Penetration Testing Job Trends

Penetration Testing
UK

The table below provides summary statistics and salary benchmarking for jobs requiring Penetration Testing skills. It covers permanent job vacancies from the 6 months leading up to 29 March 2026, with comparisons to the same periods in the previous two years.

 6 months to
29 Mar 2026		 Same period 2025 Same period 2024
Rank 451 393 406
Rank change year-on-year -58 +13 +91
Permanent jobs citing Penetration Testing 261 262 532
As % of all permanent jobs in the UK 0.33% 0.64% 0.60%
As % of the Processes & Methodologies category 0.43% 0.68% 0.69%
Number of salaries quoted 186 206 427
10th Percentile £42,500 £46,750 £38,892
25th Percentile £50,813 £58,750 £47,725
Median annual salary (50th Percentile) £70,000 £67,500 £62,500
Median % change year-on-year +3.70% +8.00% -9.68%
75th Percentile £90,000 £87,500 £82,500
90th Percentile £96,875 £95,000 £95,000
UK excluding London median annual salary £66,250 £67,500 £55,000
% change year-on-year -1.85% +22.73% -8.33%

All Process & Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies requiring process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills 60,329 38,275 77,225
As % of all permanent jobs advertised in the UK 76.98% 93.09% 86.55%
Number of salaries quoted 37,012 22,459 57,636
10th Percentile £30,000 £31,250 £29,250
25th Percentile £40,000 £43,750 £40,000
Median annual salary (50th Percentile) £55,000 £60,000 £55,000
Median % change year-on-year -8.33% +9.09% -11.29%
75th Percentile £77,500 £80,000 £73,750
90th Percentile £97,500 £102,500 £92,500
UK excluding London median annual salary £50,000 £55,000 £50,000
% change year-on-year -9.09% +10.00% -8.41%

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of permanent IT job postings citing Penetration Testing relative to all permanent IT jobs advertised.

Penetration Testing job vacancy trend in the UK

Penetration Testing
Salary Trend

Salary distribution trend for jobs in the UK citing Penetration Testing.

Salary distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Salary Histogram

Salary distribution for jobs citing Penetration Testing over the 6 months to 29 March 2026.

Salary histogram for Penetration Testing in the UK

Penetration Testing
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 29 March 2026. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Permanent
IT Job Ads		 Median Salary
Past 6 Months		 Median Salary
% Change
on Same Period
Last Year		 Live
Jobs
England -58 226 £67,500 - 96
UK excluding London -55 131 £66,250 -1.85% 81
London -22 99 £77,000 +6.21% 31
Work from Home -15 97 £60,000 -14.29% 61
South West +1 51 £62,500 -10.71% 23
Midlands -30 27 £52,500 -22.22% 9
South East -56 21 £73,750 +5.36% 22
North of England -59 18 £63,750 +4.51% 14
West Midlands -25 16 £60,000 -11.11% 7
Scotland -26 13 £90,000 +21.21% 6
East Midlands -32 11 £51,058 +27.65% 2
Yorkshire -48 7 £60,000 +17.07% 7
North West -40 6 £55,500 -11.20% 7
North East -20 5 £75,000 +12.36%
East of England -25 2 £57,500 - 6

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1 4 (1.53%) Microsoft Exchange
2 3 (1.15%) Confluence
2 3 (1.15%) SharePoint
3 1 (0.38%) Apache
3 1 (0.38%) Drupal
3 1 (0.38%) IIS
3 1 (0.38%) nginx
3 1 (0.38%) WordPress
Applications
1 3 (1.15%) Microsoft Excel
1 3 (1.15%) Microsoft Office
2 2 (0.77%) Weka
Business Applications
1 1 (0.38%) Exchequer
1 1 (0.38%) Magento
Cloud Services
1 67 (25.67%) Azure
2 52 (19.92%) AWS
3 24 (9.20%) GitHub
4 19 (7.28%) GitHub Actions
5 18 (6.90%) GCP
6 15 (5.75%) Microsoft 365
7 13 (4.98%) Azure Sentinel
8 10 (3.83%) Entra ID
8 10 (3.83%) Microsoft Purview
9 5 (1.92%) Power Platform
9 5 (1.92%) SaaS
10 4 (1.53%) Mimecast
10 4 (1.53%) Slack
11 3 (1.15%) Azure DevOps
12 2 (0.77%) Amazon EKS
12 2 (0.77%) AWS CloudFormation
12 2 (0.77%) Azure Key Vault
12 2 (0.77%) Dynamics 365
12 2 (0.77%) Rubrik
13 1 (0.38%) Nutanix
Communications & Networking
1 44 (16.86%) Firewall
2 26 (9.96%) Network Security
3 20 (7.66%) TCP/IP
3 20 (7.66%) Wireless
4 16 (6.13%) VPN
5 13 (4.98%) DNS
6 8 (3.07%) Intrusion Detection
6 8 (3.07%) VLAN
7 7 (2.68%) Cisco ISE
8 6 (2.30%) Wi-Fi
9 5 (1.92%) HTTP
10 4 (1.53%) Cisco Nexus
10 4 (1.53%) HTTPS
10 4 (1.53%) Wireshark
11 3 (1.15%) DMARC
11 3 (1.15%) DMZ
11 3 (1.15%) Internet
11 3 (1.15%) LAN
11 3 (1.15%) Modbus
11 3 (1.15%) SSL
Database & Business Intelligence
1 5 (1.92%) Power BI
2 3 (1.15%) SQL Server
2 3 (1.15%) Tableau
3 1 (0.38%) Amazon RDS
3 1 (0.38%) InterSystems Cache
3 1 (0.38%) MongoDB
3 1 (0.38%) Redis
Development Applications
1 29 (11.11%) Burp Suite
1 29 (11.11%) Metasploit
2 18 (6.90%) Jenkins
3 11 (4.21%) JIRA
4 5 (1.92%) Bitbucket
5 2 (0.77%) Git
5 2 (0.77%) IDA Disassembler
6 1 (0.38%) Gatling
6 1 (0.38%) GitLab
6 1 (0.38%) JMeter
6 1 (0.38%) NUnit
6 1 (0.38%) Vagrant
General
1 81 (31.03%) Finance
2 80 (30.65%) Social Skills
3 24 (9.20%) Public Sector
4 21 (8.05%) Inclusion and Diversity
5 20 (7.66%) Analytical Skills
6 17 (6.51%) Banking
6 17 (6.51%) Law
7 16 (6.13%) Retail
8 9 (3.45%) Legal
9 7 (2.68%) Influencing Skills
10 6 (2.30%) Marketing
11 5 (1.92%) Presentation Skills
12 4 (1.53%) Pharmaceutical
12 4 (1.53%) Telecoms
13 3 (1.15%) Aerospace
13 3 (1.15%) Electronics
13 3 (1.15%) Manufacturing
13 3 (1.15%) Military
14 2 (0.77%) Public Speaking
14 2 (0.77%) Social Housing
Job Titles
1 43 (16.48%) Consultant
2 41 (15.71%) Security Consultant
3 39 (14.94%) Analyst
4 35 (13.41%) Tester
5 34 (13.03%) Penetration Tester
5 34 (13.03%) Security Engineer
6 30 (11.49%) Security Analyst
6 30 (11.49%) Senior
7 25 (9.58%) Security Manager
8 22 (8.43%) Cybersecurity Consultant
9 21 (8.05%) Applications Engineer
10 18 (6.90%) Security Specialist
11 17 (6.51%) Lead
12 12 (4.60%) IT Manager
12 12 (4.60%) Senior Analyst
12 12 (4.60%) Senior Security Analyst
13 9 (3.45%) Digital Analyst
13 9 (3.45%) Senior Digital Analyst
13 9 (3.45%) Team Leader
14 8 (3.07%) Head of Security
Libraries, Frameworks & Software Standards
1 3 (1.15%) .NET
2 2 (0.77%) .NET Framework
2 2 (0.77%) JSON
3 1 (0.38%) AngularJS
3 1 (0.38%) ARM Templates
3 1 (0.38%) ASP.NET
3 1 (0.38%) ASP.NET Core
3 1 (0.38%) Entity Framework
3 1 (0.38%) LDAP
3 1 (0.38%) Memcached
3 1 (0.38%) OAuth
3 1 (0.38%) OAuth2
3 1 (0.38%) OpenAPI
3 1 (0.38%) OpenID
3 1 (0.38%) RESTful
3 1 (0.38%) RxJS
3 1 (0.38%) Swagger
3 1 (0.38%) Vitest
3 1 (0.38%) YAML
Miscellaneous
1 66 (25.29%) Security Posture
2 30 (11.49%) Mobile App
3 27 (10.34%) Cyber Defence
4 21 (8.05%) Cyber Threat
5 18 (6.90%) Management Information System
6 7 (2.68%) Blog
6 7 (2.68%) Data Centre
6 7 (2.68%) Insider Threat
6 7 (2.68%) Operational Technology
6 7 (2.68%) PKI
7 6 (2.30%) Self-Motivation
8 5 (1.92%) Analytical Mindset
8 5 (1.92%) Enterprise Software
9 4 (1.53%) Cloud Native
9 4 (1.53%) Cyber Security Posture
9 4 (1.53%) Data Protection Act
9 4 (1.53%) Public Cloud
9 4 (1.53%) Security Operations Centre
10 3 (1.15%) Renewable Energy
10 3 (1.15%) SCADA
Operating Systems
1 34 (13.03%) Linux
2 32 (12.26%) Windows
3 11 (4.21%) Android
3 11 (4.21%) Apple iOS
4 7 (2.68%) Unix
5 5 (1.92%) Windows Server
6 1 (0.38%) Kali Linux
6 1 (0.38%) Mac OS
6 1 (0.38%) Red Hat Enterprise Linux
Processes & Methodologies
1 143 (54.79%) Cybersecurity
2 85 (32.57%) Incident Response
3 76 (29.12%) Red Team
4 64 (24.52%) Application Security
5 50 (19.16%) Offensive Security
5 50 (19.16%) Problem-Solving
6 49 (18.77%) Information Security
6 49 (18.77%) SIEM
7 48 (18.39%) Mentoring
8 47 (18.01%) Security Testing
9 46 (17.62%) Agile
9 46 (17.62%) Vulnerability Management
10 41 (15.71%) Threat Modelling
11 33 (12.64%) Security Operations
12 32 (12.26%) Business Strategy
12 32 (12.26%) Vulnerability Assessment
13 31 (11.88%) Cloud Security
13 31 (11.88%) Internal Audit
14 29 (11.11%) Business Transformation
14 29 (11.11%) Coaching
Programming Languages
1 64 (24.52%) Python
2 50 (19.16%) PowerShell
3 47 (18.01%) Bash
4 13 (4.98%) Go
5 12 (4.60%) Java
6 10 (3.83%) C
6 10 (3.83%) C++
7 8 (3.07%) C#
8 7 (2.68%) Perl
9 6 (2.30%) SQL
10 5 (1.92%) Ruby
11 3 (1.15%) R
12 2 (0.77%) Bicep
12 2 (0.77%) JavaScript
12 2 (0.77%) Objective-C
12 2 (0.77%) Rust
13 1 (0.38%) Kusto Query Language
13 1 (0.38%) PHP
13 1 (0.38%) Scala
13 1 (0.38%) TypeScript
Qualifications
1 93 (35.63%) CREST Certified
2 67 (25.67%) CISSP
3 66 (25.29%) OSCP
4 51 (19.54%) Degree
5 50 (19.16%) Security Cleared
6 41 (15.71%) SC Cleared
7 34 (13.03%) CHECK Team Member
8 29 (11.11%) CEH
9 28 (10.73%) Cisco Certification
10 23 (8.81%) CHECK Team Leader
11 22 (8.43%) CISM
12 20 (7.66%) CCSAM
12 20 (7.66%) SANS
13 19 (7.28%) CCNA
14 18 (6.90%) DV Cleared
15 17 (6.51%) CompTIA Security+
15 17 (6.51%) GIAC
16 13 (4.98%) GPEN
17 11 (4.21%) CCNP
17 11 (4.21%) CISA
Quality Assurance & Compliance
1 83 (31.80%) ISO/IEC 27001
2 51 (19.54%) NIST
3 38 (14.56%) GDPR
4 26 (9.96%) Cyber Essentials
5 23 (8.81%) Accessibility
6 18 (6.90%) Actionable Recommendations
6 18 (6.90%) PCI DSS
7 12 (4.60%) NCSC
8 10 (3.83%) Cyber Essentials PLUS
9 9 (3.45%) GRC
10 3 (1.15%) Data Quality
10 3 (1.15%) GxP
10 3 (1.15%) ITGC
10 3 (1.15%) NIST 800
10 3 (1.15%) RMADS
10 3 (1.15%) Sarbanes-Oxley
10 3 (1.15%) SOC 2
11 2 (0.77%) COBIT
11 2 (0.77%) ISO/IEC 27005
12 1 (0.38%) QA
System Software
1 23 (8.81%) Active Directory
2 6 (2.30%) VMware Infrastructure
3 5 (1.92%) Virtual Machines
4 4 (1.53%) VMware ESXi
5 3 (1.15%) Docker
6 2 (0.77%) EMC RecoverPoint
6 2 (0.77%) Hyper-V
6 2 (0.77%) vSphere
7 1 (0.38%) Virtual Desktop
Systems Management
1 22 (8.43%) Nessus
2 19 (7.28%) Nmap
3 14 (5.36%) Kubernetes
4 7 (2.68%) Microsoft Intune
5 6 (2.30%) Terraform
6 5 (1.92%) Ansible
6 5 (1.92%) CSIRT
7 4 (1.53%) Single Sign-On
8 3 (1.15%) ArcSight ESM
8 3 (1.15%) FortiGate
8 3 (1.15%) QRadar
9 2 (0.77%) Progress Chef
9 2 (0.77%) VxRail
10 1 (0.38%) CASB
10 1 (0.38%) Consul
10 1 (0.38%) Jamf Pro
10 1 (0.38%) Packer
10 1 (0.38%) Proxmox
10 1 (0.38%) Puppet
10 1 (0.38%) Red Hat Satellite
Vendors
1 62 (23.75%) Microsoft
2 14 (5.36%) Cisco
3 13 (4.98%) Splunk
4 9 (3.45%) Sophos
4 9 (3.45%) VMware
5 8 (3.07%) Zscaler
6 7 (2.68%) CheckPoint
7 6 (2.30%) Fortinet
8 5 (1.92%) Qualys
8 5 (1.92%) ServiceNow
8 5 (1.92%) Tenable
8 5 (1.92%) TOWER Software
9 4 (1.53%) CrowdStrike
9 4 (1.53%) Okta
9 4 (1.53%) Oracle
10 3 (1.15%) ArcSight
10 3 (1.15%) CyberArk
10 3 (1.15%) Dell
10 3 (1.15%) McAfee
10 3 (1.15%) Veeam
120 Penetration Testing jobs Nationwide