Penetration Testing Contracts

Penetration Testing
UK

The table below provides summary statistics for contract job vacancies requiring Penetration Testing skills. It includes a benchmarking guide to the contractor rates offered in vacancies that cited Penetration Testing over the 6 months leading up to 30 April 2025, comparing them to the same period in the previous two years.

6 months to
30 Apr 2025		 Same period 2024 Same period 2023
Rank 370 360 466
Rank change year-on-year -10 +106 +90
Contract jobs citing Penetration Testing 151 250 251
As % of all contract jobs advertised in the UK 0.52% 0.57% 0.42%
As % of the Processes & Methodologies category 0.57% 0.66% 0.47%
Number of daily rates quoted 88 155 156
10th Percentile £434 £425 £450
25th Percentile £495 £506 £500
Median daily rate (50th Percentile) £550 £588 £600
Median % change year-on-year -6.38% -2.08% +4.35%
75th Percentile £699 £675 £700
90th Percentile £788 £750 £799
UK excluding London median daily rate £550 £537 £560
% change year-on-year +2.52% -4.20% -3.24%
Number of hourly rates quoted 2 1 1
10th Percentile - - -
25th Percentile £51.25 £81.75 -
Median hourly rate £52.50 £83.50 £80.00
Median % change year-on-year -37.13% +4.38% -
75th Percentile £53.75 £85.25 -
90th Percentile - - -
UK excluding London median hourly rate £52.50 £83.50 -
% change year-on-year -37.13% - -

All Process and Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all contract job vacancies requiring process or methodology skills.

Contract vacancies with a requirement for process or methodology skills 26,551 37,621 53,662
As % of all contract IT jobs advertised in the UK 90.82% 86.30% 89.91%
Number of daily rates quoted 17,137 24,254 37,244
10th Percentile £308 £300 £325
25th Percentile £413 £413 £438
Median daily rate (50th Percentile) £521 £525 £550
Median % change year-on-year -0.86% -4.55% +4.76%
75th Percentile £630 £638 £650
90th Percentile £744 £750 £750
UK excluding London median daily rate £481 £500 £500
% change year-on-year -3.80% - +5.26%
Number of hourly rates quoted 1,071 2,437 1,746
10th Percentile £14.70 £12.75 £11.00
25th Percentile £18.50 £16.00 £16.25
Median hourly rate £29.00 £35.50 £37.30
Median % change year-on-year -18.31% -4.83% +49.20%
75th Percentile £62.00 £59.95 £65.00
90th Percentile £75.00 £72.50 £75.00
UK excluding London median hourly rate £27.94 £36.50 £36.00
% change year-on-year -23.45% +1.39% +80.00%

Penetration Testing
Job Vacancy Trend

Job postings citing Penetration Testing as a proportion of all IT jobs advertised.

Job vacancy trend for Penetration Testing in the UK

Penetration Testing
Contractor Daily Rate Trend

3-month moving average daily rate quoted in jobs citing Penetration Testing.

Daily rate trend for Penetration Testing in the UK

Penetration Testing
Daily Rate Histogram

Daily rate distribution for jobs citing Penetration Testing over the 6 months to 30 April 2025.

Daily rate histogram for Penetration Testing in the UK

Penetration Testing
Contractor Hourly Rate Trend

3-month moving average hourly rates quoted in jobs citing Penetration Testing.

Hourly rate trend for Penetration Testing in the UK

Penetration Testing
Top 15 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 30 April 2025. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Contract
IT Job Ads		 Median
Daily Rate
Past 6 Months		 Median Daily Rate
% Change
on Same Period
Last Year		 Live
Jobs
England -28 115 £606 +2.75% 211
UK excluding London +1 64 £550 +2.52% 145
Work from Home +1 64 £600 - 179
London -5 61 £600 +1.69% 101
South East +30 26 £658 +24.06% 25
Scotland +11 19 £535 +3.88% 16
North of England +12 9 £496 -23.69% 42
Midlands +19 6 £569 +3.41% 12
West Midlands +15 6 £569 -12.50% 9
North West -2 6 £496 -25.53% 31
East of England +28 3 £775 +10.71% 4
Wales +6 2 £650 +79.31% 6
South West +24 1 - - 25
Yorkshire +12 1 - - 11
North East -1 1 £550 -12.00%

Penetration Testing
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 8 (5.30%) SharePoint
2 2 (1.32%) SAS
2 2 (1.32%) TPMS
Business Applications
1 4 (2.65%) Unit4 Business World
2 2 (1.32%) NetSuite
3 1 (0.66%) Dynamics GP
Cloud Services
1 71 (47.02%) Azure
2 22 (14.57%) AWS
3 18 (11.92%) Microsoft 365
3 18 (11.92%) SaaS
4 14 (9.27%) IaaS
5 12 (7.95%) PaaS
6 11 (7.28%) Entra ID
7 9 (5.96%) Cloud Computing
7 9 (5.96%) GCP
7 9 (5.96%) Power Platform
8 7 (4.64%) Amazon S3
8 7 (4.64%) Azure Sentinel
8 7 (4.64%) OneDrive
8 7 (4.64%) OpenShift
9 6 (3.97%) Azure DevOps
10 3 (1.99%) GitHub
10 3 (1.99%) Serverless
11 2 (1.32%) Amazon CloudWatch
11 2 (1.32%) AWS CloudTrail
11 2 (1.32%) AWS KMS
Communications & Networking
1 30 (19.87%) Network Security
2 25 (16.56%) Firewall
3 11 (7.28%) VPN
4 7 (4.64%) Internet
4 7 (4.64%) NAS
4 7 (4.64%) SAN
5 3 (1.99%) HTTP
6 2 (1.32%) Intrusion Detection
6 2 (1.32%) LAN
6 2 (1.32%) WAN
7 1 (0.66%) Cisco ISE
7 1 (0.66%) SSL
7 1 (0.66%) Wireless
7 1 (0.66%) Wireshark
Database & Business Intelligence
1 7 (4.64%) Power BI
2 3 (1.99%) Oracle Reports
Development Applications
1 9 (5.96%) Jenkins
2 8 (5.30%) MSI
3 7 (4.64%) Git
4 5 (3.31%) Burp Suite
4 5 (3.31%) Metasploit
5 4 (2.65%) GitLab
6 1 (0.66%) Cucumber
6 1 (0.66%) Cypress.io
6 1 (0.66%) Gatling
6 1 (0.66%) JIRA
6 1 (0.66%) JMeter
6 1 (0.66%) REST Assured
6 1 (0.66%) Selenium
6 1 (0.66%) Snyk
6 1 (0.66%) SonarQube
6 1 (0.66%) SpecFlow
General
1 53 (35.10%) Social Skills
2 32 (21.19%) Finance
3 26 (17.22%) Analytical Skills
4 15 (9.93%) Legal
5 11 (7.28%) Public Sector
6 6 (3.97%) Banking
6 6 (3.97%) Retail
7 4 (2.65%) Financial Institution
7 4 (2.65%) Military
7 4 (2.65%) Retail Banking
8 2 (1.32%) Aerospace
8 2 (1.32%) Documentation Skills
8 2 (1.32%) French Language
8 2 (1.32%) Law
9 1 (0.66%) Automotive
9 1 (0.66%) Inclusion and Diversity
9 1 (0.66%) Manufacturing
9 1 (0.66%) Police
9 1 (0.66%) Telecoms
Job Titles
1 28 (18.54%) Senior
2 20 (13.25%) Tester
3 17 (11.26%) Architect
4 16 (10.60%) Penetration Tester
5 15 (9.93%) Security Engineer
6 13 (8.61%) Lead
7 12 (7.95%) Security Architect
7 12 (7.95%) Security Manager
8 10 (6.62%) IT Manager
9 8 (5.30%) Consultant
9 8 (5.30%) IT Services Manager
9 8 (5.30%) Security Specialist
9 8 (5.30%) Senior Manager
9 8 (5.30%) Service Manager
10 7 (4.64%) Security Consultant
10 7 (4.64%) Technical Architect
11 6 (3.97%) Auditor
11 6 (3.97%) Senior IT Manager
11 6 (3.97%) Senior Tester
11 6 (3.97%) Solutions Architect
Libraries, Frameworks & Software Standards
1 5 (3.31%) CSS
1 5 (3.31%) HTML
2 1 (0.66%) .NET
2 1 (0.66%) ARM Templates
2 1 (0.66%) EDI
2 1 (0.66%) OAuth
2 1 (0.66%) Playwright
2 1 (0.66%) React
2 1 (0.66%) REST
Miscellaneous
1 21 (13.91%) Security Posture
2 14 (9.27%) Cloud Native
3 12 (7.95%) Management Information System
4 11 (7.28%) Cyber Threat
5 8 (5.30%) Operational Technology
5 8 (5.30%) PKI
6 7 (4.64%) Video Conferencing
7 6 (3.97%) Cyber Defence
7 6 (3.97%) Cyber Kill Chain
7 6 (3.97%) Public Cloud
8 5 (3.31%) Embedded Systems
8 5 (3.31%) Mobile App
8 5 (3.31%) Private Cloud
9 4 (2.65%) Onboarding
10 3 (1.99%) Data Centre
10 3 (1.99%) Data Protection Act
10 3 (1.99%) Self-Motivation
11 2 (1.32%) IoT
11 2 (1.32%) Legacy Systems
12 1 (0.66%) Enterprise Software
Operating Systems
1 25 (16.56%) Windows
2 12 (7.95%) Unix
3 11 (7.28%) Windows Server
4 8 (5.30%) Linux
5 2 (1.32%) Android
5 2 (1.32%) FreeRTOS
5 2 (1.32%) Kali Linux
5 2 (1.32%) Windows Server 2016
5 2 (1.32%) Windows Server 2019
6 1 (0.66%) Windows 10
6 1 (0.66%) Windows 7
Processes & Methodologies
1 59 (39.07%) Cybersecurity
2 46 (30.46%) Cloud Security
3 34 (22.52%) Information Security
3 34 (22.52%) Vulnerability Management
4 32 (21.19%) Security Testing
5 25 (16.56%) Threat Modelling
6 22 (14.57%) DevSecOps
6 22 (14.57%) Problem-Solving
7 21 (13.91%) Agile
7 21 (13.91%) DevOps
7 21 (13.91%) Risk Management
8 20 (13.25%) CI/CD
8 20 (13.25%) Data Protection
8 20 (13.25%) Security Operations
9 19 (12.58%) Incident Response
9 19 (12.58%) SIEM
9 19 (12.58%) Vulnerability Remediation
9 19 (12.58%) Vulnerability Scanning
10 18 (11.92%) Computer Science
11 16 (10.60%) Ethical Hacking
Programming Languages
1 23 (15.23%) Python
2 8 (5.30%) Java
2 8 (5.30%) JavaScript
3 7 (4.64%) C++
3 7 (4.64%) Ruby
4 6 (3.97%) C
4 6 (3.97%) PowerShell
4 6 (3.97%) SQL
5 5 (3.31%) PHP
6 4 (2.65%) Rust
7 3 (1.99%) Bash
8 2 (1.32%) Assembly Language
8 2 (1.32%) Embedded C
8 2 (1.32%) Embedded C++
9 1 (0.66%) C#
9 1 (0.66%) Perl
9 1 (0.66%) TypeScript
Qualifications
1 34 (22.52%) Security Cleared
2 33 (21.85%) SC Cleared
3 30 (19.87%) CISSP
4 29 (19.21%) Degree
5 21 (13.91%) CEH
6 17 (11.26%) OSCP
7 14 (9.27%) Cisco Certification
7 14 (9.27%) CISM
8 12 (7.95%) (ISC)2 CCSP
9 11 (7.28%) CCSP
10 10 (6.62%) Computer Science Degree
10 10 (6.62%) CREST Certified
11 8 (5.30%) CompTIA Security+
11 8 (5.30%) GCIH
11 8 (5.30%) GIAC
12 7 (4.64%) GPEN
12 7 (4.64%) GWAPT
13 5 (3.31%) CCSAS
13 5 (3.31%) Master's Degree
13 5 (3.31%) OSCE
Quality Assurance & Compliance
1 33 (21.85%) ISO/IEC 27001
2 31 (20.53%) NIST
3 11 (7.28%) SLA
4 10 (6.62%) GDPR
5 9 (5.96%) PCI DSS
6 8 (5.30%) NCSC
7 6 (3.97%) HIPAA
8 4 (2.65%) QA
9 3 (1.99%) Disclosure Scotland
9 3 (1.99%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
9 3 (1.99%) NIST 800
10 2 (1.32%) California Consumer Privacy Act
10 2 (1.32%) GRC
11 1 (0.66%) Actionable Recommendations
11 1 (0.66%) Cyber Essentials
11 1 (0.66%) EU AI Act
11 1 (0.66%) Sarbanes-Oxley
System Software
1 4 (2.65%) Active Directory
2 2 (1.32%) Docker
2 2 (1.32%) Embedded Firmware
2 2 (1.32%) Firmware
3 1 (0.66%) Hyper-V
3 1 (0.66%) Virtual Machines
Systems Management
1 15 (9.93%) Microsoft Intune
2 11 (7.28%) Kubernetes
3 7 (4.64%) Nessus
3 7 (4.64%) NetBackup
3 7 (4.64%) Oracle RMAN
4 3 (1.99%) CASB
4 3 (1.99%) Progress Chef
4 3 (1.99%) Terraform
5 2 (1.32%) SCCM
5 2 (1.32%) WSUS
6 1 (0.66%) Ansible
6 1 (0.66%) Computer Emergency Response Teams
6 1 (0.66%) CSIRT
6 1 (0.66%) HP Fortify
6 1 (0.66%) Nmap
Vendors
1 37 (24.50%) Microsoft
2 7 (4.64%) Oracle
2 7 (4.64%) Veritas
3 6 (3.97%) Qualys
3 6 (3.97%) SAP
4 3 (1.99%) ForgeRock
4 3 (1.99%) Google
4 3 (1.99%) Tenable
5 2 (1.32%) Ariba
5 2 (1.32%) Splunk
5 2 (1.32%) TOWER Software
5 2 (1.32%) Tripwire
5 2 (1.32%) Workday
6 1 (0.66%) Apple
6 1 (0.66%) BT
6 1 (0.66%) Cisco
6 1 (0.66%) CyberArk
6 1 (0.66%) Samsung
6 1 (0.66%) ServiceNow
294 Penetration Testing jobs Nationwide