Penetration Testing Job Trends

Penetration Testing
UK

The table below provides summary statistics and salary benchmarking for jobs requiring Penetration Testing skills. It covers permanent job vacancies from the 6 months leading up to 12 April 2026, with comparisons to the same periods in the previous two years.

 6 months to
12 Apr 2026		 Same period 2025 Same period 2024
Rank 438 384 413
Rank change year-on-year -54 +29 +81
Permanent jobs citing Penetration Testing 284 264 535
As % of all permanent jobs in the UK 0.34% 0.64% 0.58%
As % of the Processes & Methodologies category 0.44% 0.69% 0.67%
Number of salaries quoted 197 210 426
10th Percentile £44,000 £45,675 £38,750
25th Percentile £50,000 £58,750 £47,556
Median annual salary (50th Percentile) £65,000 £68,500 £62,500
Median % change year-on-year -5.11% +9.60% -9.68%
75th Percentile £90,000 £87,500 £82,500
90th Percentile £97,500 £97,500 £95,000
UK excluding London median annual salary £67,500 £67,500 £55,000
% change year-on-year - +22.73% -7.17%

All Process & Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies requiring process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills 63,952 38,221 79,637
As % of all permanent jobs advertised in the UK 75.80% 92.98% 86.04%
Number of salaries quoted 39,483 22,497 58,940
10th Percentile £30,000 £31,250 £29,000
25th Percentile £40,000 £42,500 £40,000
Median annual salary (50th Percentile) £57,500 £60,000 £55,000
Median % change year-on-year -4.17% +9.09% -10.57%
75th Percentile £77,500 £80,000 £72,500
90th Percentile £97,500 £102,500 £92,500
UK excluding London median annual salary £50,000 £53,500 £50,000
% change year-on-year -6.54% +7.00% -8.26%

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of permanent IT job postings citing Penetration Testing relative to all permanent IT jobs advertised.

Penetration Testing job vacancy trend in the UK

Penetration Testing
Salary Trend

Salary distribution trend for jobs in the UK citing Penetration Testing.

Salary distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Salary Histogram

Salary distribution for jobs citing Penetration Testing over the 6 months to 12 April 2026.

Salary histogram for Penetration Testing in the UK

Penetration Testing
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 12 April 2026. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Permanent
IT Job Ads		 Median Salary
Past 6 Months		 Median Salary
% Change
on Same Period
Last Year		 Live
Jobs
England -74 245 £63,769 -5.53% 83
UK excluding London -63 147 £67,500 - 70
London -31 103 £77,500 +6.90% 34
Work from Home +9 101 £60,000 -17.24% 50
South West +2 54 £62,500 -7.41% 22
Midlands -48 26 £52,500 -22.22% 6
South East -54 26 £73,750 +18.00% 21
North of England -67 25 £60,000 -1.64% 9
West Midlands -26 16 £65,000 -3.70% 6
Scotland -10 14 £90,000 +21.21% 6
Yorkshire -44 13 £55,000 +7.32% 4
East Midlands -40 10 £51,058 +27.65%
North West -49 7 £56,000 -9.31% 4
North East -28 5 £75,000 +12.36% 1
East of England -25 3 £35,000 - 2

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1 4 (1.41%) SharePoint
2 3 (1.06%) Confluence
2 3 (1.06%) IIS
2 3 (1.06%) Microsoft Exchange
3 1 (0.35%) Apache
3 1 (0.35%) Drupal
3 1 (0.35%) nginx
3 1 (0.35%) WordPress
Applications
1 2 (0.70%) Weka
2 1 (0.35%) Microsoft Excel
2 1 (0.35%) Microsoft Office
Business Applications
1 1 (0.35%) Exchequer
1 1 (0.35%) Magento
Cloud Services
1 68 (23.94%) Azure
2 63 (22.18%) AWS
3 22 (7.75%) GCP
4 21 (7.39%) GitHub
5 17 (5.99%) GitHub Actions
6 15 (5.28%) Microsoft 365
7 13 (4.58%) Azure Sentinel
8 10 (3.52%) Entra ID
9 9 (3.17%) Microsoft Purview
10 7 (2.46%) SaaS
11 4 (1.41%) Amazon EKS
11 4 (1.41%) AWS CloudFormation
11 4 (1.41%) Azure DevOps
11 4 (1.41%) Azure Key Vault
11 4 (1.41%) Mimecast
12 3 (1.06%) IaaS
12 3 (1.06%) PaaS
12 3 (1.06%) Power Platform
13 2 (0.70%) Figma
13 2 (0.70%) Slack
Communications & Networking
1 48 (16.90%) Firewall
2 28 (9.86%) Network Security
3 21 (7.39%) TCP/IP
4 20 (7.04%) Wireless
5 18 (6.34%) VPN
6 14 (4.93%) DNS
7 9 (3.17%) Intrusion Detection
8 8 (2.82%) VLAN
9 7 (2.46%) Cisco ISE
10 5 (1.76%) Internet
11 4 (1.41%) Cisco Nexus
11 4 (1.41%) HTTP
11 4 (1.41%) HTTPS
11 4 (1.41%) Wi-Fi
12 3 (1.06%) DHCP
12 3 (1.06%) DMZ
12 3 (1.06%) LAN
12 3 (1.06%) SSL
12 3 (1.06%) VoIP
12 3 (1.06%) WAN
Database & Business Intelligence
1 3 (1.06%) Amazon RDS
1 3 (1.06%) Power BI
1 3 (1.06%) SQL Server
2 1 (0.35%) InterSystems Cache
2 1 (0.35%) MongoDB
2 1 (0.35%) Redis
2 1 (0.35%) Tableau
Development Applications
1 29 (10.21%) Burp Suite
1 29 (10.21%) Metasploit
2 16 (5.63%) Jenkins
3 8 (2.82%) JIRA
4 6 (2.11%) Bitbucket
5 2 (0.70%) Git
5 2 (0.70%) IDA Disassembler
5 2 (0.70%) NUnit
6 1 (0.35%) Gatling
6 1 (0.35%) JMeter
6 1 (0.35%) Vagrant
General
1 86 (30.28%) Finance
2 85 (29.93%) Social Skills
3 30 (10.56%) Public Sector
4 25 (8.80%) Inclusion and Diversity
5 23 (8.10%) Banking
6 21 (7.39%) Law
7 20 (7.04%) Analytical Skills
8 19 (6.69%) Retail
9 9 (3.17%) Legal
10 8 (2.82%) Pharmaceutical
11 6 (2.11%) Influencing Skills
11 6 (2.11%) Marketing
12 4 (1.41%) Financial Institution
12 4 (1.41%) Telecoms
13 3 (1.06%) Aerospace
13 3 (1.06%) Back Office
13 3 (1.06%) Manufacturing
13 3 (1.06%) Military
13 3 (1.06%) Presentation Skills
14 2 (0.70%) Documentation Skills
Job Titles
1 49 (17.25%) Consultant
2 44 (15.49%) Security Consultant
3 40 (14.08%) Analyst
3 40 (14.08%) Tester
4 39 (13.73%) Penetration Tester
5 35 (12.32%) Senior
6 32 (11.27%) Security Analyst
7 29 (10.21%) Security Engineer
8 25 (8.80%) Cybersecurity Consultant
8 25 (8.80%) Security Manager
9 23 (8.10%) Lead
10 18 (6.34%) Applications Engineer
10 18 (6.34%) Security Specialist
11 15 (5.28%) Senior Analyst
11 15 (5.28%) Senior Security Analyst
12 14 (4.93%) Team Leader
13 12 (4.23%) Test Team Leader
14 10 (3.52%) Head of Security
14 10 (3.52%) Information Analyst
14 10 (3.52%) Information Security Analyst
Libraries, Frameworks & Software Standards
1 4 (1.41%) .NET
2 3 (1.06%) .NET Framework
3 2 (0.70%) AngularJS
3 2 (0.70%) ASP.NET
3 2 (0.70%) ASP.NET Core
3 2 (0.70%) Entity Framework
3 2 (0.70%) OAuth
3 2 (0.70%) OAuth2
3 2 (0.70%) OpenAPI
3 2 (0.70%) OpenID
3 2 (0.70%) RESTful
3 2 (0.70%) RxJS
3 2 (0.70%) Swagger
3 2 (0.70%) Vitest
4 1 (0.35%) ARM Templates
4 1 (0.35%) LDAP
4 1 (0.35%) Memcached
Miscellaneous
1 69 (24.30%) Security Posture
2 32 (11.27%) Mobile App
3 26 (9.15%) Cyber Defence
4 24 (8.45%) Cyber Threat
5 21 (7.39%) Management Information System
6 8 (2.82%) Blog
6 8 (2.82%) Operational Technology
6 8 (2.82%) Self-Motivation
7 7 (2.46%) Data Centre
7 7 (2.46%) Insider Threat
8 6 (2.11%) Cloud Native
8 6 (2.11%) PKI
9 5 (1.76%) Enterprise Software
9 5 (1.76%) Public Cloud
9 5 (1.76%) Security Operations Centre
10 4 (1.41%) Cyber Security Posture
10 4 (1.41%) Cyberattack
10 4 (1.41%) Data Protection Act
11 3 (1.06%) Renewable Energy
11 3 (1.06%) SCADA
Operating Systems
1 35 (12.32%) Linux
2 34 (11.97%) Windows
3 13 (4.58%) Android
3 13 (4.58%) Apple iOS
4 5 (1.76%) Unix
5 4 (1.41%) Windows Server
6 2 (0.70%) Windows Server 2016
7 1 (0.35%) Kali Linux
7 1 (0.35%) Mac OS
7 1 (0.35%) Red Hat Enterprise Linux
Processes & Methodologies
1 166 (58.45%) Cybersecurity
2 85 (29.93%) Incident Response
3 83 (29.23%) Red Team
4 67 (23.59%) Application Security
5 63 (22.18%) Information Security
6 53 (18.66%) Mentoring
6 53 (18.66%) Offensive Security
6 53 (18.66%) Security Testing
6 53 (18.66%) SIEM
7 50 (17.61%) Problem-Solving
8 47 (16.55%) Vulnerability Management
9 45 (15.85%) Agile
10 41 (14.44%) Threat Modelling
11 38 (13.38%) Cloud Security
12 34 (11.97%) Security Operations
13 33 (11.62%) Vulnerability Assessment
14 31 (10.92%) Business Strategy
15 30 (10.56%) Internal Audit
16 29 (10.21%) Coaching
16 29 (10.21%) SDLC
Programming Languages
1 60 (21.13%) Python
2 50 (17.61%) PowerShell
3 44 (15.49%) Bash
4 15 (5.28%) Go
4 15 (5.28%) Java
5 9 (3.17%) C
5 9 (3.17%) C++
6 8 (2.82%) C#
6 8 (2.82%) Perl
7 7 (2.46%) SQL
8 6 (2.11%) Ruby
9 4 (1.41%) Bicep
10 3 (1.06%) Objective-C
10 3 (1.06%) Rust
11 2 (0.70%) Kusto Query Language
11 2 (0.70%) TypeScript
12 1 (0.35%) PHP
12 1 (0.35%) R
Qualifications
1 102 (35.92%) CREST Certified
2 73 (25.70%) CISSP
3 72 (25.35%) OSCP
4 56 (19.72%) Security Cleared
5 50 (17.61%) Degree
6 46 (16.20%) SC Cleared
7 35 (12.32%) CHECK Team Member
8 31 (10.92%) CEH
8 31 (10.92%) CISM
9 29 (10.21%) Cisco Certification
10 24 (8.45%) CHECK Team Leader
11 21 (7.39%) CCSAM
12 20 (7.04%) CCNA
13 19 (6.69%) SANS
14 18 (6.34%) CompTIA Security+
15 17 (5.99%) DV Cleared
15 17 (5.99%) GIAC
16 14 (4.93%) GPEN
17 12 (4.23%) CCNP
18 10 (3.52%) CISA
Quality Assurance & Compliance
1 90 (31.69%) ISO/IEC 27001
2 51 (17.96%) NIST
3 44 (15.49%) GDPR
4 31 (10.92%) Cyber Essentials
5 19 (6.69%) Accessibility
5 19 (6.69%) Actionable Recommendations
5 19 (6.69%) PCI DSS
6 12 (4.23%) NCSC
7 11 (3.87%) Cyber Essentials PLUS
8 10 (3.52%) GRC
9 7 (2.46%) SOC 2
10 4 (1.41%) ITGC
11 3 (1.06%) COBIT
11 3 (1.06%) Data Quality
11 3 (1.06%) GxP
11 3 (1.06%) NIST 800
11 3 (1.06%) RMADS
11 3 (1.06%) Sarbanes-Oxley
12 2 (0.70%) ISO/IEC 27005
13 1 (0.35%) HIPAA
System Software
1 25 (8.80%) Active Directory
2 7 (2.46%) VMware Infrastructure
3 3 (1.06%) Docker
3 3 (1.06%) Virtual Machines
3 3 (1.06%) VMware ESXi
4 2 (0.70%) EMC RecoverPoint
4 2 (0.70%) Hyper-V
4 2 (0.70%) vSphere
5 1 (0.35%) Virtual Desktop
Systems Management
1 21 (7.39%) Nessus
2 19 (6.69%) Nmap
3 15 (5.28%) Kubernetes
4 8 (2.82%) Microsoft Intune
4 8 (2.82%) Terraform
5 5 (1.76%) Ansible
5 5 (1.76%) CSIRT
5 5 (1.76%) Single Sign-On
6 3 (1.06%) ArcSight ESM
6 3 (1.06%) FortiGate
6 3 (1.06%) QRadar
7 2 (0.70%) Jamf Pro
7 2 (0.70%) VxRail
8 1 (0.35%) CASB
8 1 (0.35%) Consul
8 1 (0.35%) Packer
8 1 (0.35%) Progress Chef
8 1 (0.35%) Puppet
8 1 (0.35%) Red Hat Satellite
Vendors
1 61 (21.48%) Microsoft
2 14 (4.93%) Cisco
2 14 (4.93%) Splunk
3 10 (3.52%) Sophos
3 10 (3.52%) VMware
4 9 (3.17%) Zscaler
5 7 (2.46%) CheckPoint
5 7 (2.46%) Fortinet
6 5 (1.76%) CrowdStrike
6 5 (1.76%) Qualys
6 5 (1.76%) TOWER Software
7 4 (1.41%) Okta
8 3 (1.06%) ArcSight
8 3 (1.06%) CyberArk
8 3 (1.06%) LogLogic
8 3 (1.06%) McAfee
8 3 (1.06%) Palo Alto
8 3 (1.06%) ServiceNow
8 3 (1.06%) Tenable
8 3 (1.06%) Veeam
110 Penetration Testing jobs Nationwide