Penetration Testing Contract Job Trends

Penetration Testing
UK

The table below provides summary statistics and contractor rates for jobs requiring Penetration Testing skills. It covers contract job vacancies from the 6 months leading up to 5 March 2026, with comparisons to the same periods in the previous two years.

 6 months to
5 Mar 2026		 Same period 2025 Same period 2024
Rank 368 382 354
Rank change year-on-year +14 -28 +115
Contract jobs citing Penetration Testing 252 137 244
As % of all contract jobs in the UK 0.59% 0.45% 0.55%
As % of the Processes & Methodologies category 0.68% 0.50% 0.64%
Number of daily rates quoted 180 81 111
10th Percentile £400 £425 £450
25th Percentile £438 £500 £508
Median daily rate (50th Percentile) £550 £600 £575
Median % change year-on-year -8.33% +4.35% -4.17%
75th Percentile £630 £698 £638
90th Percentile £700 £788 £763
UK excluding London median daily rate £506 £550 £525
% change year-on-year -7.95% +4.76% -8.70%
Number of hourly rates quoted 1 0 0
Median hourly rate £31.86 - -
UK excluding London median hourly rate £31.86 - -

All Process & Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all contract job vacancies requiring process or methodology skills.

Contract vacancies with a requirement for process or methodology skills 36,798 27,287 38,212
As % of all contract IT jobs advertised in the UK 86.45% 90.16% 86.77%
Number of daily rates quoted 23,332 17,120 24,896
10th Percentile £313 £306 £300
25th Percentile £413 £413 £413
Median daily rate (50th Percentile) £500 £525 £525
Median % change year-on-year -4.76% - -4.55%
75th Percentile £613 £638 £638
90th Percentile £725 £738 £738
UK excluding London median daily rate £482 £492 £500
% change year-on-year -2.03% -1.60% -
Number of hourly rates quoted 2,175 894 2,252
10th Percentile £14.64 £15.62 £13.25
25th Percentile £18.25 £21.05 £16.11
Median hourly rate £28.00 £32.50 £32.85
Median % change year-on-year -13.85% -1.05% -6.16%
75th Percentile £63.75 £63.75 £58.75
90th Percentile £73.63 £75.00 £71.90
UK excluding London median hourly rate £25.15 £31.76 £33.28
% change year-on-year -20.81% -4.57% -4.91%

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of contract IT job postings citing Penetration Testing relative to all contract IT jobs advertised.

Penetration Testing job vacancy trend in the UK

Penetration Testing
Daily Rate Trend

Contractor daily rate distribution trend for jobs in the UK citing Penetration Testing.

Contractor daily rate distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Daily Rate Histogram

Daily rate distribution for jobs citing Penetration Testing over the 6 months to 5 March 2026.

Daily rate histogram for Penetration Testing in the UK

Penetration Testing
Hourly Rate Trend

Contractor hourly rate distribution trend for jobs in the UK citing Penetration Testing.

Contractor hourly rate distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Top 16 Contract Job Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 5 March 2026. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Contract
IT Job Ads		 Median
Daily Rate
Past 6 Months		 Median Daily Rate
% Change
on Same Period
Last Year		 Live
Jobs
England +28 228 £538 -14.68% 100
UK excluding London -7 140 £506 -7.95% 84
Work from Home +22 104 £600 - 56
London -25 82 £600 -4.38% 29
South East -13 59 £500 -21.26% 27
North of England -38 29 £615 +29.47% 14
Midlands -37 25 £442 -42.94% 8
South West - 18 £425 - 21
North West -24 16 £619 +17.81% 9
West Midlands -40 16 £550 -29.03% 6
Yorkshire -58 9 £500 - 4
East Midlands - 9 £438 - 2
East of England -23 6 £374 -51.77% 6
North East -7 4 £700 +27.27% 1
Scotland -2 2 £525 -3.23% 6
Northern Ireland - 1 - -

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1 12 (4.76%) Confluence
2 6 (2.38%) SharePoint
3 1 (0.40%) Anypoint
3 1 (0.40%) Mule
3 1 (0.40%) Oracle Application Server
Applications
1 15 (5.95%) Microsoft Office
2 13 (5.16%) Microsoft Excel
2 13 (5.16%) Microsoft PowerPoint
3 4 (1.59%) Microsoft Project
Business Applications
1 5 (1.98%) Oracle EBS
Cloud Services
1 77 (30.56%) Azure
2 72 (28.57%) AWS
3 21 (8.33%) GCP
4 13 (5.16%) Entra ID
5 11 (4.37%) Microsoft 365
6 8 (3.17%) Azure DevOps
7 6 (2.38%) Amazon GuardDuty
7 6 (2.38%) SaaS
8 5 (1.98%) Azure Sentinel
8 5 (1.98%) OCI
9 4 (1.59%) Azure AI
9 4 (1.59%) Cloudflare
9 4 (1.59%) IBM Watson
9 4 (1.59%) Vertex AI
10 3 (1.19%) AWS CloudFormation
10 3 (1.19%) AWS CloudTrail
10 3 (1.19%) AWS KMS
10 3 (1.19%) OpenDNS
11 2 (0.79%) OpenShift
12 1 (0.40%) OneDrive
Communications & Networking
1 44 (17.46%) Firewall
2 27 (10.71%) Network Security
3 18 (7.14%) Wireless
4 9 (3.57%) Wireshark
5 7 (2.78%) HTTP
5 7 (2.78%) TCP/IP
5 7 (2.78%) VPN
6 5 (1.98%) Cisco ASA
6 5 (1.98%) DNS
6 5 (1.98%) Internet
6 5 (1.98%) Intrusion Detection
7 4 (1.59%) BGP
7 4 (1.59%) Cisco IOS
7 4 (1.59%) Intranet
7 4 (1.59%) IPsec
7 4 (1.59%) MPLS
7 4 (1.59%) MQTT
7 4 (1.59%) SD-WAN
7 4 (1.59%) SSL
7 4 (1.59%) TACACS
Database & Business Intelligence
1 3 (1.19%) MongoDB
2 2 (0.79%) Oracle Reports
3 1 (0.40%) Amazon RDS
3 1 (0.40%) DB2
3 1 (0.40%) SQL Server
Development Applications
1 35 (13.89%) Burp Suite
2 32 (12.70%) Metasploit
3 22 (8.73%) JIRA
4 8 (3.17%) Selenium
5 7 (2.78%) GitLab
6 6 (2.38%) sqlmap
7 5 (1.98%) Jenkins
8 3 (1.19%) JMeter
8 3 (1.19%) Postman
9 2 (0.79%) Git
10 1 (0.40%) Cucumber
10 1 (0.40%) Cypress.io
10 1 (0.40%) Gatling
10 1 (0.40%) Maven
10 1 (0.40%) webpack
General
1 105 (41.67%) Social Skills
2 38 (15.08%) Public Sector
3 25 (9.92%) Analytical Skills
4 19 (7.54%) Finance
5 7 (2.78%) Banking
6 5 (1.98%) Aerospace
6 5 (1.98%) Documentation Skills
6 5 (1.98%) Legal
6 5 (1.98%) Presentation Skills
7 4 (1.59%) Manufacturing
7 4 (1.59%) Telecoms
8 3 (1.19%) Inclusion and Diversity
8 3 (1.19%) Law
8 3 (1.19%) Military
9 2 (0.79%) Arabic Language
9 2 (0.79%) Aviation
9 2 (0.79%) Electronics
9 2 (0.79%) Investment Banking
9 2 (0.79%) Marketing
9 2 (0.79%) Organisational Skills
Job Titles
1 92 (36.51%) Penetration Tester
2 91 (36.11%) Tester
3 29 (11.51%) Security Engineer
4 20 (7.94%) Analyst
4 20 (7.94%) Lead
5 17 (6.75%) Senior
6 14 (5.56%) Security Analyst
7 12 (4.76%) Architect
8 11 (4.37%) Consultant
9 10 (3.97%) Security Architect
10 9 (3.57%) Security Officer
10 9 (3.57%) Test Engineer
10 9 (3.57%) Test Manager
11 8 (3.17%) Security Consultant
12 7 (2.78%) Artificial Intelligence Engineer
13 6 (2.38%) Cloud Engineer
13 6 (2.38%) Cybersecurity Architect
13 6 (2.38%) IT Security Officer
13 6 (2.38%) Security Tester
13 6 (2.38%) Solutions Architect
Libraries, Frameworks & Software Standards
1 9 (3.57%) LDAP
2 7 (2.78%) OAuth
2 7 (2.78%) SAML
3 6 (2.38%) LangChain
3 6 (2.38%) PyTorch
3 6 (2.38%) scikit-learn
4 5 (1.98%) ADO
4 5 (1.98%) Node.js
5 4 (1.59%) JWT
5 4 (1.59%) Spring Boot
6 3 (1.19%) .NET
6 3 (1.19%) Jest
6 3 (1.19%) OAuth2
6 3 (1.19%) OpenID
7 2 (0.79%) Flash
7 2 (0.79%) RESTful
7 2 (0.79%) Smart Contracts
7 2 (0.79%) Spring
8 1 (0.40%) REST
8 1 (0.40%) Spring Batch
Miscellaneous
1 56 (22.22%) Security Posture
2 22 (8.73%) Cloud Native
3 19 (7.54%) Management Information System
4 12 (4.76%) Operational Technology
4 12 (4.76%) Security Operations Centre
5 11 (4.37%) Mobile App
6 9 (3.57%) CSOC
7 7 (2.78%) BYOD
7 7 (2.78%) Data Centre
8 6 (2.38%) Cyber Threat
9 5 (1.98%) Cloud Security Posture
9 5 (1.98%) PKI
10 4 (1.59%) Distributed Systems
10 4 (1.59%) Product Ownership
11 3 (1.19%) Cyber Defence
11 3 (1.19%) Data Protection Act
11 3 (1.19%) Onboarding
12 2 (0.79%) Analytical Mindset
12 2 (0.79%) Blockchain
13 1 (0.40%) Legacy Systems
Operating Systems
1 41 (16.27%) Windows
2 35 (13.89%) Linux
3 12 (4.76%) Android
3 12 (4.76%) Kali Linux
4 10 (3.97%) Unix
5 8 (3.17%) Apple iOS
6 4 (1.59%) Ubuntu
Processes & Methodologies
1 114 (45.24%) Cybersecurity
2 56 (22.22%) OWASP
3 50 (19.84%) Test Automation
4 47 (18.65%) Cloud Security
5 45 (17.86%) Security Testing
6 41 (16.27%) Vulnerability Management
7 39 (15.48%) Agile
7 39 (15.48%) Incident Response
7 39 (15.48%) Threat Modelling
8 38 (15.08%) Application Security
9 35 (13.89%) Information Security
10 32 (12.70%) Risk Management
10 32 (12.70%) Validation
11 31 (12.30%) Regulatory Compliance
11 31 (12.30%) Vulnerability Assessment
12 30 (11.90%) Security Operations
13 27 (10.71%) DevSecOps
13 27 (10.71%) Red Team
14 26 (10.32%) CI/CD
14 26 (10.32%) Problem-Solving
Programming Languages
1 37 (14.68%) Python
2 20 (7.94%) Bash
3 17 (6.75%) PowerShell
4 10 (3.97%) Java
5 7 (2.78%) Go
5 7 (2.78%) Kusto Query Language
6 5 (1.98%) SQL
7 4 (1.59%) JavaScript
7 4 (1.59%) PHP
8 3 (1.19%) Bicep
8 3 (1.19%) Swift
9 2 (0.79%) C-shell
9 2 (0.79%) Korn
9 2 (0.79%) Kotlin
9 2 (0.79%) Rust
9 2 (0.79%) Solidity
10 1 (0.40%) Groovy
10 1 (0.40%) PL/SQL
10 1 (0.40%) Scala
10 1 (0.40%) TypeScript
Qualifications
1 101 (40.08%) Security Cleared
2 84 (33.33%) SC Cleared
3 42 (16.67%) CHECK Team Member
4 36 (14.29%) CISSP
5 31 (12.30%) CREST Certified
5 31 (12.30%) Degree
6 30 (11.90%) CHECK Team Leader
7 28 (11.11%) OSCP
8 24 (9.52%) CISM
9 22 (8.73%) DV Cleared
10 20 (7.94%) CEH
10 20 (7.94%) GPEN
11 13 (5.16%) CompTIA Security+
11 13 (5.16%) Cyber Scheme
12 11 (4.37%) Postgraduate
13 9 (3.57%) SANS
14 7 (2.78%) AWS Certification
15 6 (2.38%) SSCP
16 5 (1.98%) CISA
16 5 (1.98%) Microsoft Certification
Quality Assurance & Compliance
1 61 (24.21%) ISO/IEC 27001
2 53 (21.03%) NIST
3 36 (14.29%) GDPR
4 29 (11.51%) PCI DSS
5 28 (11.11%) NCSC
6 16 (6.35%) QA
7 15 (5.95%) PMO
8 11 (4.37%) GRC
8 11 (4.37%) NIST 800
9 9 (3.57%) Cyber Essentials
10 7 (2.78%) Sarbanes-Oxley
11 5 (1.98%) SOC 2
12 4 (1.59%) Cyber Essentials PLUS
13 3 (1.19%) Actionable Recommendations
13 3 (1.19%) EU AI Act
13 3 (1.19%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
13 3 (1.19%) JSP 440
14 1 (0.40%) Accessibility
14 1 (0.40%) Disclosure Scotland
14 1 (0.40%) ISO 9001
System Software
1 19 (7.54%) Active Directory
2 12 (4.76%) Docker
3 7 (2.78%) Snort
4 4 (1.59%) VMware ESXi
4 4 (1.59%) VMware Infrastructure
5 3 (1.19%) Squid
6 1 (0.40%) vSphere
Systems Management
1 34 (13.49%) Kubernetes
2 33 (13.10%) Nmap
3 20 (7.94%) Nessus
4 5 (1.98%) CASB
4 5 (1.98%) CSIRT
4 5 (1.98%) Terraform
5 4 (1.59%) Ansible
5 4 (1.59%) Nexpose
5 4 (1.59%) vCenter Server
6 3 (1.19%) SCOM
6 3 (1.19%) Single Sign-On
6 3 (1.19%) Suricata
7 1 (0.40%) Grafana
7 1 (0.40%) Kibana
7 1 (0.40%) Microsoft Intune
Vendors
1 31 (12.30%) Microsoft
2 16 (6.35%) Splunk
3 12 (4.76%) ServiceNow
4 9 (3.57%) Cisco
4 9 (3.57%) Oracle
5 7 (2.78%) CyberArk
5 7 (2.78%) Google
5 7 (2.78%) Remedy
5 7 (2.78%) Tenable
6 6 (2.38%) SAP
7 5 (1.98%) CrowdStrike
8 4 (1.59%) BiZZdesign
8 4 (1.59%) IBM
8 4 (1.59%) Palo Alto
8 4 (1.59%) Qualys
8 4 (1.59%) VMware
9 3 (1.19%) Blue Coat
9 3 (1.19%) Carbon Black
9 3 (1.19%) Citrix
9 3 (1.19%) FireEye
123 Penetration Testing jobs Nationwide