentile) £575 £550 £600
Median % change year-on-year +4.55% -8.33% +13.58%
75th Percentile £675 £650 £675
90th Percentile £765 £738 £738
UK excluding London median daily rate £532 £550 £625
% change year-on-year -3.36% -12.00% +25.00%
Number of hourly rates quoted 0 0 2
10th Percentile - - £60.00
25th Percentile - - £65.63
Median hourly rate - - £77.50
75th Percentile - - £90.63
90th Percentile - - £97.00
UK excluding London median hourly rate - - £97.50
% change year-on-year - - +104.68%

All Process and Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all contract job vacancies requiring process or methodology skills.

Contract vacancies with a requirement for process or methodology skills 32,651 43,453 75,876
As % of all contract IT jobs advertised in the UK 85.89% 88.91% 90.43%
Number of daily rates quoted 19,723 29,509 52,819
10th Percentile £308 £313 £350
25th Percentile £413 £425 £450
Median daily rate (50th Percentile) £525 £540 £550
Median % change year-on-year -2.78% -1.82% +10.00%
75th Percentile £638 £650 £650
90th Percentile £750 £750 £750
UK excluding London median daily rate £500 £500 £500
% change year-on-year - - +11.11%
Number of hourly rates quoted 1,333 1,582 1,734
10th Percentile £15.00 £14.25 £13.16
25th Percentile £20.12 £18.63 £16.25
Median hourly rate £41.50 £42.50 £29.18
Median % change year-on-year -2.35% +45.65% +35.72%
75th Percentile £65.00 £65.00 £60.00
90th Percentile £74.35 £77.50 £71.28
UK excluding London median hourly rate £43.00 £42.50 £24.50
% change year-on-year +1.18% +73.47% +35.25%

Penetration Testing
Job Vacancy Trend

Job postings citing Penetration Testing as a proportion of all IT jobs advertised.

Job vacancy trend for Penetration Testing in the UK

Penetration Testing
Contractor Daily Rate Trend

3-month moving average daily rate quoted in jobs citing Penetration Testing.

Daily rate trend for Penetration Testing in the UK

Penetration Testing
Daily Rate Histogram

Daily rate distribution for jobs citing Penetration Testing over the 6 months to 4 October 2024.

Daily rate histogram for Penetration Testing in the UK

Penetration Testing
Contractor Hourly Rate Trend

3-month moving average hourly rates quoted in jobs citing Penetration Testing.

Hourly rate trend for Penetration Testing in the UK

Penetration Testing
Top 13 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 4 October 2024. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Past 6 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Jobs
England -18 137 £583 +5.91% 91
London +35 91 £585 +5.17% 29
Work from Home +30 67 £591 +9.49% 54
UK excluding London -9 57 £532 -3.36% 77
Scotland +35 18 £525 -4.55% 10
North of England +9 16 £563 +11.39% 20
North West +15 12 £575 -8.00% 17
South East +7 10 £600 +20.00% 18
South West +11 7 £544 -19.41% 9
Yorkshire -4 4 £550 +10.00% 2
East of England +5 3 £413 -31.25% 3
Midlands +1 3 £650 - 12
West Midlands -2 3 £650 -10.34% 12

Penetration Testing
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 4 (2.37%) IIS
1 4 (2.37%) JBoss
2 1 (0.59%) Confluence
2 1 (0.59%) SharePoint
Business Applications
1 4 (2.37%) Dynamics GP
2 2 (1.18%) Payment Gateway
3 1 (0.59%) Salesforce CRM
Cloud Services
1 58 (34.32%) Azure
2 23 (13.61%) AWS
3 17 (10.06%) GCP
4 10 (5.92%) Power Platform
5 8 (4.73%) Microsoft 365
6 7 (4.14%) SaaS
7 5 (2.96%) Entra ID
8 4 (2.37%) Azure Sentinel
9 3 (1.78%) IaaS
9 3 (1.78%) PaaS
10 2 (1.18%) Amazon S3
10 2 (1.18%) Azure DevOps
10 2 (1.18%) Cloud Computing
10 2 (1.18%) CloudFront
10 2 (1.18%) Mimecast
10 2 (1.18%) OpenShift
10 2 (1.18%) Virtual Private Cloud
11 1 (0.59%) Azure Key Vault
11 1 (0.59%) Cloud Functions
11 1 (0.59%) Serverless
Communications & Networking
1 33 (19.53%) Firewall
2 24 (14.20%) Network Security
3 8 (4.73%) SSL
3 8 (4.73%) Wireless
4 7 (4.14%) VPN
5 6 (3.55%) DNS
5 6 (3.55%) WAN
6 5 (2.96%) SD-WAN
7 4 (2.37%) Intrusion Detection
7 4 (2.37%) TCP/IP
8 3 (1.78%) Cisco ISE
8 3 (1.78%) SAN
9 2 (1.18%) DHCP
9 2 (1.18%) Internet
9 2 (1.18%) LAN
9 2 (1.18%) NAS
9 2 (1.18%) Wireshark
10 1 (0.59%) iSCSI
10 1 (0.59%) SSH
10 1 (0.59%) VLAN
Database & Business Intelligence
1 4 (2.37%) DB2
2 1 (0.59%) Power BI
Development Applications
1 13 (7.69%) Jenkins
2 11 (6.51%) Burp Suite
3 8 (4.73%) GitLab
4 7 (4.14%) JIRA
5 4 (2.37%) Vagrant
6 3 (1.78%) Git
6 3 (1.78%) Metasploit
7 2 (1.18%) Octopus Deploy
8 1 (0.59%) CircleCI
8 1 (0.59%) MSI
8 1 (0.59%) Team Foundation Server
General
1 71 (42.01%) Finance
2 38 (22.49%) Social Skills
3 21 (12.43%) Public Sector
4 18 (10.65%) Analytical Skills
4 18 (10.65%) Banking
5 7 (4.14%) Influencing Skills
6 4 (2.37%) Retail
7 2 (1.18%) Games
7 2 (1.18%) Law
7 2 (1.18%) Legal
7 2 (1.18%) Telecoms
8 1 (0.59%) Automotive
8 1 (0.59%) Fire and Rescue
8 1 (0.59%) Inclusion and Diversity
8 1 (0.59%) Investment Banking
8 1 (0.59%) Marketing
8 1 (0.59%) Military
8 1 (0.59%) Police
8 1 (0.59%) Presentation Skills
8 1 (0.59%) Retail Banking
Job Titles
1 34 (20.12%) Consultant
2 32 (18.93%) Security Consultant
3 31 (18.34%) Security Engineer
4 17 (10.06%) Penetration Tester
4 17 (10.06%) Tester
5 13 (7.69%) Architect
6 12 (7.10%) Analyst
6 12 (7.10%) Azure Engineer
7 11 (6.51%) Security Manager
8 10 (5.92%) Security Specialist
8 10 (5.92%) Senior
9 9 (5.33%) Lead
9 9 (5.33%) Security Analyst
10 8 (4.73%) Cybersecurity Engineer
10 8 (4.73%) Information Security Consultant
10 8 (4.73%) IT Consultant
10 8 (4.73%) IT Security Consultant
11 7 (4.14%) Cybersecurity Manager
11 7 (4.14%) Security Technical Consultant
11 7 (4.14%) Technical Security Consultant
Libraries, Frameworks & Software Standards
1 2 (1.18%) .NET
1 2 (1.18%) CSS
1 2 (1.18%) Ext JS
1 2 (1.18%) HTML
1 2 (1.18%) ModSecurity
1 2 (1.18%) OAuth
1 2 (1.18%) OAuth2
1 2 (1.18%) SAML
1 2 (1.18%) Web Services
2 1 (0.59%) ARM Templates
2 1 (0.59%) ASP.NET
2 1 (0.59%) Azure Blueprints
2 1 (0.59%) JWT
2 1 (0.59%) LDAP
2 1 (0.59%) OpenID
2 1 (0.59%) RESTful
Miscellaneous
1 27 (15.98%) Cyber Threat
1 27 (15.98%) Security Posture
2 15 (8.88%) Management Information System
2 15 (8.88%) PKI
3 8 (4.73%) Cyberattack
4 5 (2.96%) Cloud Native
4 5 (2.96%) Cyber Kill Chain
5 4 (2.37%) Data Centre
5 4 (2.37%) Mobile App
5 4 (2.37%) Private Cloud
6 3 (1.78%) Distributed Denial-of-Service
7 2 (1.18%) Algorithms
7 2 (1.18%) Blockchain
7 2 (1.18%) Cloud Security Posture
7 2 (1.18%) Data Protection Act
7 2 (1.18%) Embedded Systems
7 2 (1.18%) Hybrid Cloud
7 2 (1.18%) Operational Technology
7 2 (1.18%) Public Cloud
7 2 (1.18%) Security Operations Centre
Operating Systems
1 24 (14.20%) Windows
2 14 (8.28%) Linux
3 10 (5.92%) Windows Server
4 8 (4.73%) Unix
5 4 (2.37%) AIX
5 4 (2.37%) Solaris
6 3 (1.78%) VMS
7 2 (1.18%) Android
7 2 (1.18%) Apple iOS
8 1 (0.59%) Kali Linux
8 1 (0.59%) Windows 10
8 1 (0.59%) Windows 7
Processes & Methodologies
1 79 (46.75%) Cybersecurity
2 51 (30.18%) Vulnerability Management
3 50 (29.59%) Cloud Security
4 48 (28.40%) Security Testing
5 47 (27.81%) Threat Modelling
6 42 (24.85%) Information Security
7 41 (24.26%) Application Security
8 31 (18.34%) CI/CD
8 31 (18.34%) DevSecOps
8 31 (18.34%) Static Application Security Testing
9 29 (17.16%) Identity Access Management
10 28 (16.57%) Dynamic Application Security Testing
11 25 (14.79%) Vulnerability Scanning
12 23 (13.61%) Agile
12 23 (13.61%) DevOps
13 22 (13.02%) Problem-Solving
13 22 (13.02%) Risk Assessment
14 21 (12.43%) SIEM
15 20 (11.83%) Ethical Hacking
16 18 (10.65%) Computer Science
Programming Languages
1 23 (13.61%) Python
2 14 (8.28%) PowerShell
3 9 (5.33%) C++
3 9 (5.33%) Java
3 9 (5.33%) Perl
4 7 (4.14%) SQL
5 6 (3.55%) Kusto Query Language
6 2 (1.18%) Bash
6 2 (1.18%) Bicep
6 2 (1.18%) C#
6 2 (1.18%) T-SQL
7 1 (0.59%) Go
7 1 (0.59%) JavaScript
7 1 (0.59%) Search Processing Language
Qualifications
1 39 (23.08%) CISSP
2 37 (21.89%) Degree
3 23 (13.61%) Security Cleared
4 22 (13.02%) SC Cleared
5 18 (10.65%) CEH
6 15 (8.88%) Computer Science Degree
6 15 (8.88%) OSCP
7 14 (8.28%) CISM
8 12 (7.10%) CREST Certified
9 11 (6.51%) CRISC
9 11 (6.51%) Microsoft Certification
10 9 (5.33%) MCSE
11 8 (4.73%) CompTIA Security+
12 6 (3.55%) ITIL Certification
13 5 (2.96%) AWS Certification
14 4 (2.37%) Azure Certification
14 4 (2.37%) CESG Certified Professional
15 3 (1.78%) (ISC)2 CCSP
15 3 (1.78%) Cisco Certification
15 3 (1.78%) GIAC
Quality Assurance & Compliance
1 40 (23.67%) ISO/IEC 27001
2 35 (20.71%) NIST
3 17 (10.06%) GDPR
4 12 (7.10%) PCI DSS
5 9 (5.33%) HIPAA
5 9 (5.33%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
6 4 (2.37%) Disclosure Scotland
6 4 (2.37%) GRC
6 4 (2.37%) QA
7 3 (1.78%) Actionable Recommendations
8 2 (1.18%) JSP 440
8 2 (1.18%) NCSC
9 1 (0.59%) Data Quality
9 1 (0.59%) Def Stans
9 1 (0.59%) HMG Security Policy Framework
9 1 (0.59%) ISO 9001
9 1 (0.59%) NIST 800
9 1 (0.59%) PMO
9 1 (0.59%) Sarbanes-Oxley
System Software
1 15 (8.88%) Active Directory
2 6 (3.55%) Hyper-V
3 5 (2.96%) vSphere
4 4 (2.37%) VMware Infrastructure
5 2 (1.18%) Docker
5 2 (1.18%) Firmware
6 1 (0.59%) Terminal Services
6 1 (0.59%) VMware ESXi
Systems Management
1 13 (7.69%) Terraform
2 11 (6.51%) Nessus
3 9 (5.33%) SCCM
4 6 (3.55%) Microsoft Intune
5 5 (2.96%) Kubernetes
6 4 (2.37%) Tivoli
7 3 (1.78%) Ansible
7 3 (1.78%) vCenter Server
8 2 (1.18%) CASB
8 2 (1.18%) HP Fortify
8 2 (1.18%) NetBackup
8 2 (1.18%) Oracle RMAN
9 1 (0.59%) Argo
9 1 (0.59%) Nexpose
9 1 (0.59%) Nmap
9 1 (0.59%) OpenVAS
9 1 (0.59%) Single Sign-On
Vendors
1 31 (18.34%) Microsoft
2 18 (10.65%) Google
3 15 (8.88%) Qualys
4 7 (4.14%) Checkmarx
4 7 (4.14%) Veracode
5 6 (3.55%) VMware
6 5 (2.96%) Cisco
6 5 (2.96%) Oracle
7 4 (2.37%) AppDynamics
7 4 (2.37%) F5
7 4 (2.37%) IBM
8 3 (1.78%) CheckPoint
8 3 (1.78%) Splunk
8 3 (1.78%) Tripwire
9 2 (1.18%) CyberArk
9 2 (1.18%) Fortinet
9 2 (1.18%) Remedy
9 2 (1.18%) SAP
9 2 (1.18%) Sophos
9 2 (1.18%) Veritas