Penetration Testing Contract Job Trends

Penetration Testing
UK

The table below provides summary statistics and contractor rates for jobs requiring Penetration Testing skills. It covers contract job vacancies from the 6 months leading up to 22 January 2026, with comparisons to the same periods in the previous two years.

 6 months to
22 Jan 2026		 Same period 2025 Same period 2024
Rank 359 407 327
Rank change year-on-year +48 -80 +154
Contract jobs citing Penetration Testing 243 130 273
As % of all contract jobs in the UK 0.64% 0.41% 0.63%
As % of the Processes & Methodologies category 0.73% 0.46% 0.72%
Number of daily rates quoted 164 78 127
10th Percentile £366 £443 £443
25th Percentile £424 £550 £506
Median daily rate (50th Percentile) £525 £625 £575
Median % change year-on-year -16.00% +8.70% -4.17%
75th Percentile £600 £700 £650
90th Percentile £688 £788 £750
UK excluding London median daily rate £467 £550 £525
% change year-on-year -15.09% +4.76% -12.50%
Number of hourly rates quoted 1 0 0
Median hourly rate £31.86 - -
UK excluding London median hourly rate £31.86 - -

All Process & Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all contract job vacancies requiring process or methodology skills.

Contract vacancies with a requirement for process or methodology skills 33,128 28,199 37,720
As % of all contract IT jobs advertised in the UK 87.64% 88.95% 87.50%
Number of daily rates quoted 21,004 17,123 24,892
10th Percentile £305 £306 £300
25th Percentile £406 £413 £413
Median daily rate (50th Percentile) £500 £525 £525
Median % change year-on-year -4.76% - -4.55%
75th Percentile £613 £638 £645
90th Percentile £720 £743 £738
UK excluding London median daily rate £475 £500 £500
% change year-on-year -5.00% - -
Number of hourly rates quoted 2,016 901 1,818
10th Percentile £14.50 £15.62 £14.00
25th Percentile £17.69 £21.00 £17.08
Median hourly rate £25.15 £32.50 £37.50
Median % change year-on-year -22.62% -13.33% +17.19%
75th Percentile £57.50 £62.50 £62.50
90th Percentile £69.65 £75.00 £75.00
UK excluding London median hourly rate £24.00 £30.78 £40.00
% change year-on-year -22.03% -23.05% +53.85%

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of contract IT job postings citing Penetration Testing relative to all contract IT jobs advertised.

Penetration Testing job vacancy trend in the UK

Penetration Testing
Daily Rate Trend

Contractor daily rate distribution trend for jobs in the UK citing Penetration Testing.

Contractor daily rate distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Daily Rate Histogram

Daily rate distribution for jobs citing Penetration Testing over the 6 months to 22 January 2026.

Daily rate histogram for Penetration Testing in the UK

Penetration Testing
Hourly Rate Trend

Contractor hourly rate distribution trend for jobs in the UK citing Penetration Testing.

Contractor hourly rate distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Top 16 Contract Job Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 22 January 2026. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Contract
IT Job Ads		 Median
Daily Rate
Past 6 Months		 Median Daily Rate
% Change
on Same Period
Last Year		 Live
Jobs
England +62 217 £515 -18.88% 163
UK excluding London +11 123 £467 -15.09% 152
Work from Home +40 106 £560 -10.40% 58
London +5 89 £600 -10.65% 33
South East +9 51 £471 -14.36% 39
North of England -48 25 £515 +3.04% 29
Midlands -28 22 £400 -48.39% 27
West Midlands -31 14 £375 -51.61% 9
South West 0 13 £400 - 32
North West -23 13 £476 -4.88% 15
Yorkshire -46 8 £514 -6.61% 11
East Midlands - 8 £438 - 17
East of England -13 7 £374 -51.77% 13
North East -9 4 £700 +27.27% 3
Northern Ireland - 3 - - 2
Scotland -9 2 - - 9

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1 12 (4.94%) Confluence
2 5 (2.06%) SharePoint
Applications
1 14 (5.76%) Microsoft Office
2 13 (5.35%) Microsoft Excel
3 12 (4.94%) Microsoft PowerPoint
4 4 (1.65%) Microsoft Project
Business Applications
1 3 (1.23%) Oracle EBS
Cloud Services
1 69 (28.40%) Azure
2 59 (24.28%) AWS
3 26 (10.70%) GCP
4 13 (5.35%) Entra ID
5 11 (4.53%) Microsoft 365
6 8 (3.29%) Azure DevOps
6 8 (3.29%) Azure Sentinel
7 6 (2.47%) SaaS
8 5 (2.06%) Cloudflare
9 4 (1.65%) OpenDNS
10 3 (1.23%) Amazon GuardDuty
10 3 (1.23%) OCI
11 2 (0.82%) AWS CloudFormation
11 2 (0.82%) Cloud Computing
11 2 (0.82%) OpenShift
11 2 (0.82%) Power Platform
12 1 (0.41%) AWS CloudTrail
12 1 (0.41%) AWS KMS
12 1 (0.41%) npm
12 1 (0.41%) Virtual Private Cloud
Communications & Networking
1 36 (14.81%) Firewall
2 20 (8.23%) Network Security
3 18 (7.41%) Wireless
4 9 (3.70%) Wireshark
5 6 (2.47%) Internet
6 4 (1.65%) Intranet
6 4 (1.65%) SD-WAN
6 4 (1.65%) TCP/IP
6 4 (1.65%) VPN
7 3 (1.23%) HTTP
7 3 (1.23%) Intrusion Detection
7 3 (1.23%) Wi-Fi
8 2 (0.82%) Cisco ASA
8 2 (0.82%) IPsec
8 2 (0.82%) MQTT
8 2 (0.82%) Reverse Proxy
8 2 (0.82%) VLAN
8 2 (0.82%) WAN
9 1 (0.41%) Cisco Firepower
9 1 (0.41%) Cisco Nexus
Database & Business Intelligence
1 3 (1.23%) MongoDB
2 2 (0.82%) Power BI
3 1 (0.41%) Amazon RDS
3 1 (0.41%) DB2
3 1 (0.41%) Oracle Reports
Development Applications
1 35 (14.40%) Burp Suite
2 32 (13.17%) Metasploit
3 21 (8.64%) JIRA
4 7 (2.88%) Selenium
5 6 (2.47%) GitLab
5 6 (2.47%) sqlmap
6 5 (2.06%) Jenkins
7 3 (1.23%) JMeter
7 3 (1.23%) Postman
8 2 (0.82%) Git
9 1 (0.41%) Cucumber
9 1 (0.41%) Cypress.io
9 1 (0.41%) Gatling
9 1 (0.41%) Maven
9 1 (0.41%) webpack
General
1 105 (43.21%) Social Skills
2 29 (11.93%) Public Sector
3 28 (11.52%) Analytical Skills
4 15 (6.17%) Finance
5 7 (2.88%) Banking
6 6 (2.47%) Documentation Skills
7 5 (2.06%) Manufacturing
8 4 (1.65%) Aerospace
8 4 (1.65%) Inclusion and Diversity
8 4 (1.65%) Legal
8 4 (1.65%) Presentation Skills
8 4 (1.65%) Telecoms
9 3 (1.23%) Investment Banking
9 3 (1.23%) Law
9 3 (1.23%) Military
9 3 (1.23%) Organisational Skills
10 2 (0.82%) Automotive
10 2 (0.82%) Electronics
10 2 (0.82%) German Language
10 2 (0.82%) Marketing
Job Titles
1 100 (41.15%) Penetration Tester
2 99 (40.74%) Tester
3 21 (8.64%) Analyst
4 19 (7.82%) Security Engineer
5 17 (7.00%) Lead
6 15 (6.17%) Security Analyst
7 12 (4.94%) Architect
7 12 (4.94%) Senior
8 10 (4.12%) Security Architect
9 9 (3.70%) Test Manager
10 8 (3.29%) Security Officer
10 8 (3.29%) Test Engineer
11 7 (2.88%) Consultant
11 7 (2.88%) Security Manager
12 6 (2.47%) IT Security Officer
12 6 (2.47%) Security Tester
12 6 (2.47%) Solutions Architect
13 5 (2.06%) Developer
13 5 (2.06%) Security Solutions Architect
13 5 (2.06%) Vulnerability Manager
Libraries, Frameworks & Software Standards
1 6 (2.47%) OAuth
1 6 (2.47%) SAML
2 5 (2.06%) ADO
3 4 (1.65%) JWT
3 4 (1.65%) Node.js
4 3 (1.23%) .NET
4 3 (1.23%) Spring Boot
5 2 (0.82%) Flash
5 2 (0.82%) Jest
5 2 (0.82%) LDAP
5 2 (0.82%) OAuth2
5 2 (0.82%) OpenID
5 2 (0.82%) RESTful
5 2 (0.82%) Smart Contracts
5 2 (0.82%) Spring
6 1 (0.41%) Playwright
6 1 (0.41%) React
6 1 (0.41%) Spring Batch
6 1 (0.41%) SwiftUI
6 1 (0.41%) WireMock
Miscellaneous
1 46 (18.93%) Security Posture
2 15 (6.17%) Management Information System
3 13 (5.35%) Cloud Native
3 13 (5.35%) Mobile App
4 12 (4.94%) Operational Technology
5 11 (4.53%) Cyber Threat
6 9 (3.70%) Security Operations Centre
7 5 (2.06%) CSOC
7 5 (2.06%) Data Centre
8 4 (1.65%) Distributed Systems
9 3 (1.23%) BYOD
9 3 (1.23%) Cyber Defence
9 3 (1.23%) Onboarding
9 3 (1.23%) Product Ownership
9 3 (1.23%) Video Conferencing
10 2 (0.82%) Blockchain
10 2 (0.82%) Data Protection Act
10 2 (0.82%) Greenfield Project
10 2 (0.82%) PKI
11 1 (0.41%) CCTV
Operating Systems
1 34 (13.99%) Windows
2 26 (10.70%) Linux
3 14 (5.76%) Android
4 13 (5.35%) Kali Linux
5 8 (3.29%) Apple iOS
6 6 (2.47%) Unix
7 1 (0.41%) Mac OS X
7 1 (0.41%) Ubuntu
7 1 (0.41%) VMS
7 1 (0.41%) Windows Server
Processes & Methodologies
1 113 (46.50%) Cybersecurity
2 49 (20.16%) OWASP
3 44 (18.11%) Test Automation
4 40 (16.46%) Incident Response
5 37 (15.23%) Cloud Security
5 37 (15.23%) Vulnerability Management
6 36 (14.81%) Threat Modelling
7 35 (14.40%) Security Testing
8 34 (13.99%) Application Security
9 32 (13.17%) Information Security
10 31 (12.76%) Agile
10 31 (12.76%) Vulnerability Assessment
11 27 (11.11%) Problem-Solving
11 27 (11.11%) Regulatory Compliance
11 27 (11.11%) Security Operations
12 26 (10.70%) Red Team
12 26 (10.70%) Risk Management
13 25 (10.29%) Validation
14 24 (9.88%) MITRE ATT&CK
15 22 (9.05%) SDLC
Programming Languages
1 29 (11.93%) Python
2 21 (8.64%) Bash
3 18 (7.41%) PowerShell
4 8 (3.29%) Java
5 7 (2.88%) Go
6 4 (1.65%) Kusto Query Language
7 3 (1.23%) SQL
7 3 (1.23%) Swift
8 2 (0.82%) Bicep
8 2 (0.82%) C-shell
8 2 (0.82%) JavaScript
8 2 (0.82%) Korn
8 2 (0.82%) Kotlin
8 2 (0.82%) Rust
8 2 (0.82%) Solidity
9 1 (0.41%) PHP
9 1 (0.41%) Scala
9 1 (0.41%) Shell Script
9 1 (0.41%) TypeScript
Qualifications
1 106 (43.62%) Security Cleared
2 90 (37.04%) SC Cleared
3 47 (19.34%) CHECK Team Member
4 36 (14.81%) CHECK Team Leader
5 31 (12.76%) CREST Certified
6 29 (11.93%) OSCP
7 28 (11.52%) CISSP
8 27 (11.11%) Degree
9 21 (8.64%) CEH
10 20 (8.23%) CISM
10 20 (8.23%) GPEN
11 16 (6.58%) DV Cleared
12 12 (4.94%) Cyber Scheme
13 10 (4.12%) Postgraduate
14 9 (3.70%) SANS
15 6 (2.47%) Cisco Certification
15 6 (2.47%) CompTIA Security+
16 5 (2.06%) AWS Certification
16 5 (2.06%) OSCE
17 4 (1.65%) GWAPT
Quality Assurance & Compliance
1 56 (23.05%) ISO/IEC 27001
2 45 (18.52%) NIST
3 34 (13.99%) GDPR
4 25 (10.29%) PCI DSS
5 21 (8.64%) NCSC
6 16 (6.58%) QA
7 13 (5.35%) PMO
8 9 (3.70%) GRC
9 8 (3.29%) NIST 800
10 7 (2.88%) Cyber Essentials
11 4 (1.65%) Actionable Recommendations
11 4 (1.65%) SOC 2
12 3 (1.23%) California Consumer Privacy Act
12 3 (1.23%) EU AI Act
12 3 (1.23%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
12 3 (1.23%) JSP 440
12 3 (1.23%) Sarbanes-Oxley
13 2 (0.82%) Cyber Essentials PLUS
13 2 (0.82%) ISO 9001
14 1 (0.41%) Accessibility
System Software
1 17 (7.00%) Active Directory
2 11 (4.53%) Docker
3 5 (2.06%) Snort
4 4 (1.65%) Squid
5 1 (0.41%) Virtual Machines
5 1 (0.41%) VMware ESXi
5 1 (0.41%) VMware Infrastructure
Systems Management
1 32 (13.17%) Nmap
2 28 (11.52%) Kubernetes
3 22 (9.05%) Nessus
4 5 (2.06%) Nexpose
5 4 (1.65%) Ansible
5 4 (1.65%) Suricata
5 4 (1.65%) Terraform
6 2 (0.82%) Microsoft Intune
6 2 (0.82%) Single Sign-On
7 1 (0.41%) CSIRT
7 1 (0.41%) Grafana
7 1 (0.41%) Kibana
7 1 (0.41%) QRadar
7 1 (0.41%) SCOM
7 1 (0.41%) vCenter Server
Vendors
1 25 (10.29%) Microsoft
2 12 (4.94%) ServiceNow
3 11 (4.53%) Qualys
4 9 (3.70%) Splunk
5 8 (3.29%) Cisco
6 7 (2.88%) CrowdStrike
7 6 (2.47%) Google
7 6 (2.47%) Oracle
7 6 (2.47%) Palo Alto
7 6 (2.47%) SAP
8 5 (2.06%) Zscaler
9 4 (1.65%) Blue Coat
9 4 (1.65%) Carbon Black
9 4 (1.65%) FireEye
9 4 (1.65%) Tanium
9 4 (1.65%) Tenable
10 3 (1.23%) CyberArk
10 3 (1.23%) VMware
11 2 (0.82%) CheckPoint
11 2 (0.82%) Citrix
184 Penetration Testing jobs Nationwide