Penetration Testing Job Trends, Salaries & Related Skills

Penetration Testing
UK

The table below provides summary statistics and salary benchmarking for jobs requiring Penetration Testing skills. It covers permanent job vacancies from the 6 months leading up to 21 December 2025, with comparisons to the same periods in the previous two years.

	6 months to 21 Dec 2025	Same period 2024	Same period 2023
Rank	464	411	354
Rank change year-on-year	-53	-57	+163
Permanent jobs citing Penetration Testing	183	352	378
As % of all permanent jobs in the UK	0.31%	0.63%	0.78%
As % of the Processes & Methodologies category	0.37%	0.70%	0.83%
Number of salaries quoted	154	201	308
10^th Percentile	£48,165	£46,619	£42,500
25^th Percentile	£55,000	£56,250	£52,494
Median annual salary (50^th Percentile)	£70,000	£65,000	£64,902
Median % change year-on-year	+7.69%	+0.15%	-6.21%
75^th Percentile	£87,500	£88,750	£80,000
90^th Percentile	£90,000	£100,000	£90,000
UK excluding London median annual salary	£62,500	£60,000	£60,000
% change year-on-year	+4.17%	-	-7.69%

All Process and Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies requiring process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills	48,853	50,492	45,409
As % of all permanent jobs advertised in the UK	82.70%	89.69%	93.72%
Number of salaries quoted	28,653	25,437	34,822
10^th Percentile	£28,500	£35,000	£32,000
25^th Percentile	£36,250	£45,000	£43,750
Median annual salary (50^th Percentile)	£55,000	£60,000	£60,000
Median % change year-on-year	-8.33%	-	-2.84%
75^th Percentile	£75,000	£80,000	£80,000
90^th Percentile	£95,000	£100,000	£100,000
UK excluding London median annual salary	£48,979	£55,000	£52,500
% change year-on-year	-10.95%	+4.76%	-2.78%

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of permanent IT job postings citing Penetration Testing relative to all permanent IT jobs advertised.

Penetration Testing
Salary Trend

Salary distribution trend for jobs in the UK citing Penetration Testing.

Penetration Testing
Salary Histogram

Salary distribution for jobs citing Penetration Testing over the 6 months to 21 December 2025.

Salary histogram for Penetration Testing in the UK

Penetration Testing
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 21 December 2025. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Permanent IT Job Ads	Median Salary Past 6 Months	Median Salary % Change on Same Period Last Year	Live Jobs
England	-37	164	£70,000	+7.69%	88
UK excluding London	-24	95	£62,500	+4.17%	81
London	-20	72	£75,000	-	25
Work from Home	-12	68	£61,250	-5.77%	49
South West	+26	30	£76,250	+19.14%	23
Midlands	+6	23	£54,000	-6.09%	13
South East	+7	22	£58,750	-2.08%	20
West Midlands	+17	14	£59,000	+12.38%	12
North of England	-7	11	£55,000	-3.30%	16
East Midlands	-5	9	£51,058	-11.20%	1
Scotland	-26	8	£90,000	+21.21%	5
Yorkshire	-3	7	£57,500	+9.52%	7
North West	+11	4	£55,000	-12.00%	8
East of England	+15	1	£85,000	+198.25%	2
Northern Ireland	-4	1	£70,000	+16.67%	1

Penetration Testing
Top 30 Co-Occurring Skills & Capabilities

For the 6 months to 21 December 2025, job vacancies citing Penetration Testing also mentioned the following skills and capabilities in order of popularity. The figures indicate the absolute number of co-occurrences and as a proportion of all permanent job ads with a requirement for Penetration Testing.

1	94 (51.37%)	Cybersecurity
2	74 (40.44%)	ISO/IEC 27001
3	65 (35.52%)	Incident Response
4	62 (33.88%)	Python
5	58 (31.69%)	Azure
6	55 (30.05%)	CISSP
6	55 (30.05%)	NIST
7	51 (27.87%)	Microsoft
8	49 (26.78%)	SIEM
9	45 (24.59%)	Vulnerability Management
10	41 (22.40%)	Degree
11	40 (21.86%)	Bash
12	39 (21.31%)	PowerShell
13	38 (20.77%)	Information Security
14	37 (20.22%)	Firewall

15	36 (19.67%)	CREST Certified
16	35 (19.13%)	Red Team
16	35 (19.13%)	Security Cleared
17	33 (18.03%)	Application Security
17	33 (18.03%)	Problem-Solving
17	33 (18.03%)	Vulnerability Assessment
17	33 (18.03%)	Vulnerability Scanning
18	32 (17.49%)	AWS
18	32 (17.49%)	Security Operations
19	30 (16.39%)	Threat Modelling
20	29 (15.85%)	SC Cleared
21	28 (15.30%)	Cyber Essentials
21	28 (15.30%)	DevOps
21	28 (15.30%)	Linux
21	28 (15.30%)	Security Testing

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1	6 (3.28%)	Microsoft Exchange
2	3 (1.64%)	SharePoint
3	1 (0.55%)	Confluence

Applications
1	7 (3.83%)	Microsoft Excel
1	7 (3.83%)	Microsoft Office
2	2 (1.09%)	Weka
3	1 (0.55%)	GNU Octave

Cloud Services
1	58 (31.69%)	Azure
2	32 (17.49%)	AWS
3	16 (8.74%)	GitHub
4	15 (8.20%)	Azure Sentinel
4	15 (8.20%)	Slack
5	12 (6.56%)	Entra ID
5	12 (6.56%)	GitHub Actions
5	12 (6.56%)	Microsoft 365
6	11 (6.01%)	Microsoft Purview
7	10 (5.46%)	GCP
7	10 (5.46%)	Power Platform
8	3 (1.64%)	IBM Cloud
8	3 (1.64%)	Mimecast
8	3 (1.64%)	SaaS
9	2 (1.09%)	Rubrik
9	2 (1.09%)	SecurityScorecard
10	1 (0.55%)	Azure Key Vault
10	1 (0.55%)	Datadog
10	1 (0.55%)	Power Automate
10	1 (0.55%)	Tessian

Communications & Networking
1	37 (20.22%)	Firewall
2	27 (14.75%)	Network Security
3	22 (12.02%)	TCP/IP
4	13 (7.10%)	VPN
5	9 (4.92%)	Wireshark
6	8 (4.37%)	Wi-Fi
7	7 (3.83%)	Intrusion Detection
7	7 (3.83%)	Wireless
8	5 (2.73%)	HTTP
8	5 (2.73%)	VLAN
9	4 (2.19%)	DNS
9	4 (2.19%)	Ethernet
10	3 (1.64%)	BGP
10	3 (1.64%)	Cisco ISE
10	3 (1.64%)	Modbus
10	3 (1.64%)	OSPF
11	2 (1.09%)	Cisco Nexus
11	2 (1.09%)	ICMP
11	2 (1.09%)	Internet
11	2 (1.09%)	Spanning Tree

Database & Business Intelligence
1	10 (5.46%)	Power BI
2	7 (3.83%)	Tableau
3	2 (1.09%)	SQL Server
4	1 (0.55%)	Elasticsearch

Development Applications
1	22 (12.02%)	Burp Suite
2	21 (11.48%)	Metasploit
3	17 (9.29%)	JIRA
4	12 (6.56%)	Jenkins
5	2 (1.09%)	IDA Disassembler
6	1 (0.55%)	Git
6	1 (0.55%)	GitLab

General
1	72 (39.34%)	Social Skills
2	37 (20.22%)	Finance
3	19 (10.38%)	Analytical Skills
4	18 (9.84%)	Influencing Skills
5	16 (8.74%)	Inclusion and Diversity
5	16 (8.74%)	Presentation Skills
6	11 (6.01%)	Public Sector
7	9 (4.92%)	Banking
8	8 (4.37%)	Retail
9	6 (3.28%)	Law
10	4 (2.19%)	Documentation Skills
10	4 (2.19%)	Electronics
10	4 (2.19%)	Marketing
11	3 (1.64%)	Legal
11	3 (1.64%)	Manufacturing
11	3 (1.64%)	Military
12	2 (1.09%)	Aerospace
12	2 (1.09%)	Pharmaceutical
12	2 (1.09%)	Public Speaking
12	2 (1.09%)	Telecoms

Job Titles
1	48 (26.23%)	Security Engineer
2	30 (16.39%)	Analyst
3	26 (14.21%)	Security Analyst
4	24 (13.11%)	Tester
5	23 (12.57%)	Penetration Tester
5	23 (12.57%)	Senior
6	17 (9.29%)	Cybersecurity Engineer
7	15 (8.20%)	Applications Engineer
7	15 (8.20%)	IT Manager
7	15 (8.20%)	Senior Security Engineer
8	14 (7.65%)	Consultant
8	14 (7.65%)	Security Consultant
9	11 (6.01%)	Cybersecurity Consultant
10	9 (4.92%)	Security Manager
11	8 (4.37%)	Auditor
11	8 (4.37%)	Cybersecurity Analyst
11	8 (4.37%)	Information Analyst
11	8 (4.37%)	Information Security Analyst
11	8 (4.37%)	IT Auditor
11	8 (4.37%)	Network Engineer

Libraries, Frameworks & Software Standards
1	5 (2.73%)	JSON
2	1 (0.55%)	Elastic Stack
2	1 (0.55%)	PyTorch
2	1 (0.55%)	TensorFlow
2	1 (0.55%)	YAML

Miscellaneous
1	27 (14.75%)	Security Posture
2	26 (14.21%)	Management Information System
3	15 (8.20%)	Cyber Threat
4	12 (6.56%)	Security Operations Centre
5	10 (5.46%)	Cyber Defence
6	9 (4.92%)	Self-Motivation
7	8 (4.37%)	Operational Technology
8	7 (3.83%)	Mobile App
8	7 (3.83%)	PKI
9	6 (3.28%)	Analytical Mindset
9	6 (3.28%)	Cyber Kill Chain
10	5 (2.73%)	Cloud Native
10	5 (2.73%)	Enterprise Software
10	5 (2.73%)	SCADA
11	4 (2.19%)	Insider Threat
11	4 (2.19%)	Linux Command Line
12	3 (1.64%)	Cyber Security Posture
12	3 (1.64%)	Onboarding
12	3 (1.64%)	Renewable Energy
12	3 (1.64%)	Virtual Team

Operating Systems
1	28 (15.30%)	Linux
2	24 (13.11%)	Windows
3	7 (3.83%)	Unix
4	6 (3.28%)	Windows Server
5	5 (2.73%)	Kali Linux
6	4 (2.19%)	Android
6	4 (2.19%)	Apple iOS
7	1 (0.55%)	Debian
7	1 (0.55%)	Ubuntu
7	1 (0.55%)	Windows 10
7	1 (0.55%)	Windows Server 2016
7	1 (0.55%)	Windows Server 2019

Processes & Methodologies
1	94 (51.37%)	Cybersecurity
2	65 (35.52%)	Incident Response
3	49 (26.78%)	SIEM
4	45 (24.59%)	Vulnerability Management
5	38 (20.77%)	Information Security
6	35 (19.13%)	Red Team
7	33 (18.03%)	Application Security
7	33 (18.03%)	Problem-Solving
7	33 (18.03%)	Vulnerability Assessment
7	33 (18.03%)	Vulnerability Scanning
8	32 (17.49%)	Security Operations
9	30 (16.39%)	Threat Modelling
10	28 (15.30%)	DevOps
10	28 (15.30%)	Security Testing
11	27 (14.75%)	Technology Transformation
11	27 (14.75%)	Vulnerability Remediation
12	23 (12.57%)	Cloud Security
13	22 (12.02%)	CI/CD
13	22 (12.02%)	ITIL
14	21 (11.48%)	SDLC

Programming Languages
1	62 (33.88%)	Python
2	40 (21.86%)	Bash
3	39 (21.31%)	PowerShell
4	17 (9.29%)	Go
5	10 (5.46%)	SQL
6	7 (3.83%)	C
6	7 (3.83%)	C++
6	7 (3.83%)	R
7	6 (3.28%)	C#
8	5 (2.73%)	JavaScript
8	5 (2.73%)	Perl
9	3 (1.64%)	Java
10	2 (1.09%)	Ruby
11	1 (0.55%)	Kusto Query Language
11	1 (0.55%)	Scala

Qualifications
1	55 (30.05%)	CISSP
2	41 (22.40%)	Degree
3	36 (19.67%)	CREST Certified
4	35 (19.13%)	Security Cleared
5	29 (15.85%)	SC Cleared
6	27 (14.75%)	Cisco Certification
6	27 (14.75%)	OSCP
7	22 (12.02%)	SANS
8	18 (9.84%)	CCNA
9	16 (8.74%)	CompTIA Security+
10	15 (8.20%)	CHECK Team Member
10	15 (8.20%)	GIAC
11	13 (7.10%)	DV Cleared
12	12 (6.56%)	CISA
12	12 (6.56%)	GCIA
12	12 (6.56%)	GCIH
13	11 (6.01%)	CCNP
14	10 (5.46%)	CEH
15	9 (4.92%)	CISM
16	8 (4.37%)	(ISC)2 CCSP

Quality Assurance & Compliance
1	74 (40.44%)	ISO/IEC 27001
2	55 (30.05%)	NIST
3	28 (15.30%)	Cyber Essentials
4	27 (14.75%)	Accessibility
5	15 (8.20%)	GDPR
6	7 (3.83%)	NCSC
7	6 (3.28%)	GRC
8	5 (2.73%)	NIST 800
9	4 (2.19%)	Actionable Recommendations
9	4 (2.19%)	QA
10	3 (1.64%)	Cyber Essentials PLUS
10	3 (1.64%)	ITGC
10	3 (1.64%)	PCI DSS
10	3 (1.64%)	RMADS
11	2 (1.09%)	GxP
11	2 (1.09%)	ISO/IEC 27005
12	1 (0.55%)	COBIT
12	1 (0.55%)	ISO/IEC 42001
12	1 (0.55%)	Sarbanes-Oxley
12	1 (0.55%)	SOC 2

System Software
1	15 (8.20%)	Virtual Machines
2	9 (4.92%)	Active Directory
3	6 (3.28%)	VMware Infrastructure
4	4 (2.19%)	VMware ESXi
5	3 (1.64%)	Firmware
5	3 (1.64%)	Hyper-V
6	2 (1.09%)	Docker
6	2 (1.09%)	EMC RecoverPoint
6	2 (1.09%)	pfSense
6	2 (1.09%)	Squid
6	2 (1.09%)	vSphere

Systems Management
1	19 (10.38%)	Nmap
2	16 (8.74%)	Nessus
3	8 (4.37%)	QRadar
4	5 (2.73%)	Kubernetes
4	5 (2.73%)	Single Sign-On
5	4 (2.19%)	Microsoft Intune
6	3 (1.64%)	ArcSight ESM
6	3 (1.64%)	Proxmox
7	2 (1.09%)	Cisco CUCM
7	2 (1.09%)	Terraform
7	2 (1.09%)	VxRail
8	1 (0.55%)	Ansible
8	1 (0.55%)	CASB
8	1 (0.55%)	CSIRT
8	1 (0.55%)	Kibana
8	1 (0.55%)	Progress Chef
8	1 (0.55%)	SCCM
8	1 (0.55%)	ZENworks

Vendors
1	51 (27.87%)	Microsoft
2	17 (9.29%)	Tenable
3	15 (8.20%)	ServiceNow
4	14 (7.65%)	Cisco
5	11 (6.01%)	Splunk
6	8 (4.37%)	VMware
7	7 (3.83%)	Oracle
8	6 (3.28%)	Fortinet
9	5 (2.73%)	Palo Alto
10	4 (2.19%)	CheckPoint
10	4 (2.19%)	Qualys
10	4 (2.19%)	Zscaler
11	3 (1.64%)	ArcSight
11	3 (1.64%)	CyberArk
11	3 (1.64%)	IBM
11	3 (1.64%)	LogLogic
11	3 (1.64%)	LogRhythm
11	3 (1.64%)	McAfee
12	2 (1.09%)	Okta
12	2 (1.09%)	Trend Micro

Penetration TestingUK

All Process and Methodology SkillsUK

Penetration TestingJob Vacancy Trend

Penetration TestingSalary Trend

Penetration TestingSalary Histogram

Penetration TestingTop 15 Job Locations

Penetration TestingTop 30 Co-Occurring Skills & Capabilities

Penetration TestingCo-Occurring Skills & Capabilities by Category