Penetration Testing Job Trends

Penetration Testing
UK

The table below provides summary statistics and salary benchmarking for jobs requiring Penetration Testing skills. It covers permanent job vacancies from the 6 months leading up to 20 April 2026, with comparisons to the same periods in the previous two years.

 6 months to
20 Apr 2026		 Same period 2025 Same period 2024
Rank 446 393 429
Rank change year-on-year -53 +36 +50
Permanent jobs citing Penetration Testing 289 255 537
As % of all permanent jobs in the UK 0.33% 0.61% 0.57%
As % of the Processes & Methodologies category 0.44% 0.66% 0.66%
Number of salaries quoted 200 200 420
10th Percentile £42,950 £45,000 £38,750
25th Percentile £50,000 £58,750 £47,500
Median annual salary (50th Percentile) £65,000 £67,500 £62,500
Median % change year-on-year -3.70% +8.00% -7.41%
75th Percentile £89,250 £85,313 £82,500
90th Percentile £97,500 £98,000 £95,000
UK excluding London median annual salary £63,750 £67,500 £55,000
% change year-on-year -5.56% +22.73% -

All Process & Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies requiring process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills 65,702 38,866 81,241
As % of all permanent jobs advertised in the UK 75.29% 92.92% 85.87%
Number of salaries quoted 40,633 22,660 59,433
10th Percentile £30,000 £31,250 £29,000
25th Percentile £40,000 £42,500 £39,750
Median annual salary (50th Percentile) £57,500 £60,000 £55,000
Median % change year-on-year -4.17% +9.09% -10.57%
75th Percentile £77,500 £80,000 £72,500
90th Percentile £97,500 £102,500 £92,500
UK excluding London median annual salary £50,000 £52,600 £50,000
% change year-on-year -4.94% +5.20% -8.90%

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of permanent IT job postings citing Penetration Testing relative to all permanent IT jobs advertised.

Penetration Testing job vacancy trend in the UK

Penetration Testing
Salary Trend

Salary distribution trend for jobs in the UK citing Penetration Testing.

Salary distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Salary Histogram

Salary distribution for jobs citing Penetration Testing over the 6 months to 20 April 2026.

Salary histogram for Penetration Testing in the UK

Penetration Testing
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 20 April 2026. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Permanent
IT Job Ads		 Median Salary
Past 6 Months		 Median Salary
% Change
on Same Period
Last Year		 Live
Jobs
England -63 251 £63,769 -5.53% 92
UK excluding London -65 149 £63,750 -5.56% 59
London -13 106 £78,750 +8.62% 50
Work from Home +13 97 £60,000 -17.24% 46
South West -4 52 £55,000 -18.52% 17
South East -57 30 £72,500 +16.00% 20
North of England -56 26 £58,000 -2.11% 6
Midlands -40 25 £52,500 -22.22% 6
West Midlands -41 16 £65,000 -3.70% 6
Yorkshire -48 14 £55,000 +7.32% 2
Scotland -15 13 £90,000 +21.21% 5
East Midlands -47 9 £51,058 +27.65%
North West -39 7 £56,000 -8.20% 3
North East -35 5 £75,000 +12.36% 1
East of England -32 4 £32,500 - 2

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1 5 (1.73%) SharePoint
2 3 (1.04%) Confluence
2 3 (1.04%) IIS
2 3 (1.04%) Microsoft Exchange
3 1 (0.35%) Apache
3 1 (0.35%) Drupal
3 1 (0.35%) nginx
3 1 (0.35%) WordPress
Applications
1 2 (0.69%) Weka
Business Applications
1 1 (0.35%) Exchequer
1 1 (0.35%) Magento
Cloud Services
1 66 (22.84%) Azure
2 63 (21.80%) AWS
3 22 (7.61%) GCP
4 19 (6.57%) GitHub
4 19 (6.57%) Microsoft 365
5 15 (5.19%) GitHub Actions
6 12 (4.15%) Azure Sentinel
7 11 (3.81%) Entra ID
8 9 (3.11%) Microsoft Purview
9 7 (2.42%) SaaS
10 4 (1.38%) Amazon EKS
10 4 (1.38%) AWS CloudFormation
10 4 (1.38%) Azure DevOps
10 4 (1.38%) Azure Key Vault
10 4 (1.38%) Mimecast
11 3 (1.04%) IaaS
11 3 (1.04%) PaaS
12 2 (0.69%) Cloudflare
12 2 (0.69%) Dynamics 365
12 2 (0.69%) OneDrive
Communications & Networking
1 50 (17.30%) Firewall
2 28 (9.69%) Network Security
3 21 (7.27%) TCP/IP
4 20 (6.92%) Wireless
5 18 (6.23%) VPN
6 13 (4.50%) DNS
7 9 (3.11%) Intrusion Detection
8 8 (2.77%) VLAN
9 7 (2.42%) Cisco ISE
10 6 (2.08%) Internet
11 4 (1.38%) Cisco Nexus
11 4 (1.38%) HTTPS
11 4 (1.38%) VoIP
12 3 (1.04%) DHCP
12 3 (1.04%) DMZ
12 3 (1.04%) HTTP
12 3 (1.04%) LAN
12 3 (1.04%) Modbus
12 3 (1.04%) SSL
12 3 (1.04%) WAN
Database & Business Intelligence
1 4 (1.38%) SQL Server
2 3 (1.04%) Amazon RDS
3 2 (0.69%) Power BI
4 1 (0.35%) InterSystems Cache
4 1 (0.35%) MongoDB
4 1 (0.35%) Redis
Development Applications
1 28 (9.69%) Burp Suite
1 28 (9.69%) Metasploit
2 14 (4.84%) Jenkins
3 7 (2.42%) JIRA
4 6 (2.08%) Bitbucket
5 2 (0.69%) Git
5 2 (0.69%) NUnit
6 1 (0.35%) Gatling
6 1 (0.35%) IDA Disassembler
6 1 (0.35%) JMeter
6 1 (0.35%) Vagrant
General
1 86 (29.76%) Finance
1 86 (29.76%) Social Skills
2 33 (11.42%) Public Sector
3 26 (9.00%) Inclusion and Diversity
4 24 (8.30%) Banking
5 22 (7.61%) Law
6 20 (6.92%) Retail
7 17 (5.88%) Analytical Skills
8 9 (3.11%) Legal
8 9 (3.11%) Pharmaceutical
9 7 (2.42%) Marketing
10 5 (1.73%) Influencing Skills
10 5 (1.73%) Telecoms
11 4 (1.38%) Financial Institution
12 3 (1.04%) Aerospace
12 3 (1.04%) Back Office
12 3 (1.04%) Manufacturing
12 3 (1.04%) Military
13 2 (0.69%) Documentation Skills
13 2 (0.69%) Public Speaking
Job Titles
1 50 (17.30%) Consultant
2 45 (15.57%) Security Consultant
3 41 (14.19%) Penetration Tester
3 41 (14.19%) Tester
4 39 (13.49%) Senior
5 38 (13.15%) Analyst
6 31 (10.73%) Security Analyst
7 28 (9.69%) Security Engineer
8 26 (9.00%) Cybersecurity Consultant
9 25 (8.65%) Lead
9 25 (8.65%) Security Manager
10 17 (5.88%) Security Specialist
11 16 (5.54%) Applications Engineer
12 15 (5.19%) Senior Analyst
12 15 (5.19%) Senior Security Analyst
13 14 (4.84%) Team Leader
14 12 (4.15%) Test Team Leader
15 11 (3.81%) Information Analyst
15 11 (3.81%) Information Security Analyst
16 10 (3.46%) Head of Security
Libraries, Frameworks & Software Standards
1 4 (1.38%) .NET
2 3 (1.04%) .NET Framework
3 2 (0.69%) AngularJS
3 2 (0.69%) ASP.NET
3 2 (0.69%) ASP.NET Core
3 2 (0.69%) Entity Framework
3 2 (0.69%) OAuth
3 2 (0.69%) OAuth2
3 2 (0.69%) OpenAPI
3 2 (0.69%) OpenID
3 2 (0.69%) RESTful
3 2 (0.69%) RxJS
3 2 (0.69%) Swagger
3 2 (0.69%) Vitest
4 1 (0.35%) ARM Templates
4 1 (0.35%) LDAP
4 1 (0.35%) Memcached
Miscellaneous
1 67 (23.18%) Security Posture
2 33 (11.42%) Mobile App
3 25 (8.65%) Cyber Defence
4 23 (7.96%) Cyber Threat
5 20 (6.92%) Management Information System
6 9 (3.11%) Self-Motivation
7 8 (2.77%) Blog
7 8 (2.77%) Operational Technology
8 7 (2.42%) Data Centre
9 6 (2.08%) Cloud Native
9 6 (2.08%) Cyber Security Posture
9 6 (2.08%) Insider Threat
9 6 (2.08%) PKI
10 5 (1.73%) Enterprise Software
10 5 (1.73%) Public Cloud
10 5 (1.73%) Security Operations Centre
11 4 (1.38%) Data Protection Act
12 3 (1.04%) Cyberattack
12 3 (1.04%) Renewable Energy
12 3 (1.04%) SCADA
Operating Systems
1 33 (11.42%) Linux
1 33 (11.42%) Windows
2 13 (4.50%) Android
2 13 (4.50%) Apple iOS
3 4 (1.38%) Unix
3 4 (1.38%) Windows Server
4 2 (0.69%) Windows Server 2016
5 1 (0.35%) Kali Linux
5 1 (0.35%) Mac OS
5 1 (0.35%) Red Hat Enterprise Linux
Processes & Methodologies
1 176 (60.90%) Cybersecurity
2 85 (29.41%) Incident Response
3 84 (29.07%) Red Team
4 65 (22.49%) Application Security
5 63 (21.80%) Information Security
6 57 (19.72%) Security Testing
7 56 (19.38%) Mentoring
8 55 (19.03%) Offensive Security
9 53 (18.34%) SIEM
10 49 (16.96%) Vulnerability Management
11 48 (16.61%) Problem-Solving
12 45 (15.57%) Agile
13 39 (13.49%) Cloud Security
13 39 (13.49%) Threat Modelling
14 35 (12.11%) Security Operations
15 31 (10.73%) Business Strategy
16 30 (10.38%) Vulnerability Assessment
17 29 (10.03%) Business Transformation
17 29 (10.03%) Coaching
17 29 (10.03%) Internal Audit
Programming Languages
1 54 (18.69%) Python
2 47 (16.26%) PowerShell
3 41 (14.19%) Bash
4 15 (5.19%) Java
5 14 (4.84%) Go
6 8 (2.77%) C#
6 8 (2.77%) Perl
7 7 (2.42%) C
7 7 (2.42%) C++
8 6 (2.08%) Ruby
8 6 (2.08%) SQL
9 4 (1.38%) Bicep
10 3 (1.04%) Objective-C
10 3 (1.04%) Rust
11 2 (0.69%) Kusto Query Language
11 2 (0.69%) TypeScript
12 1 (0.35%) PHP
Qualifications
1 101 (34.95%) CREST Certified
2 73 (25.26%) CISSP
2 73 (25.26%) OSCP
3 55 (19.03%) Security Cleared
4 47 (16.26%) Degree
5 45 (15.57%) SC Cleared
6 36 (12.46%) CHECK Team Member
7 32 (11.07%) CISM
8 30 (10.38%) CEH
9 29 (10.03%) Cisco Certification
10 27 (9.34%) CHECK Team Leader
11 21 (7.27%) CCSAM
12 20 (6.92%) CCNA
13 18 (6.23%) CompTIA Security+
13 18 (6.23%) SANS
14 16 (5.54%) GIAC
15 15 (5.19%) DV Cleared
16 13 (4.50%) CCNP
16 13 (4.50%) GPEN
17 11 (3.81%) Cyber Scheme
Quality Assurance & Compliance
1 90 (31.14%) ISO/IEC 27001
2 50 (17.30%) NIST
3 44 (15.22%) GDPR
4 33 (11.42%) Cyber Essentials
5 19 (6.57%) PCI DSS
6 18 (6.23%) Actionable Recommendations
7 16 (5.54%) Accessibility
8 13 (4.50%) NCSC
9 11 (3.81%) Cyber Essentials PLUS
9 11 (3.81%) GRC
10 7 (2.42%) SOC 2
11 4 (1.38%) ITGC
12 3 (1.04%) COBIT
12 3 (1.04%) Data Quality
12 3 (1.04%) GxP
12 3 (1.04%) NIST 800
12 3 (1.04%) QA
12 3 (1.04%) RMADS
12 3 (1.04%) Sarbanes-Oxley
13 2 (0.69%) ISO/IEC 27005
System Software
1 25 (8.65%) Active Directory
2 7 (2.42%) VMware Infrastructure
3 3 (1.04%) Docker
3 3 (1.04%) VMware ESXi
4 2 (0.69%) EMC RecoverPoint
4 2 (0.69%) Hyper-V
4 2 (0.69%) Virtual Machines
4 2 (0.69%) vSphere
5 1 (0.35%) Virtual Desktop
Systems Management
1 21 (7.27%) Nessus
2 18 (6.23%) Nmap
3 15 (5.19%) Kubernetes
4 8 (2.77%) Microsoft Intune
4 8 (2.77%) Terraform
5 5 (1.73%) Ansible
5 5 (1.73%) CSIRT
5 5 (1.73%) Single Sign-On
6 3 (1.04%) ArcSight ESM
6 3 (1.04%) FortiGate
6 3 (1.04%) QRadar
7 2 (0.69%) Jamf Pro
7 2 (0.69%) VxRail
8 1 (0.35%) CASB
8 1 (0.35%) Consul
8 1 (0.35%) Packer
8 1 (0.35%) Progress Chef
8 1 (0.35%) Puppet
8 1 (0.35%) Red Hat Satellite
Vendors
1 61 (21.11%) Microsoft
2 14 (4.84%) Splunk
3 13 (4.50%) Cisco
4 11 (3.81%) Sophos
5 10 (3.46%) VMware
6 9 (3.11%) Zscaler
7 7 (2.42%) CheckPoint
7 7 (2.42%) Fortinet
8 5 (1.73%) CrowdStrike
8 5 (1.73%) Qualys
8 5 (1.73%) TOWER Software
9 4 (1.38%) Okta
10 3 (1.04%) ArcSight
10 3 (1.04%) CyberArk
10 3 (1.04%) Dell
10 3 (1.04%) LogLogic
10 3 (1.04%) McAfee
10 3 (1.04%) Palo Alto
10 3 (1.04%) Veeam
11 2 (0.69%) DevExpress
117 Penetration Testing jobs Nationwide