Period
to 13 December 2019

The following table provides summary statistics for permanent job vacancies advertised in England with a requirement for Penetration Testing skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Penetration Testing over the 6 months to 13 December 2019 with a comparison to the same period in the previous 2 years.

Penetration Testing
UK > England
6 months to
13 Dec 2019
Same period 2018 Same period 2017
Rank 403 344 385
Rank change year-on-year -59 +41 -47
Permanent jobs citing Penetration Testing 889 1,354 1,380
As % of all permanent IT jobs advertised in England 0.72% 0.91% 0.82%
As % of the Processes & Methodologies category 0.79% 0.99% 0.89%
Number of salaries quoted 687 1,054 1,108
England median annual salary £60,000 £60,000 £55,000
Median salary % change year-on-year - +9.09% -4.85%
10th Percentile £36,650 £37,500 £36,250
90th Percentile £95,000 £85,000 £83,900
UK median annual salary £60,000 £60,000 £55,000
% change year-on-year - +9.09% -4.35%

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in England with a requirement for process or methodology skills.

All Process and Methodology Skills
England
Permanent vacancies with a requirement for process or methodology skills 113,130 136,304 155,723
As % of all permanent IT jobs advertised in England 92.07% 92.08% 92.29%
Number of salaries quoted 90,438 108,985 124,667
England median annual salary £52,789 £52,500 £50,000
Median salary % change year-on-year +0.55% +5.00% -
10th Percentile £30,000 £30,000 £28,500
90th Percentile £87,500 £85,000 £80,000
UK median annual salary £52,500 £52,500 £50,000
% change year-on-year - +5.00% +3.09%

Penetration Testing
Job Vacancy Trend in England

Job postings citing Penetration Testing as a percentage of all IT jobs advertised in England.

Job vacancy trend for Penetration Testing in England

Penetration Testing
Salary Trend in England

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing Penetration Testing in England.

Salary trend for Penetration Testing in England

Penetration Testing
Salary Histogram in England

The salary distribution of IT jobs citing Penetration Testing in England over the 6 months to 13 December 2019.

Salary histogram for Penetration Testing in England

Penetration Testing
Job Locations in England

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the England region over the 6 months to 13 December 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
London -75 344 £73,750 +13.46% 61
Midlands +108 167 £52,500 +16.67% 25
South East +60 152 £61,500 +6.96% 21
West Midlands +124 143 £55,000 +30.95% 19
South West +58 105 £55,000 +10.00% 2
North of England -146 77 £45,000 -10.00% 17
East of England -17 39 £52,500 -8.70% 3
Yorkshire +10 38 £55,000 +19.57% 7
North West -135 38 £42,000 -16.00% 9
East Midlands +15 24 £42,500 -26.09% 6
North East +9 1 £42,000 -36.12% 1
Penetration Testing
UK

For the 6 months to 13 December 2019, IT jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads across the England region with a requirement for Penetration Testing.

1 437 (49.16%) Cybersecurity
2 380 (42.74%) Information Security
3 282 (31.72%) Firewall
4 257 (28.91%) SIEM
5 239 (26.88%) Linux
6 224 (25.20%) CISSP
7 211 (23.73%) ISO/IEC 27001
8 196 (22.05%) Windows
9 160 (18.00%) Vulnerability Management
10 145 (16.31%) CISM
10 145 (16.31%) Management Information System
11 143 (16.09%) Degree
12 142 (15.97%) PCI DSS
13 138 (15.52%) Finance
14 135 (15.19%) AWS
15 134 (15.07%) Security Testing
16 133 (14.96%) Azure
17 130 (14.62%) Agile Software Development
18 128 (14.40%) Vulnerability Scanning
19 126 (14.17%) Security Cleared
20 125 (14.06%) Python
21 118 (13.27%) CREST Certified
22 115 (12.94%) TCP/IP
23 110 (12.37%) Risk Management
23 110 (12.37%) Ethical Hacking
24 103 (11.59%) Security Operations
25 100 (11.25%) Cisco Certification
26 98 (11.02%) ITIL
26 98 (11.02%) GDPR
27 96 (10.80%) Nessus

Penetration Testing
Co-occurring IT Skills in England by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 28 (3.15%) MS Exchange
2 27 (3.04%) SharePoint
3 23 (2.59%) Apache Spark
3 23 (2.59%) Elasticsearch
4 22 (2.47%) OpenStack
5 15 (1.69%) IIS
6 11 (1.24%) Confluence
7 8 (0.90%) Skype for Business
8 7 (0.79%) Exchange Server 2013
9 3 (0.34%) Drupal
9 3 (0.34%) WordPress
10 2 (0.22%) Exchange Server 2010
11 1 (0.11%) Cloud Foundry
11 1 (0.11%) JBoss
11 1 (0.11%) nginx
Applications
1 16 (1.80%) Microsoft Office
2 8 (0.90%) MS Visio
3 6 (0.67%) Microsoft Excel
3 6 (0.67%) Microsoft PowerPoint
4 1 (0.11%) Spreadsheet
Business Applications
1 2 (0.22%) Distributed Ledger
Cloud Services
1 135 (15.19%) AWS
2 133 (14.96%) Azure
3 62 (6.97%) GCP
4 57 (6.41%) Office 365
5 53 (5.96%) SaaS
6 22 (2.47%) IaaS
6 22 (2.47%) OpenShift
7 16 (1.80%) PaaS
8 14 (1.57%) Cloud Computing
9 9 (1.01%) vREST
10 7 (0.79%) Dynamics 365
11 5 (0.56%) Serverless
12 4 (0.45%) AWS CloudFormation
13 3 (0.34%) G Suite
14 1 (0.11%) Amazon S3
14 1 (0.11%) Amazon SQS
14 1 (0.11%) Azure Active Directory
14 1 (0.11%) BrowserStack
14 1 (0.11%) Power Platform
14 1 (0.11%) PowerApps
Communications & Networking
1 282 (31.72%) Firewall
2 115 (12.94%) TCP/IP
3 90 (10.12%) Network Security
4 75 (8.44%) Intrusion Detection
5 61 (6.86%) HTTP
6 55 (6.19%) VPN
7 54 (6.07%) DNS
8 52 (5.85%) Internet
9 51 (5.74%) DHCP
10 46 (5.17%) WAN
11 42 (4.72%) LAN
12 40 (4.50%) HTTPS
13 39 (4.39%) IPsec
13 39 (4.39%) Wireless
14 34 (3.82%) VLAN
15 28 (3.15%) SAN
16 23 (2.59%) MPLS
17 19 (2.14%) IPv4
18 18 (2.02%) Wireshark
19 17 (1.91%) SMTP
Database & Business Intelligence
1 48 (5.40%) Big Data
2 34 (3.82%) SQL Server
3 17 (1.91%) MySQL
4 12 (1.35%) Blockchain
5 8 (0.90%) MongoDB
6 6 (0.67%) SQLite
7 4 (0.45%) Maltego
8 3 (0.34%) Relational Database
9 2 (0.22%) PostgreSQL
10 1 (0.11%) Apache Hive
10 1 (0.11%) Impala
10 1 (0.11%) Oracle Reports
10 1 (0.11%) Power BI
10 1 (0.11%) RDBMS
10 1 (0.11%) SQL Server 2014
Development Applications
1 54 (6.07%) JIRA
2 52 (5.85%) Metasploit
3 45 (5.06%) Git (software)
4 43 (4.84%) Bitbucket
5 31 (3.49%) git-flow
6 18 (2.02%) Burp Suite
7 17 (1.91%) Jenkins
8 16 (1.80%) GitLab
9 15 (1.69%) Snyk
9 15 (1.69%) SonarQube
10 11 (1.24%) Selenium
11 8 (0.90%) VSS/SourceSafe
12 7 (0.79%) Android Studio
12 7 (0.79%) Xcode
13 6 (0.67%) Protractor
13 6 (0.67%) Team Foundation Server
14 3 (0.34%) Appium
14 3 (0.34%) Charles Proxy
14 3 (0.34%) Postman
14 3 (0.34%) WiX
General
1 138 (15.52%) Finance
2 89 (10.01%) Retail
3 49 (5.51%) Legal
4 22 (2.47%) Banking
4 22 (2.47%) Public Sector
5 21 (2.36%) Telecoms
6 18 (2.02%) Law
7 17 (1.91%) Games
8 15 (1.69%) Aerospace
9 7 (0.79%) Electronics
9 7 (0.79%) Military
10 4 (0.45%) Brand Awareness
10 4 (0.45%) Manufacturing
11 2 (0.22%) Automotive
11 2 (0.22%) Back Office
11 2 (0.22%) Billing
11 2 (0.22%) French Language
11 2 (0.22%) Front Office
11 2 (0.22%) Publishing
12 1 (0.11%) Financial Institution
Job Titles
1 179 (20.13%) Analyst
2 137 (15.41%) Tester
3 131 (14.74%) Security Analyst
4 118 (13.27%) Penetration Tester
5 116 (13.05%) Security Engineer
6 71 (7.99%) Consultant
7 65 (7.31%) Security Manager
8 59 (6.64%) Information Analyst
8 59 (6.64%) Information Security Analyst
9 56 (6.30%) Security Specialist
10 52 (5.85%) Senior Analyst
11 42 (4.72%) Senior Penetration Tester
11 42 (4.72%) Senior Tester
12 41 (4.61%) Cybersecurity Engineer
13 38 (4.27%) Information Manager
13 38 (4.27%) Information Security Manager
14 35 (3.94%) Security Officer
15 34 (3.82%) Senior Security Analyst
16 31 (3.49%) Information Officer
16 31 (3.49%) Information Security Officer
Libraries, Frameworks & Software Standards
1 43 (4.84%) .NET
2 42 (4.72%) Node.js
3 39 (4.39%) AngularJS
4 36 (4.05%) React
5 31 (3.49%) Kafka
6 30 (3.37%) Vue.js
7 27 (3.04%) REST
8 25 (2.81%) ASP.NET
9 24 (2.70%) Spring
10 23 (2.59%) SailPoint
11 22 (2.47%) GraphQL
11 22 (2.47%) Spring MVC
12 19 (2.14%) OAuth
13 17 (1.91%) OpenID
14 16 (1.80%) SAML
15 13 (1.46%) Web Services
16 10 (1.12%) Django
16 10 (1.12%) HTML
17 7 (0.79%) CSS
18 6 (0.67%) Elastic Stack
Miscellaneous
1 145 (16.31%) Management Information System
2 52 (5.85%) Analytical Skills
3 39 (4.39%) Self-Motivation
4 33 (3.71%) Cyberattack
5 30 (3.37%) Cyber Kill Chain
6 26 (2.92%) Mobile App
7 22 (2.47%) Data Centre
7 22 (2.47%) Data Protection Act
8 21 (2.36%) Cyberthreat
9 20 (2.25%) PKI
10 17 (1.91%) Security Operations Centre
11 16 (1.80%) BYOD
12 15 (1.69%) Cyber Defence
12 15 (1.69%) Driving Licence
13 14 (1.57%) Greenfield Project
14 11 (1.24%) Cybercrime
14 11 (1.24%) Virtual Team
15 10 (1.12%) Internet of Things
15 10 (1.12%) SWIFT
16 9 (1.01%) Enterprise Software
Operating Systems
1 239 (26.88%) Linux
2 196 (22.05%) Windows
3 52 (5.85%) Kali Linux
4 45 (5.06%) Android
5 42 (4.72%) Windows Server
6 36 (4.05%) Apple iOS
7 33 (3.71%) Windows Server 2012
8 27 (3.04%) Unix
9 23 (2.59%) Windows Server 2008
10 18 (2.02%) Windows 10
11 12 (1.35%) Windows 7
12 11 (1.24%) VMS
13 9 (1.01%) CentOS
13 9 (1.01%) Windows 8
14 7 (0.79%) Mac OS
14 7 (0.79%) Windows Server 2003
15 4 (0.45%) Solaris
16 3 (0.34%) Red Hat Enterprise Linux
16 3 (0.34%) Ubuntu
17 1 (0.11%) Embedded Linux
Processes & Methodologies
1 437 (49.16%) Cybersecurity
2 380 (42.74%) Information Security
3 257 (28.91%) SIEM
4 160 (18.00%) Vulnerability Management
5 134 (15.07%) Security Testing
6 130 (14.62%) Agile Software Development
7 128 (14.40%) Vulnerability Scanning
8 110 (12.37%) Ethical Hacking
8 110 (12.37%) Risk Management
9 103 (11.59%) Security Operations
10 98 (11.02%) ITIL
11 93 (10.46%) Problem-Solving
12 80 (9.00%) OWASP
13 79 (8.89%) Stakeholder Management
14 76 (8.55%) Threat Intelligence
15 75 (8.44%) Data Protection
16 74 (8.32%) Test Automation
17 67 (7.54%) Change Management
18 66 (7.42%) Incident Management
19 62 (6.97%) SDLC
Programming Languages
1 125 (14.06%) Python
2 82 (9.22%) Java
3 71 (7.99%) C
4 66 (7.42%) C++
5 59 (6.64%) PowerShell
6 46 (5.17%) SQL
7 39 (4.39%) JavaScript
8 34 (3.82%) Go
9 26 (2.92%) C#
10 24 (2.70%) Bash Shell
11 11 (1.24%) PHP
11 11 (1.24%) Shell Script
11 11 (1.24%) TypeScript
12 9 (1.01%) Ruby
13 8 (0.90%) Perl
14 6 (0.67%) VB
15 3 (0.34%) R
16 2 (0.22%) Java 8
17 1 (0.11%) Groovy
17 1 (0.11%) Scala
Qualifications
1 224 (25.20%) CISSP
2 145 (16.31%) CISM
3 143 (16.09%) Degree
4 126 (14.17%) Security Cleared
5 118 (13.27%) CREST Certified
6 100 (11.25%) Cisco Certification
7 78 (8.77%) OSCP
8 77 (8.66%) CISA
9 72 (8.10%) CEH
10 64 (7.20%) SC Cleared
11 57 (6.41%) SANS
12 56 (6.30%) CompTIA Security+
13 53 (5.96%) Microsoft Certification
14 49 (5.51%) GIAC
14 49 (5.51%) MCSE
15 44 (4.95%) SSCP
16 43 (4.84%) CCNA
17 41 (4.61%) CHECK Team Leader
17 41 (4.61%) Tigerscheme
18 37 (4.16%) Network+ Certification
Quality Assurance & Compliance
1 211 (23.73%) ISO/IEC 27001
2 142 (15.97%) PCI DSS
3 98 (11.02%) GDPR
4 80 (9.00%) NIST
5 26 (2.92%) QA
6 25 (2.81%) Cyber Essentials
7 20 (2.25%) SLA
8 13 (1.46%) NCSC
9 11 (1.24%) COBIT
10 9 (1.01%) Cyber Essentials PLUS
10 9 (1.01%) Sarbanes-Oxley
11 7 (0.79%) NIST 800
12 6 (0.67%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
13 5 (0.56%) HMG Security Policy Framework
14 4 (0.45%) Data Quality
15 3 (0.34%) MiFID
15 3 (0.34%) PSD2
15 3 (0.34%) SAS 70
16 1 (0.11%) Actionable Recommendations
16 1 (0.11%) IASME
System Software
1 72 (8.10%) Active Directory
2 45 (5.06%) Docker
3 24 (2.70%) VMware Infrastructure
4 16 (1.80%) Hyper-V
5 13 (1.46%) vSphere
6 6 (0.67%) Snort
6 6 (0.67%) XenApp
7 5 (0.56%) VMware ESXi
8 2 (0.22%) ProxySG
8 2 (0.22%) Virtual Machines
8 2 (0.22%) VMware NSX
9 1 (0.11%) Apache Flume
9 1 (0.11%) Citrix Hypervisor
9 1 (0.11%) Firmware
9 1 (0.11%) Microsoft App-V
9 1 (0.11%) VirtualBox
9 1 (0.11%) XenDesktop
Systems Management
1 96 (10.80%) Nessus
2 49 (5.51%) SCCM
3 45 (5.06%) Kubernetes
4 44 (4.95%) Nmap
5 23 (2.59%) McAfee ePO
6 15 (1.69%) Sysdig
6 15 (1.69%) WSUS
7 13 (1.46%) QRadar
8 9 (1.01%) Ansible
8 9 (1.01%) CSIRT
8 9 (1.01%) Microsoft Intune
8 9 (1.01%) SCOM
9 8 (0.90%) FortiGate
10 6 (0.67%) Network Intrusion Detection System
10 6 (0.67%) Terraform
11 5 (0.56%) OpenVAS
12 4 (0.45%) Cisco CUCM
12 4 (0.45%) Computer Emergency Response Teams
12 4 (0.45%) Mesos
12 4 (0.45%) Rancher
Vendors
1 83 (9.34%) Microsoft
2 55 (6.19%) Splunk
3 45 (5.06%) Google
4 42 (4.72%) Cisco
5 36 (4.05%) Qualys
6 34 (3.82%) SolarWinds
7 33 (3.71%) McAfee
7 33 (3.71%) Palo Alto
7 33 (3.71%) VMware
8 31 (3.49%) LogRhythm
9 25 (2.81%) Dell
10 23 (2.59%) Atlassian
10 23 (2.59%) Aveksa
10 23 (2.59%) HP
11 18 (2.02%) ArcSight
11 18 (2.02%) Darktrace
12 16 (1.80%) Juniper
13 13 (1.46%) EMC
14 11 (1.24%) CheckPoint
15 10 (1.12%) Intel