Penetration Testing Contract Job Trends

Penetration Testing
UK

The table below provides summary statistics and contractor rates for jobs requiring Penetration Testing skills. It covers contract job vacancies from the 6 months leading up to 13 January 2026, with comparisons to the same periods in the previous two years.

 6 months to
13 Jan 2026		 Same period 2025 Same period 2024
Rank 365 388 333
Rank change year-on-year +23 -55 +164
Contract jobs citing Penetration Testing 221 132 280
As % of all contract jobs in the UK 0.60% 0.42% 0.65%
As % of the Processes & Methodologies category 0.69% 0.47% 0.74%
Number of daily rates quoted 148 81 130
10th Percentile £400 £425 £431
25th Percentile £425 £550 £506
Median daily rate (50th Percentile) £526 £625 £575
Median % change year-on-year -15.82% +8.70% -4.17%
75th Percentile £600 £700 £650
90th Percentile £682 £788 £751
UK excluding London median daily rate £475 £550 £520
% change year-on-year -13.64% +5.77% -13.33%
Number of hourly rates quoted 1 0 0
Median hourly rate £31.86 - -
UK excluding London median hourly rate £31.86 - -

All Process & Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all contract job vacancies requiring process or methodology skills.

Contract vacancies with a requirement for process or methodology skills 32,128 27,808 37,611
As % of all contract IT jobs advertised in the UK 87.80% 88.68% 87.70%
Number of daily rates quoted 20,262 16,883 24,972
10th Percentile £304 £306 £304
25th Percentile £406 £413 £415
Median daily rate (50th Percentile) £500 £525 £525
Median % change year-on-year -4.76% - -4.55%
75th Percentile £613 £638 £650
90th Percentile £720 £743 £740
UK excluding London median daily rate £475 £500 £500
% change year-on-year -5.00% - -
Number of hourly rates quoted 1,977 884 1,589
10th Percentile £14.52 £15.62 £14.17
25th Percentile £17.50 £20.30 £18.16
Median hourly rate £25.15 £31.69 £40.50
Median % change year-on-year -20.64% -21.75% +15.71%
75th Percentile £56.00 £61.50 £65.00
90th Percentile £69.39 £74.66 £76.62
UK excluding London median hourly rate £23.83 £30.00 £43.75
% change year-on-year -20.58% -31.43% +51.38%

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of contract IT job postings citing Penetration Testing relative to all contract IT jobs advertised.

Penetration Testing job vacancy trend in the UK

Penetration Testing
Daily Rate Trend

Contractor daily rate distribution trend for jobs in the UK citing Penetration Testing.

Contractor daily rate distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Daily Rate Histogram

Daily rate distribution for jobs citing Penetration Testing over the 6 months to 13 January 2026.

Daily rate histogram for Penetration Testing in the UK

Penetration Testing
Hourly Rate Trend

Contractor hourly rate distribution trend for jobs in the UK citing Penetration Testing.

Contractor hourly rate distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Top 16 Contract Job Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 13 January 2026. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Contract
IT Job Ads		 Median
Daily Rate
Past 6 Months		 Median Daily Rate
% Change
on Same Period
Last Year		 Live
Jobs
England +17 198 £525 -16.67% 207
UK excluding London +19 109 £475 -13.64% 192
Work from Home +28 95 £575 -8.00% 103
London -14 84 £600 -10.18% 37
South East +22 50 £492 -10.55% 55
North of England -47 21 £515 +3.04% 33
Midlands -30 16 £375 -51.61% 29
West Midlands -23 14 £375 -51.61% 12
South West -10 11 £400 -38.46% 35
North West -22 10 £501 +0.24% 15
Yorkshire -39 7 £500 -9.09% 13
East of England -15 6 £550 -25.42% 26
North East -5 4 £700 +27.27% 5
Northern Ireland - 3 - - 4
Scotland -6 2 - - 6
East Midlands - 2 £369 - 16

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1 12 (5.43%) Confluence
2 5 (2.26%) SharePoint
Applications
1 14 (6.33%) Microsoft Office
2 13 (5.88%) Microsoft Excel
3 12 (5.43%) Microsoft PowerPoint
4 4 (1.81%) Microsoft Project
Business Applications
1 3 (1.36%) Oracle EBS
Cloud Services
1 63 (28.51%) Azure
2 51 (23.08%) AWS
3 24 (10.86%) GCP
4 10 (4.52%) Entra ID
5 8 (3.62%) Azure Sentinel
6 7 (3.17%) Azure DevOps
6 7 (3.17%) Microsoft 365
7 5 (2.26%) Cloudflare
8 4 (1.81%) OpenDNS
9 3 (1.36%) OCI
9 3 (1.36%) SaaS
10 2 (0.90%) Cloud Computing
10 2 (0.90%) OpenShift
10 2 (0.90%) Power Platform
11 1 (0.45%) npm
11 1 (0.45%) Virtual Private Cloud
Communications & Networking
1 38 (17.19%) Firewall
2 17 (7.69%) Wireless
3 16 (7.24%) Network Security
4 9 (4.07%) Wireshark
5 6 (2.71%) Internet
5 6 (2.71%) TCP/IP
6 4 (1.81%) Intranet
7 3 (1.36%) DNS
7 3 (1.36%) HTTP
7 3 (1.36%) Intrusion Detection
7 3 (1.36%) SD-WAN
7 3 (1.36%) SSL
7 3 (1.36%) VPN
7 3 (1.36%) Wi-Fi
8 2 (0.90%) VLAN
9 1 (0.45%) Cisco ASA
9 1 (0.45%) IPsec
9 1 (0.45%) LAN
9 1 (0.45%) MQTT
9 1 (0.45%) NGFW
Database & Business Intelligence
1 3 (1.36%) MongoDB
2 2 (0.90%) Power BI
3 1 (0.45%) Amazon RDS
3 1 (0.45%) DB2
3 1 (0.45%) Oracle Reports
Development Applications
1 34 (15.38%) Burp Suite
2 32 (14.48%) Metasploit
3 21 (9.50%) JIRA
4 7 (3.17%) Selenium
5 6 (2.71%) GitLab
5 6 (2.71%) sqlmap
6 5 (2.26%) Jenkins
7 3 (1.36%) JMeter
7 3 (1.36%) Postman
8 2 (0.90%) Git
9 1 (0.45%) Cucumber
9 1 (0.45%) Cypress.io
9 1 (0.45%) Gatling
9 1 (0.45%) Maven
9 1 (0.45%) webpack
General
1 96 (43.44%) Social Skills
2 27 (12.22%) Analytical Skills
3 25 (11.31%) Public Sector
4 15 (6.79%) Finance
5 7 (3.17%) Banking
6 4 (1.81%) Documentation Skills
6 4 (1.81%) Inclusion and Diversity
6 4 (1.81%) Legal
6 4 (1.81%) Presentation Skills
7 3 (1.36%) Investment Banking
7 3 (1.36%) Law
7 3 (1.36%) Manufacturing
7 3 (1.36%) Military
7 3 (1.36%) Organisational Skills
7 3 (1.36%) Telecoms
8 2 (0.90%) Automotive
8 2 (0.90%) Electronics
8 2 (0.90%) German Language
8 2 (0.90%) Influencing Skills
8 2 (0.90%) Marketing
Job Titles
1 94 (42.53%) Penetration Tester
2 90 (40.72%) Tester
3 22 (9.95%) Analyst
4 17 (7.69%) Lead
5 16 (7.24%) Security Analyst
6 15 (6.79%) Security Engineer
7 10 (4.52%) Senior
8 8 (3.62%) Architect
8 8 (3.62%) Security Officer
8 8 (3.62%) Test Engineer
8 8 (3.62%) Test Manager
9 7 (3.17%) Consultant
9 7 (3.17%) Security Architect
10 6 (2.71%) IT Security Officer
10 6 (2.71%) Security Manager
11 5 (2.26%) Developer
11 5 (2.26%) Vulnerability Manager
12 4 (1.81%) Lead Test Engineer
12 4 (1.81%) Project Manager
12 4 (1.81%) SOC Analyst
Libraries, Frameworks & Software Standards
1 4 (1.81%) ADO
1 4 (1.81%) JWT
1 4 (1.81%) Node.js
1 4 (1.81%) OAuth
1 4 (1.81%) SAML
2 3 (1.36%) .NET
2 3 (1.36%) LDAP
2 3 (1.36%) Spring Boot
3 2 (0.90%) Flash
3 2 (0.90%) Jest
3 2 (0.90%) RESTful
3 2 (0.90%) Smart Contracts
3 2 (0.90%) Spring
4 1 (0.45%) JSON
4 1 (0.45%) Playwright
4 1 (0.45%) React
4 1 (0.45%) Spring Batch
4 1 (0.45%) SwiftUI
4 1 (0.45%) WireMock
Miscellaneous
1 44 (19.91%) Security Posture
2 14 (6.33%) Management Information System
3 13 (5.88%) Mobile App
4 11 (4.98%) Cloud Native
4 11 (4.98%) Cyber Threat
5 9 (4.07%) Operational Technology
5 9 (4.07%) Security Operations Centre
6 5 (2.26%) CSOC
7 4 (1.81%) Distributed Systems
8 3 (1.36%) BYOD
8 3 (1.36%) Cyber Defence
8 3 (1.36%) Data Centre
8 3 (1.36%) Onboarding
8 3 (1.36%) Video Conferencing
9 2 (0.90%) Blockchain
9 2 (0.90%) Cloud Security Posture
9 2 (0.90%) Data Protection Act
9 2 (0.90%) Greenfield Project
10 1 (0.45%) Cyber Kill Chain
10 1 (0.45%) Product Ownership
Operating Systems
1 34 (15.38%) Windows
2 26 (11.76%) Linux
3 14 (6.33%) Android
4 12 (5.43%) Kali Linux
5 8 (3.62%) Apple iOS
5 8 (3.62%) Unix
6 1 (0.45%) Mac OS X
6 1 (0.45%) VMS
6 1 (0.45%) Windows Server
Processes & Methodologies
1 99 (44.80%) Cybersecurity
2 45 (20.36%) OWASP
3 41 (18.55%) Test Automation
4 39 (17.65%) Incident Response
5 37 (16.74%) Cloud Security
6 35 (15.84%) Vulnerability Management
7 31 (14.03%) Application Security
7 31 (14.03%) Threat Modelling
7 31 (14.03%) Vulnerability Assessment
8 30 (13.57%) Agile
9 29 (13.12%) Information Security
10 28 (12.67%) Security Testing
11 27 (12.22%) Regulatory Compliance
12 25 (11.31%) Problem-Solving
13 24 (10.86%) Security Operations
14 23 (10.41%) Red Team
14 23 (10.41%) Risk Management
15 22 (9.95%) MITRE ATT&CK
16 18 (8.14%) CI/CD
16 18 (8.14%) DevSecOps
Programming Languages
1 28 (12.67%) Python
2 21 (9.50%) Bash
3 18 (8.14%) PowerShell
4 8 (3.62%) Java
5 7 (3.17%) Go
6 4 (1.81%) Kusto Query Language
7 3 (1.36%) SQL
7 3 (1.36%) Swift
8 2 (0.90%) C-shell
8 2 (0.90%) JavaScript
8 2 (0.90%) Korn
8 2 (0.90%) Kotlin
8 2 (0.90%) Rust
8 2 (0.90%) Solidity
9 1 (0.45%) Scala
9 1 (0.45%) Shell Script
9 1 (0.45%) TypeScript
Qualifications
1 98 (44.34%) Security Cleared
2 86 (38.91%) SC Cleared
3 46 (20.81%) CHECK Team Member
4 35 (15.84%) CHECK Team Leader
5 29 (13.12%) OSCP
6 28 (12.67%) CISSP
6 28 (12.67%) CREST Certified
7 25 (11.31%) Degree
8 21 (9.50%) CEH
9 20 (9.05%) GPEN
10 19 (8.60%) CISM
11 12 (5.43%) Cyber Scheme
12 10 (4.52%) DV Cleared
12 10 (4.52%) Postgraduate
13 8 (3.62%) SANS
14 7 (3.17%) CompTIA Security+
15 6 (2.71%) Cisco Certification
16 5 (2.26%) OSCE
17 4 (1.81%) GWAPT
17 4 (1.81%) PMP
Quality Assurance & Compliance
1 52 (23.53%) ISO/IEC 27001
2 41 (18.55%) NIST
3 32 (14.48%) GDPR
4 23 (10.41%) PCI DSS
5 18 (8.14%) NCSC
6 16 (7.24%) QA
7 13 (5.88%) PMO
8 7 (3.17%) NIST 800
9 5 (2.26%) Cyber Essentials
10 4 (1.81%) Actionable Recommendations
10 4 (1.81%) GRC
11 3 (1.36%) California Consumer Privacy Act
11 3 (1.36%) EU AI Act
11 3 (1.36%) JSP 440
11 3 (1.36%) Sarbanes-Oxley
12 2 (0.90%) ISO 9001
12 2 (0.90%) SOC 2
13 1 (0.45%) Accessibility
13 1 (0.45%) Cyber Essentials PLUS
13 1 (0.45%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
System Software
1 18 (8.14%) Active Directory
2 11 (4.98%) Docker
3 5 (2.26%) Snort
4 4 (1.81%) Squid
5 1 (0.45%) Virtual Machines
Systems Management
1 31 (14.03%) Nmap
2 24 (10.86%) Kubernetes
3 22 (9.95%) Nessus
4 5 (2.26%) Nexpose
5 4 (1.81%) Ansible
5 4 (1.81%) Suricata
6 2 (0.90%) CASB
6 2 (0.90%) Microsoft Intune
6 2 (0.90%) Terraform
7 1 (0.45%) CSIRT
7 1 (0.45%) Grafana
7 1 (0.45%) Kibana
7 1 (0.45%) QRadar
Vendors
1 21 (9.50%) Microsoft
2 12 (5.43%) Qualys
2 12 (5.43%) ServiceNow
3 9 (4.07%) Splunk
4 8 (3.62%) CrowdStrike
5 6 (2.71%) Cisco
5 6 (2.71%) Google
5 6 (2.71%) Oracle
5 6 (2.71%) Palo Alto
5 6 (2.71%) SAP
5 6 (2.71%) Tenable
6 5 (2.26%) CyberArk
6 5 (2.26%) Zscaler
7 4 (1.81%) Blue Coat
7 4 (1.81%) Carbon Black
7 4 (1.81%) FireEye
7 4 (1.81%) Remedy
7 4 (1.81%) Tanium
8 2 (0.90%) CheckPoint
8 2 (0.90%) VMware
230 Penetration Testing jobs Nationwide