Period
to 12 June 2021

The median annual salary for a Penetration Tester was £66,500 in advertised job vacancies during the 6 months to 12 June 2021.

The first table below provides salary benchmarking and summary statistics including a comparison to same period in the previous 2 years.

Penetration Tester
UK
6 months to
12 Jun 2021
Same period 2020 Same period 2019
Rank 879 719 878
Rank change year-on-year -160 +159 +113
Permanent jobs requiring a Penetration Tester 63 160 233
As % of all permanent jobs advertised in the UK 0.063% 0.19% 0.16%
As % of the Job Titles category 0.068% 0.20% 0.17%
Number of salaries quoted 52 133 165
10th Percentile £38,525 £35,000 £41,250
25th Percentile £42,188 £42,500 £48,750
Median annual salary (50th Percentile) £66,500 £60,000 £65,000
Median % change year-on-year +10.83% -7.69% +8.33%
75th Percentile £79,063 £73,750 £75,750
90th Percentile £88,625 £87,500 £87,000
UK excluding London median annual salary £48,750 £60,000 £66,250
% change year-on-year -18.75% -9.43% +10.42%

The following table is for comparison with the above and includes summary statistics for all permanent IT job vacancies. Most job vacancies include a discernible job title that can be normalized. As such, the figures in the second row provide an indication of the number of permanent jobs in our overall sample.

All Permanent IT Job Vacancies
UK
Permanent vacancies in the UK with a recognized job title 92,086 80,353 137,903
% of permanent IT jobs with a recognized job title 92.03% 95.16% 95.96%
Number of salaries quoted 67,086 65,175 110,873
10th Percentile £31,750 £30,750 £28,250
25th Percentile £41,250 £39,750 £37,000
Median annual salary (50th Percentile) £55,000 £54,000 £50,000
Median % change year-on-year +1.85% +8.00% -
75th Percentile £73,250 £72,500 £68,750
90th Percentile £90,000 £87,500 £85,000
UK excluding London median annual salary £47,500 £47,500 £45,000
% change year-on-year - +5.56% -

Penetration Tester
Job Vacancy Trend

Job postings that featured Penetration Tester in the job title as a proportion of all IT jobs advertised.

Job vacancy trend for Penetration Tester in the UK

Penetration Tester
Salary Trend

3-month moving average salary quoted in jobs citing Penetration Tester.

Salary trend for Penetration Tester in the UK

Penetration Tester
Salary Histogram

Salary distribution for jobs citing Penetration Tester over the 6 months to 12 June 2021.

Salary histogram for Penetration Tester in the UK

Penetration Tester
Top 11 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Tester within the UK over the 6 months to 12 June 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -104 55 £60,000 +9.09% 13
London -60 32 £68,000 +23.64% 4
Work from Home -236 20 £78,750 +8.62% 7
UK excluding London -97 19 £48,750 -18.75% 9
West Midlands -45 8 £62,500 -5.66% 5
Midlands -56 8 £62,500 -5.66% 5
South East -24 5 £35,000 -44.00% 1
South West -61 4 £53,750 +19.44% 1
East of England -13 1 - - 1
North West -19 1 £42,500 -15.00% 1
North of England -30 1 £42,500 -15.00% 1

Penetration Tester Skill Set
Top 30 Co-occurring IT Skills

For the 6 months to 12 June 2021, Penetration Tester job roles required the following IT skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads featuring Penetration Tester in the job title.

1 58 (92.06%) Penetration Testing
2 35 (55.56%) Cybersecurity
3 24 (38.10%) OSCP
4 20 (31.75%) Mobile App
4 20 (31.75%) CREST Certified
5 15 (23.81%) Social Skills
5 15 (23.81%) Ethical Hacking
5 15 (23.81%) Python
6 13 (20.63%) Linux
6 13 (20.63%) Vulnerability Management
6 13 (20.63%) Social Engineering
7 12 (19.05%) OWASP
7 12 (19.05%) AWS
8 11 (17.46%) Red Team
9 10 (15.87%) SANS
9 10 (15.87%) CHECK Team Member
9 10 (15.87%) Cyber Threat Intelligence
9 10 (15.87%) Threat Intelligence
9 10 (15.87%) Metasploit
9 10 (15.87%) Burp Suite
9 10 (15.87%) Microsoft
9 10 (15.87%) VPN
9 10 (15.87%) Nessus
9 10 (15.87%) Information Security
9 10 (15.87%) Nmap
9 10 (15.87%) Firewall
9 10 (15.87%) Wireless
10 9 (14.29%) Ruby
10 9 (14.29%) Security Testing
10 9 (14.29%) GXPN

Penetration Tester Skill Set
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Cloud Services
1 12 (19.05%) AWS
2 8 (12.70%) Azure
3 6 (9.52%) Microsoft 365
4 1 (1.59%) GCP
4 1 (1.59%) WhatsApp
Communications & Networking
1 10 (15.87%) Firewall
1 10 (15.87%) VPN
1 10 (15.87%) Wireless
2 8 (12.70%) Internet
3 7 (11.11%) 5G
4 6 (9.52%) 802.11
4 6 (9.52%) HTTP
4 6 (9.52%) SNMP
5 4 (6.35%) IPsec
6 3 (4.76%) Intranet
7 2 (3.17%) TCP/IP
8 1 (1.59%) Unified Communications
8 1 (1.59%) Wi-Fi
8 1 (1.59%) Wireshark
Database & Business Intelligence
1 7 (11.11%) Blockchain
Development Applications
1 10 (15.87%) Burp Suite
1 10 (15.87%) Metasploit
2 2 (3.17%) sqlmap
General
1 15 (23.81%) Social Skills
2 5 (7.94%) Analytical Skills
2 5 (7.94%) Law
3 4 (6.35%) Finance
4 2 (3.17%) Banking
5 1 (1.59%) Marketing
5 1 (1.59%) Public Sector
5 1 (1.59%) Publishing
Libraries, Frameworks & Software Standards
1 6 (9.52%) 802.1X
2 3 (4.76%) Elastic Stack
3 2 (3.17%) JSON
3 2 (3.17%) REST
3 2 (3.17%) XML
4 1 (1.59%) Web Services
Miscellaneous
1 20 (31.75%) Mobile App
2 7 (11.11%) Internet of Things
3 6 (9.52%) Cyberthreat
4 5 (7.94%) SCADA
5 4 (6.35%) Distributed Denial-of-Service
5 4 (6.35%) PKI
5 4 (6.35%) Public Cloud
6 2 (3.17%) Self-Motivation
6 2 (3.17%) Virtual Team
7 1 (1.59%) Cyberattack
7 1 (1.59%) Data Centre
7 1 (1.59%) Management Information System
Operating Systems
1 13 (20.63%) Linux
2 6 (9.52%) Android
2 6 (9.52%) Apple iOS
2 6 (9.52%) Kali Linux
3 5 (7.94%) Windows
4 4 (6.35%) Mac OS
4 4 (6.35%) Unix
Processes & Methodologies
1 58 (92.06%) Penetration Testing
2 35 (55.56%) Cybersecurity
3 15 (23.81%) Ethical Hacking
4 13 (20.63%) Social Engineering
4 13 (20.63%) Vulnerability Management
5 12 (19.05%) OWASP
6 11 (17.46%) Red Team
7 10 (15.87%) Cyber Threat Intelligence
7 10 (15.87%) Information Security
7 10 (15.87%) Threat Intelligence
8 9 (14.29%) Security Testing
9 8 (12.70%) Computer Science
9 8 (12.70%) Open Source
9 8 (12.70%) Test Automation
10 7 (11.11%) SIEM
10 7 (11.11%) Vulnerability Assessment
11 6 (9.52%) Cyber Intelligence
11 6 (9.52%) OSINT
11 6 (9.52%) Patch Management
11 6 (9.52%) Security Architecture
Programming Languages
1 15 (23.81%) Python
2 9 (14.29%) Ruby
3 7 (11.11%) Bash Shell
4 6 (9.52%) C
4 6 (9.52%) Lua
4 6 (9.52%) PowerShell
5 5 (7.94%) C++
5 5 (7.94%) Java
6 3 (4.76%) C#
7 2 (3.17%) PHP
8 1 (1.59%) Go
Qualifications
1 24 (38.10%) OSCP
2 20 (31.75%) CREST Certified
3 10 (15.87%) CHECK Team Member
3 10 (15.87%) SANS
4 9 (14.29%) GXPN
5 8 (12.70%) CHECK Team Leader
5 8 (12.70%) Degree
5 8 (12.70%) Security Cleared
6 7 (11.11%) CISSP
6 7 (11.11%) GPEN
6 7 (11.11%) OSCE
7 6 (9.52%) GIAC
8 5 (7.94%) SC Cleared
9 4 (6.35%) CEH
9 4 (6.35%) CEPT
9 4 (6.35%) EC-Council LPT
9 4 (6.35%) OSWP
10 3 (4.76%) CCNA
10 3 (4.76%) Cisco Certification
11 2 (3.17%) Cyber Scheme
Quality Assurance & Compliance
1 6 (9.52%) QA
2 5 (7.94%) NIST
3 3 (4.76%) Cyber Essentials
3 3 (4.76%) PCI DSS
4 2 (3.17%) GDPR
4 2 (3.17%) ISO/IEC 27001
5 1 (1.59%) Cyber Essentials PLUS
System Software
1 6 (9.52%) Active Directory
2 4 (6.35%) Docker
Systems Management
1 10 (15.87%) Nessus
1 10 (15.87%) Nmap
2 4 (6.35%) Terraform
3 3 (4.76%) QRadar
4 1 (1.59%) CSIRT
4 1 (1.59%) John the Ripper
4 1 (1.59%) Nexpose
Vendors
1 10 (15.87%) Microsoft
2 5 (7.94%) Cisco
3 3 (4.76%) Splunk
4 1 (1.59%) Snapchat