Penetration Testing Contracts

Penetration Testing
UK

The table below provides summary statistics for contract job vacancies requiring Penetration Testing skills. It includes a benchmarking guide to the contractor rates offered in vacancies that cited Penetration Testing over the 6 months leading up to 3 April 2025, comparing them to the same period in the previous two years.

6 months to
3 Apr 2025
Same period 2024 Same period 2023
Rank 374 329 469
Rank change year-on-year -45 +140 +84
Contract jobs citing Penetration Testing 150 270 262
As % of all contract jobs advertised in the UK 0.52% 0.61% 0.42%
As % of the Processes & Methodologies category 0.57% 0.71% 0.47%
Number of daily rates quoted 85 141 161
10th Percentile £425 £425 £450
25th Percentile £493 £508 £488
Median daily rate (50th Percentile) £550 £600 £588
Median % change year-on-year -8.33% +2.13% +2.17%
75th Percentile £688 £675 £700
90th Percentile £788 £750 £798
UK excluding London median daily rate £550 £535 £550
% change year-on-year +2.80% -2.73% -4.35%
Number of hourly rates quoted 2 1 2
10th Percentile - - £81.38
25th Percentile £51.25 £81.75 £83.44
Median hourly rate £52.50 £83.50 £88.75
Median % change year-on-year -37.13% -5.92% +136.67%
75th Percentile £53.75 £85.25 £95.94
90th Percentile - - £99.13
UK excluding London median hourly rate £52.50 £83.50 £97.50
% change year-on-year -37.13% -14.36% +160.00%

All Process and Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all contract job vacancies requiring process or methodology skills.

Contract vacancies with a requirement for process or methodology skills 26,313 38,138 56,152
As % of all contract IT jobs advertised in the UK 90.46% 86.38% 89.84%
Number of daily rates quoted 17,072 24,749 38,917
10th Percentile £308 £300 £325
25th Percentile £413 £413 £438
Median daily rate (50th Percentile) £525 £525 £550
Median % change year-on-year - -4.55% +4.76%
75th Percentile £635 £638 £650
90th Percentile £738 £750 £750
UK excluding London median daily rate £488 £500 £500
% change year-on-year -2.50% - +5.26%
Number of hourly rates quoted 970 2,343 1,826
10th Percentile £15.00 £12.76 £11.25
25th Percentile £20.03 £15.87 £16.28
Median hourly rate £31.58 £32.50 £36.28
Median % change year-on-year -2.83% -10.41% +46.25%
75th Percentile £63.75 £57.50 £65.00
90th Percentile £76.25 £70.39 £73.75
UK excluding London median hourly rate £30.40 £31.65 £36.00
% change year-on-year -3.95% -12.08% +81.27%

Penetration Testing
Job Vacancy Trend

Job postings citing Penetration Testing as a proportion of all IT jobs advertised.

Job vacancy trend for Penetration Testing in the UK

Penetration Testing
Contractor Daily Rate Trend

3-month moving average daily rate quoted in jobs citing Penetration Testing.

Daily rate trend for Penetration Testing in the UK

Penetration Testing
Daily Rate Histogram

Daily rate distribution for jobs citing Penetration Testing over the 6 months to 3 April 2025.

Daily rate histogram for Penetration Testing in the UK

Penetration Testing
Contractor Hourly Rate Trend

3-month moving average hourly rates quoted in jobs citing Penetration Testing.

Hourly rate trend for Penetration Testing in the UK

Penetration Testing
Top 15 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 3 April 2025. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Past 6 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Jobs
England -26 118 £613 +2.08% 296
London +21 62 £575 -4.17% 202
UK excluding London -36 62 £550 +2.80% 119
Work from Home -29 61 £600 - 177
South East +13 30 £635 +19.81% 34
Scotland +13 16 £535 +3.88% 11
North of England +4 7 £475 -27.48% 29
Midlands +16 5 £613 +16.67% 11
West Midlands +15 5 £613 -3.92% 10
North West -3 4 £525 -21.17% 21
East of England +27 3 £775 +10.71% 3
Wales +7 2 £650 +79.31% 2
South West +16 1 - - 19
Yorkshire +11 1 - - 5
North East -5 1 £550 -12.00% 3

Penetration Testing
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 8 (5.33%) SharePoint
2 2 (1.33%) SAS
2 2 (1.33%) TPMS
Business Applications
1 4 (2.67%) Unit4 Business World
2 2 (1.33%) NetSuite
3 1 (0.67%) Dynamics CRM
3 1 (0.67%) Dynamics GP
Cloud Services
1 64 (42.67%) Azure
2 19 (12.67%) Microsoft 365
3 18 (12.00%) AWS
3 18 (12.00%) SaaS
4 14 (9.33%) IaaS
5 12 (8.00%) PaaS
6 11 (7.33%) Entra ID
7 10 (6.67%) Power Platform
8 9 (6.00%) Cloud Computing
9 7 (4.67%) Amazon S3
9 7 (4.67%) OneDrive
9 7 (4.67%) OpenShift
10 5 (3.33%) Azure DevOps
10 5 (3.33%) Azure Sentinel
10 5 (3.33%) GCP
11 3 (2.00%) Serverless
12 2 (1.33%) Amazon GuardDuty
12 2 (1.33%) Amazon Macie
12 2 (1.33%) AWS KMS
12 2 (1.33%) Cohesity
Communications & Networking
1 25 (16.67%) Network Security
2 24 (16.00%) Firewall
3 11 (7.33%) VPN
4 7 (4.67%) Internet
4 7 (4.67%) NAS
4 7 (4.67%) SAN
5 2 (1.33%) Intrusion Detection
5 2 (1.33%) LAN
5 2 (1.33%) WAN
6 1 (0.67%) Cisco ISE
6 1 (0.67%) SSL
6 1 (0.67%) Wireless
6 1 (0.67%) Wireshark
Database & Business Intelligence
1 8 (5.33%) Power BI
2 3 (2.00%) Oracle Reports
Development Applications
1 9 (6.00%) MSI
2 8 (5.33%) Jenkins
3 7 (4.67%) Git
4 6 (4.00%) Burp Suite
4 6 (4.00%) Metasploit
5 1 (0.67%) GitLab
5 1 (0.67%) JIRA
5 1 (0.67%) Snyk
5 1 (0.67%) SonarQube
General
1 52 (34.67%) Social Skills
2 29 (19.33%) Finance
3 27 (18.00%) Analytical Skills
4 14 (9.33%) Legal
5 10 (6.67%) Public Sector
6 6 (4.00%) Retail
7 5 (3.33%) Military
8 2 (1.33%) Aerospace
8 2 (1.33%) Banking
8 2 (1.33%) Documentation Skills
8 2 (1.33%) Financial Institution
8 2 (1.33%) French Language
8 2 (1.33%) Inclusion and Diversity
9 1 (0.67%) Automotive
9 1 (0.67%) Law
9 1 (0.67%) Manufacturing
9 1 (0.67%) Retail Banking
9 1 (0.67%) Telecoms
Job Titles
1 28 (18.67%) Senior
2 22 (14.67%) Tester
3 18 (12.00%) Penetration Tester
4 16 (10.67%) Architect
5 15 (10.00%) Lead
6 11 (7.33%) Security Architect
6 11 (7.33%) Security Manager
7 10 (6.67%) Consultant
7 10 (6.67%) IT Manager
7 10 (6.67%) Security Engineer
8 9 (6.00%) Security Consultant
9 8 (5.33%) IT Services Manager
9 8 (5.33%) Senior Manager
9 8 (5.33%) Service Manager
10 7 (4.67%) Security Specialist
10 7 (4.67%) Technical Architect
11 6 (4.00%) Auditor
11 6 (4.00%) Senior IT Manager
11 6 (4.00%) Senior Tester
11 6 (4.00%) Solutions Architect
Libraries, Frameworks & Software Standards
1 5 (3.33%) CSS
1 5 (3.33%) HTML
2 1 (0.67%) .NET
2 1 (0.67%) ARM Templates
2 1 (0.67%) EDI
2 1 (0.67%) OAuth
2 1 (0.67%) React
Miscellaneous
1 16 (10.67%) Security Posture
2 14 (9.33%) Cloud Native
3 12 (8.00%) Operational Technology
4 10 (6.67%) Management Information System
5 8 (5.33%) Cyber Threat
6 7 (4.67%) Video Conferencing
7 6 (4.00%) Cyber Defence
7 6 (4.00%) Cyber Kill Chain
7 6 (4.00%) Onboarding
7 6 (4.00%) Public Cloud
8 5 (3.33%) Embedded Systems
8 5 (3.33%) Mobile App
8 5 (3.33%) PKI
8 5 (3.33%) Private Cloud
9 3 (2.00%) Analytical Mindset
9 3 (2.00%) Data Protection Act
9 3 (2.00%) Self-Motivation
10 2 (1.33%) IoT
11 1 (0.67%) Data Centre
11 1 (0.67%) Enterprise Software
Operating Systems
1 24 (16.00%) Windows
2 10 (6.67%) Unix
2 10 (6.67%) Windows Server
3 8 (5.33%) Linux
4 2 (1.33%) Android
4 2 (1.33%) FreeRTOS
4 2 (1.33%) Kali Linux
4 2 (1.33%) Windows 10
4 2 (1.33%) Windows 7
4 2 (1.33%) Windows Server 2016
4 2 (1.33%) Windows Server 2019
Processes & Methodologies
1 58 (38.67%) Cybersecurity
2 36 (24.00%) Cloud Security
3 33 (22.00%) Information Security
4 32 (21.33%) Security Testing
5 29 (19.33%) Vulnerability Management
6 21 (14.00%) Agile
6 21 (14.00%) Data Protection
6 21 (14.00%) DevOps
6 21 (14.00%) Threat Modelling
7 20 (13.33%) Problem-Solving
8 19 (12.67%) Ethical Hacking
8 19 (12.67%) Incident Response
9 18 (12.00%) DevSecOps
10 17 (11.33%) Application Security
10 17 (11.33%) CI/CD
10 17 (11.33%) Computer Science
10 17 (11.33%) Risk Management
10 17 (11.33%) SIEM
10 17 (11.33%) Vulnerability Remediation
11 16 (10.67%) Cryptography
Programming Languages
1 22 (14.67%) Python
2 7 (4.67%) Ruby
3 6 (4.00%) C
3 6 (4.00%) C++
3 6 (4.00%) PowerShell
4 5 (3.33%) JavaScript
4 5 (3.33%) PHP
4 5 (3.33%) SQL
5 4 (2.67%) Bash
5 4 (2.67%) Java
5 4 (2.67%) Rust
6 2 (1.33%) Assembly Language
6 2 (1.33%) Embedded C
6 2 (1.33%) Embedded C++
7 1 (0.67%) C#
7 1 (0.67%) TypeScript
Qualifications
1 36 (24.00%) Security Cleared
2 35 (23.33%) SC Cleared
3 25 (16.67%) Degree
4 24 (16.00%) CISSP
5 19 (12.67%) CEH
6 17 (11.33%) OSCP
7 13 (8.67%) Cisco Certification
7 13 (8.67%) CISM
8 12 (8.00%) CREST Certified
9 11 (7.33%) (ISC)2 CCSP
10 10 (6.67%) CCSP
10 10 (6.67%) Computer Science Degree
11 9 (6.00%) GIAC
12 8 (5.33%) CompTIA Security+
12 8 (5.33%) GPEN
13 7 (4.67%) GWAPT
14 6 (4.00%) CISA
14 6 (4.00%) OSCE
15 5 (3.33%) CCSAS
15 5 (3.33%) Master's Degree
Quality Assurance & Compliance
1 28 (18.67%) ISO/IEC 27001
2 27 (18.00%) NIST
3 8 (5.33%) GDPR
3 8 (5.33%) NCSC
4 7 (4.67%) PCI DSS
5 5 (3.33%) HIPAA
5 5 (3.33%) SLA
6 4 (2.67%) NIST 800
7 3 (2.00%) Disclosure Scotland
7 3 (2.00%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
7 3 (2.00%) QA
8 2 (1.33%) Actionable Recommendations
8 2 (1.33%) GRC
9 1 (0.67%) California Consumer Privacy Act
9 1 (0.67%) Cyber Essentials
System Software
1 5 (3.33%) Active Directory
2 2 (1.33%) Docker
2 2 (1.33%) Embedded Firmware
2 2 (1.33%) Firmware
3 1 (0.67%) Hyper-V
3 1 (0.67%) Virtual Machines
Systems Management
1 15 (10.00%) Microsoft Intune
2 11 (7.33%) Kubernetes
3 8 (5.33%) Nessus
4 7 (4.67%) NetBackup
4 7 (4.67%) Oracle RMAN
5 3 (2.00%) CASB
5 3 (2.00%) SCCM
5 3 (2.00%) Terraform
6 2 (1.33%) Nmap
6 2 (1.33%) WSUS
7 1 (0.67%) Ansible
7 1 (0.67%) Computer Emergency Response Teams
7 1 (0.67%) CSIRT
7 1 (0.67%) HP Fortify
Vendors
1 33 (22.00%) Microsoft
2 7 (4.67%) Oracle
2 7 (4.67%) Veritas
3 6 (4.00%) SAP
4 5 (3.33%) Qualys
5 4 (2.67%) Splunk
6 3 (2.00%) Tenable
7 2 (1.33%) Ariba
7 2 (1.33%) Google
7 2 (1.33%) TOWER Software
7 2 (1.33%) Tripwire
7 2 (1.33%) Workday
8 1 (0.67%) Apple
8 1 (0.67%) BT
8 1 (0.67%) Cisco
8 1 (0.67%) CyberArk
8 1 (0.67%) Samsung