Penetration Testing Contract Job Trends

Penetration Testing
UK

The table below provides summary statistics and contractor rates for jobs requiring Penetration Testing skills. It covers contract job vacancies from the 6 months leading up to 15 July 2026, with comparisons to the same periods in the previous two years.

6 months to
15 Jul 2026
Same period 2025 Same period 2024
Rank 470 368 375
Rank change year-on-year -102 +7 +88
Contract jobs citing Penetration Testing 181 193 220
As % of all contract jobs in the UK 0.34% 0.59% 0.51%
As % of the Processes & Methodologies category 0.40% 0.66% 0.60%
Number of daily rates quoted 159 125 161
10th Percentile £425 £425 £425
25th Percentile £500 £495 £500
Median daily rate (50th Percentile) £563 £550 £550
Median % change year-on-year +2.27% - -3.51%
75th Percentile £688 £645 £670
90th Percentile £750 £699 £738
UK excluding London median daily rate £563 £520 £538
% change year-on-year +8.17% -3.35% -3.93%
Number of hourly rates quoted 0 2 1
10th Percentile - - -
25th Percentile - £51.25 £81.75
Median hourly rate - £52.50 £83.50
Median % change year-on-year - -37.13% +4.38%
75th Percentile - £53.75 £85.25
90th Percentile - - -
UK excluding London median hourly rate - £52.50 £83.50
% change year-on-year - -37.13% -

All Process & Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all contract job vacancies requiring process or methodology skills.

Contract vacancies with a requirement for process or methodology skills 44,765 29,340 36,482
As % of all contract IT jobs advertised in the UK 85.08% 90.42% 85.34%
Number of daily rates quoted 27,853 18,476 23,295
10th Percentile £325 £300 £304
25th Percentile £418 £405 £413
Median daily rate (50th Percentile) £520 £500 £525
Median % change year-on-year +4.00% -4.76% -4.55%
75th Percentile £624 £625 £638
90th Percentile £725 £738 £750
UK excluding London median daily rate £500 £475 £500
% change year-on-year +5.26% -5.00% -
Number of hourly rates quoted 2,647 1,521 2,449
10th Percentile £14.94 £14.20 £12.79
25th Percentile £20.09 £17.61 £16.25
Median hourly rate £43.96 £25.15 £38.12
Median % change year-on-year +74.79% -34.02% -4.70%
75th Percentile £68.50 £52.50 £61.30
90th Percentile £82.70 £70.00 £72.50
UK excluding London median hourly rate £45.25 £24.64 £38.12
% change year-on-year +83.64% -35.36% -0.99%

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of contract IT job postings citing Penetration Testing relative to all contract IT jobs advertised.

Penetration Testing job vacancy trend in the UK

Penetration Testing
Daily Rate Trend

Contractor daily rate distribution trend for jobs in the UK citing Penetration Testing.

Contractor daily rate distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Daily Rate Histogram

Daily rate distribution for jobs citing Penetration Testing over the 6 months to 15 July 2026.

Daily rate histogram for Penetration Testing in the UK

Penetration Testing
Hourly Rate Trend

Contractor hourly rate distribution trend for jobs in the UK citing Penetration Testing.

Contractor hourly rate distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Top 13 Contract Job Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 15 July 2026. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Past 6 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Jobs
England -126 155 £550 - 135
UK excluding London -88 98 £563 +8.17% 117
Work from Home -56 67 £595 +15.53% 97
London -102 60 £550 - 43
North of England -52 36 £575 -4.72% 24
North West -27 29 £600 -1.96% 10
South East -63 27 £563 -12.11% 35
South West -24 15 £538 +10.26% 18
Midlands -58 14 £700 +86.67% 10
West Midlands -60 9 £750 +81.82% 5
Scotland -16 7 £425 -19.12% 8
Yorkshire -50 7 £500 -5.88% 12
East Midlands -19 5 £442 +17.93% 5

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1 8 (4.42%) Confluence
2 2 (1.10%) SharePoint
3 1 (0.55%) Anypoint
3 1 (0.55%) ArcGIS
3 1 (0.55%) Camunda
3 1 (0.55%) Moodle
3 1 (0.55%) Mule
3 1 (0.55%) Oracle Application Server
3 1 (0.55%) Strapi
Applications
1 9 (4.97%) Microsoft Office
2 3 (1.66%) Microsoft Excel
2 3 (1.66%) Microsoft PowerPoint
3 1 (0.55%) Adobe XD
3 1 (0.55%) Microsoft Project
Business Applications
1 6 (3.31%) Oracle ERP
2 2 (1.10%) Oracle EBS
2 2 (1.10%) SAP GRC
2 2 (1.10%) SAP S/4HANA
3 1 (0.55%) Dynamics GP
3 1 (0.55%) Sparx Enterprise Architect
Cloud Services
1 74 (40.88%) Azure
2 61 (33.70%) AWS
3 14 (7.73%) SaaS
4 12 (6.63%) Microsoft 365
5 11 (6.08%) OCI
6 10 (5.52%) Entra ID
7 8 (4.42%) Azure DevOps
8 7 (3.87%) Amazon GuardDuty
9 6 (3.31%) Azure AI
9 6 (3.31%) GCP
9 6 (3.31%) IBM Watson
9 6 (3.31%) Vertex AI
10 4 (2.21%) GitHub
10 4 (2.21%) Power Platform
11 3 (1.66%) AWS CloudFormation
11 3 (1.66%) AWS CloudTrail
11 3 (1.66%) AWS KMS
11 3 (1.66%) Azure Sentinel
11 3 (1.66%) GitHub Actions
12 2 (1.10%) Akamai
Communications & Networking
1 29 (16.02%) Network Security
2 26 (14.36%) Firewall
3 8 (4.42%) DNS
3 8 (4.42%) HTTP
3 8 (4.42%) VPN
4 6 (3.31%) TCP/IP
5 5 (2.76%) BGP
5 5 (2.76%) SSL
6 4 (2.21%) Cisco ASA
6 4 (2.21%) Cisco IOS
6 4 (2.21%) Intrusion Detection
6 4 (2.21%) MPLS
6 4 (2.21%) TACACS
6 4 (2.21%) Wireless
7 3 (1.66%) IPsec
7 3 (1.66%) MQTT
7 3 (1.66%) Reverse Proxy
7 3 (1.66%) SD-WAN
8 2 (1.10%) Internet
8 2 (1.10%) WAN
Database & Business Intelligence
1 5 (2.76%) Oracle Reports
2 1 (0.55%) GIS
2 1 (0.55%) Power BI
2 1 (0.55%) SAP HANA
2 1 (0.55%) SQL Server
Development Applications
1 16 (8.84%) JIRA
2 6 (3.31%) Burp Suite
3 3 (1.66%) GitLab
4 2 (1.10%) Jenkins
4 2 (1.10%) Metasploit
4 2 (1.10%) Snyk
4 2 (1.10%) SoapUI
5 1 (0.55%) fastlane
5 1 (0.55%) Git
5 1 (0.55%) JMeter
5 1 (0.55%) LoadRunner
5 1 (0.55%) Postman
5 1 (0.55%) Selenium
5 1 (0.55%) Xcode
5 1 (0.55%) XCTest
5 1 (0.55%) XCUITest
General
1 57 (31.49%) Social Skills
2 40 (22.10%) Public Sector
3 19 (10.50%) Finance
4 17 (9.39%) Analytical Skills
5 6 (3.31%) Documentation Skills
6 5 (2.76%) Aerospace
7 4 (2.21%) Organisational Skills
7 4 (2.21%) Retail
8 3 (1.66%) Inclusion and Diversity
8 3 (1.66%) Legal
8 3 (1.66%) Local Government
9 2 (1.10%) Arabic Language
9 2 (1.10%) Banking
10 1 (0.55%) Manufacturing
10 1 (0.55%) Police
10 1 (0.55%) Presentation Skills
Job Titles
1 34 (18.78%) Consultant
2 28 (15.47%) Security Engineer
3 27 (14.92%) Security Consultant
3 27 (14.92%) Tester
4 22 (12.15%) Penetration Tester
5 21 (11.60%) Architect
6 19 (10.50%) Lead
7 17 (9.39%) Security Architect
8 12 (6.63%) Senior
9 11 (6.08%) Analyst
10 8 (4.42%) Solutions Architect
11 7 (3.87%) Security Analyst
12 6 (3.31%) Cloud Engineer
12 6 (3.31%) Cybersecurity Architect
12 6 (3.31%) Security Officer
13 5 (2.76%) Artificial Intelligence Engineer
13 5 (2.76%) Cybersecurity Consultant
13 5 (2.76%) Cybersecurity Engineer
13 5 (2.76%) Security Tester
13 5 (2.76%) Senior Security Engineer
Libraries, Frameworks & Software Standards
1 12 (6.63%) LDAP
2 9 (4.97%) LangChain
2 9 (4.97%) PyTorch
2 9 (4.97%) scikit-learn
3 7 (3.87%) OpenID
4 6 (3.31%) OAuth
4 6 (3.31%) OAuth2
4 6 (3.31%) SAML
5 4 (2.21%) HTML
5 4 (2.21%) REST
6 3 (1.66%) .NET
6 3 (1.66%) ADO
7 2 (1.10%) Node.js
7 2 (1.10%) React
7 2 (1.10%) SAP Fiori
8 1 (0.55%) Jest
8 1 (0.55%) Microsoft Graph
8 1 (0.55%) PySpark
8 1 (0.55%) RAML
8 1 (0.55%) Vue
Miscellaneous
1 45 (24.86%) Security Posture
2 18 (9.94%) Cloud Native
3 15 (8.29%) Management Information System
4 13 (7.18%) Security Operations Centre
5 11 (6.08%) Operational Technology
6 8 (4.42%) Cyber Threat
6 8 (4.42%) Mobile App
6 8 (4.42%) PKI
7 7 (3.87%) BYOD
8 6 (3.31%) Cloud Security Posture
8 6 (3.31%) Data Centre
9 5 (2.76%) CSOC
10 4 (2.21%) Onboarding
11 3 (1.66%) Analytical Mindset
11 3 (1.66%) CESG
11 3 (1.66%) Product Ownership
12 2 (1.10%) Enterprise Cloud
12 2 (1.10%) Hybrid Cloud
12 2 (1.10%) Legacy Systems
12 2 (1.10%) NHS
Operating Systems
1 33 (18.23%) Windows
2 28 (15.47%) Linux
3 6 (3.31%) Unix
4 5 (2.76%) Windows Server
5 4 (2.21%) Ubuntu
6 2 (1.10%) Android
6 2 (1.10%) Apple iOS
6 2 (1.10%) Red Hat Enterprise Linux
7 1 (0.55%) Kali Linux
Processes & Methodologies
1 92 (50.83%) Cybersecurity
2 50 (27.62%) Vulnerability Management
3 45 (24.86%) Cloud Security
4 40 (22.10%) Security Operations
5 39 (21.55%) Application Security
6 38 (20.99%) Security Testing
7 37 (20.44%) Threat Modelling
8 33 (18.23%) CI/CD
8 33 (18.23%) DevSecOps
8 33 (18.23%) Security Architecture
9 32 (17.68%) SIEM
10 31 (17.13%) Agile
10 31 (17.13%) Information Security
11 30 (16.57%) Continuous Improvement
12 29 (16.02%) DevOps
12 29 (16.02%) OWASP
13 28 (15.47%) Incident Response
13 28 (15.47%) SDLC
14 26 (14.36%) Validation
14 26 (14.36%) Vulnerability Assessment
Programming Languages
1 22 (12.15%) Python
2 7 (3.87%) Java
3 6 (3.31%) JavaScript
3 6 (3.31%) Search Processing Language
4 5 (2.76%) Kusto Query Language
4 5 (2.76%) PHP
5 4 (2.21%) Bicep
5 4 (2.21%) SQL
6 3 (1.66%) PowerShell
7 2 (1.10%) Go
8 1 (0.55%) C#
8 1 (0.55%) DataWeave
8 1 (0.55%) Groovy
8 1 (0.55%) PL/SQL
8 1 (0.55%) Swift
8 1 (0.55%) T-SQL
Qualifications
1 57 (31.49%) Security Cleared
2 48 (26.52%) CISSP
3 37 (20.44%) SC Cleared
4 31 (17.13%) DV Cleared
5 26 (14.36%) Degree
6 24 (13.26%) CISM
7 18 (9.94%) CompTIA Security+
8 13 (7.18%) AWS Certification
8 13 (7.18%) CHECK Team Member
9 12 (6.63%) CHECK Team Leader
9 12 (6.63%) OSCP
10 11 (6.08%) Cisco Certification
10 11 (6.08%) CREST Certified
11 10 (5.52%) (ISC)2 CCSP
12 9 (4.97%) CEH
12 9 (4.97%) GIAC
13 8 (4.42%) MCSE
13 8 (4.42%) Microsoft Certification
14 7 (3.87%) BPSS Clearance
14 7 (3.87%) GSEC
Quality Assurance & Compliance
1 41 (22.65%) ISO/IEC 27001
2 39 (21.55%) NIST
3 35 (19.34%) NCSC
4 26 (14.36%) GDPR
5 24 (13.26%) PCI DSS
6 11 (6.08%) Cyber Essentials
6 11 (6.08%) GRC
7 8 (4.42%) Cyber Essentials PLUS
7 8 (4.42%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
8 7 (3.87%) NIST 800
8 7 (3.87%) Sarbanes-Oxley
9 5 (2.76%) QA
10 3 (1.66%) Accessibility
10 3 (1.66%) SLA
10 3 (1.66%) SOC 2
11 2 (1.10%) Def Stans
11 2 (1.10%) Government Security Classifications
11 2 (1.10%) HMG Security Policy Framework
11 2 (1.10%) ISO/IEC 27005
11 2 (1.10%) PMO
System Software
1 14 (7.73%) Active Directory
2 4 (2.21%) Docker
2 4 (2.21%) Snort
2 4 (2.21%) VMware ESXi
2 4 (2.21%) VMware Infrastructure
3 3 (1.66%) Hyper-V
4 2 (1.10%) Virtual Machines
5 1 (0.55%) Virtual Desktop
5 1 (0.55%) vSphere
Systems Management
1 24 (13.26%) Kubernetes
2 7 (3.87%) Nessus
2 7 (3.87%) Single Sign-On
2 7 (3.87%) Terraform
3 6 (3.31%) Microsoft Intune
4 5 (2.76%) CASB
5 4 (2.21%) CSIRT
5 4 (2.21%) vCenter Server
6 3 (1.66%) Active Directory Federation Services
6 3 (1.66%) Nmap
6 3 (1.66%) Oracle Identity Management
6 3 (1.66%) Oracle Identity Manager
6 3 (1.66%) SCCM
6 3 (1.66%) SCOM
Vendors
1 42 (23.20%) Microsoft
2 21 (11.60%) Splunk
3 14 (7.73%) Oracle
4 10 (5.52%) Tenable
5 8 (4.42%) CrowdStrike
6 7 (3.87%) CyberArk
7 6 (3.31%) Cisco
7 6 (3.31%) Google
7 6 (3.31%) IBM
8 5 (2.76%) Remedy
9 4 (2.21%) Qualys
9 4 (2.21%) VMware
10 3 (1.66%) BiZZdesign
10 3 (1.66%) Citrix
10 3 (1.66%) OutSystems
10 3 (1.66%) ServiceNow
11 2 (1.10%) Ivanti
11 2 (1.10%) Palo Alto
11 2 (1.10%) Rapid7
11 2 (1.10%) SAP