Penetration Testing Job Trends

Penetration Testing
UK

The table below provides summary statistics and salary benchmarking for jobs requiring Penetration Testing skills. It covers permanent job vacancies from the 6 months leading up to 14 June 2026, with comparisons to the same periods in the previous two years.

 6 months to
14 Jun 2026		 Same period 2025 Same period 2024
Rank 434 448 462
Rank change year-on-year +14 +14 +3
Permanent jobs citing Penetration Testing 331 235 516
As % of all permanent jobs in the UK 0.36% 0.53% 0.48%
As % of the Processes & Methodologies category 0.49% 0.57% 0.58%
Number of salaries quoted 225 176 410
10th Percentile £42,500 £43,125 £38,963
25th Percentile £50,000 £55,000 £48,750
Median annual salary (50th Percentile) £70,000 £67,500 £65,000
Median % change year-on-year +3.70% +3.85% -
75th Percentile £89,000 £80,000 £82,188
90th Percentile £100,000 £95,000 £95,125
UK excluding London median annual salary £55,000 £67,500 £58,750
% change year-on-year -18.52% +14.89% +6.82%

All Process & Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies requiring process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills 67,701 41,203 88,451
As % of all permanent jobs advertised in the UK 72.85% 92.64% 82.16%
Number of salaries quoted 46,469 21,965 62,595
10th Percentile £30,000 £29,000 £29,613
25th Percentile £41,250 £39,500 £40,000
Median annual salary (50th Percentile) £60,000 £57,500 £55,000
Median % change year-on-year +4.35% +4.55% -9.69%
75th Percentile £78,750 £77,500 £72,500
90th Percentile £100,000 £100,000 £92,500
UK excluding London median annual salary £52,500 £50,000 £50,000
% change year-on-year +5.00% - -9.09%

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of permanent IT job postings citing Penetration Testing relative to all permanent IT jobs advertised.

Penetration Testing job vacancy trend in the UK

Penetration Testing
Salary Trend

Salary distribution trend for jobs in the UK citing Penetration Testing.

Salary distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Salary Histogram

Salary distribution for jobs citing Penetration Testing over the 6 months to 14 June 2026.

Salary histogram for Penetration Testing in the UK

Penetration Testing
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 14 June 2026. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Permanent
IT Job Ads		 Median Salary
Past 6 Months		 Median Salary
% Change
on Same Period
Last Year		 Live
Jobs
England +10 297 £70,000 +3.70% 92
UK excluding London -41 166 £55,000 -18.52% 77
London +15 131 £82,500 +17.86% 34
Work from Home +49 116 £72,500 -3.33% 40
South East -4 53 £71,250 +1.79% 26
South West -13 45 £50,000 -27.27% 15
Midlands -23 29 £51,058 -24.36% 8
North of England -57 24 £56,000 -2.61% 13
West Midlands -30 18 £65,000 -3.70% 6
Yorkshire -46 13 £55,000 - 8
East Midlands -16 11 £48,901 +22.25% 2
Scotland +24 9 £85,000 +21.43% 8
East of England -16 6 £32,500 - 1
North East -41 6 £75,000 +3.18% 1
North West -27 5 £56,000 -8.20% 4
Wales -43 2 £54,085 -28.43% 2

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1 7 (2.11%) Microsoft Exchange
2 6 (1.81%) SharePoint
3 3 (0.91%) Confluence
3 3 (0.91%) IIS
4 1 (0.30%) Apache
4 1 (0.30%) Drupal
4 1 (0.30%) nginx
4 1 (0.30%) WordPress
Applications
1 2 (0.60%) Spreadsheet
Business Applications
1 1 (0.30%) Exchequer
1 1 (0.30%) Magento
1 1 (0.30%) SAP EHS
1 1 (0.30%) SAP S/4HANA
Cloud Services
1 78 (23.56%) AWS
2 77 (23.26%) Azure
3 31 (9.37%) Microsoft 365
4 30 (9.06%) GCP
5 14 (4.23%) Entra ID
6 13 (3.93%) GitHub
7 12 (3.63%) Azure Sentinel
8 10 (3.02%) SaaS
9 9 (2.72%) GitHub Actions
10 5 (1.51%) Microsoft Purview
11 4 (1.21%) Amazon EKS
11 4 (1.21%) AWS CloudFormation
11 4 (1.21%) Azure DevOps
11 4 (1.21%) Azure Key Vault
11 4 (1.21%) Mimecast
12 3 (0.91%) IaaS
12 3 (0.91%) OneDrive
12 3 (0.91%) PaaS
12 3 (0.91%) Rubrik
13 2 (0.60%) Nutanix
Communications & Networking
1 64 (19.34%) Firewall
2 28 (8.46%) Network Security
3 20 (6.04%) Wireless
4 19 (5.74%) VPN
5 16 (4.83%) Cisco Nexus
6 15 (4.53%) Internet
6 15 (4.53%) Wi-Fi
7 11 (3.32%) DNS
8 10 (3.02%) TCP/IP
9 9 (2.72%) LAN
9 9 (2.72%) WAN
10 8 (2.42%) Cisco ISE
11 7 (2.11%) VLAN
12 6 (1.81%) Intrusion Detection
13 4 (1.21%) DHCP
13 4 (1.21%) HTTPS
14 3 (0.91%) DMARC
14 3 (0.91%) DMZ
14 3 (0.91%) SSL
14 3 (0.91%) VoIP
Database & Business Intelligence
1 6 (1.81%) SQL Server
2 3 (0.91%) Amazon RDS
3 2 (0.60%) MongoDB
4 1 (0.30%) InterSystems Cache
4 1 (0.30%) KNIME
4 1 (0.30%) Power BI
4 1 (0.30%) Redis
Development Applications
1 22 (6.65%) Burp Suite
2 21 (6.34%) Metasploit
3 8 (2.42%) Jenkins
3 8 (2.42%) JIRA
4 6 (1.81%) Bitbucket
5 3 (0.91%) Git
6 2 (0.60%) Gatling
6 2 (0.60%) NUnit
6 2 (0.60%) Yeoman
7 1 (0.30%) Cucumber
7 1 (0.30%) GitLab
7 1 (0.30%) IDA Disassembler
7 1 (0.30%) JMeter
7 1 (0.30%) JUnit
7 1 (0.30%) Postman
7 1 (0.30%) Selenium
7 1 (0.30%) Snyk
7 1 (0.30%) Vagrant
General
1 108 (32.63%) Social Skills
2 79 (23.87%) Finance
3 35 (10.57%) Analytical Skills
4 33 (9.97%) Public Sector
5 31 (9.37%) Law
6 22 (6.65%) Inclusion and Diversity
6 22 (6.65%) Retail
7 20 (6.04%) Banking
8 10 (3.02%) Legal
9 7 (2.11%) Pharmaceutical
10 5 (1.51%) Marketing
11 4 (1.21%) Financial Institution
11 4 (1.21%) Influencing Skills
11 4 (1.21%) Telecoms
12 3 (0.91%) Back Office
13 2 (0.60%) Social Housing
14 1 (0.30%) Digital Health
14 1 (0.30%) French Language
14 1 (0.30%) German Language
14 1 (0.30%) Spanish Language
Job Titles
1 71 (21.45%) Senior
2 52 (15.71%) Consultant
3 49 (14.80%) Analyst
3 49 (14.80%) Penetration Tester
3 49 (14.80%) Tester
4 43 (12.99%) Security Consultant
5 41 (12.39%) Security Analyst
6 31 (9.37%) Senior Analyst
7 30 (9.06%) Lead
7 30 (9.06%) Senior Security Analyst
8 25 (7.55%) Security Manager
9 24 (7.25%) Security Engineer
10 19 (5.74%) Cybersecurity Analyst
10 19 (5.74%) Cybersecurity Consultant
10 19 (5.74%) Security Specialist
10 19 (5.74%) Team Leader
11 15 (4.53%) Senior Cybersecurity Analyst
12 13 (3.93%) Senior Penetration Tester
12 13 (3.93%) Senior Tester
13 11 (3.32%) Test Team Leader
Libraries, Frameworks & Software Standards
1 4 (1.21%) .NET
2 3 (0.91%) .NET Framework
2 3 (0.91%) OAuth
2 3 (0.91%) RESTful
3 2 (0.60%) AngularJS
3 2 (0.60%) ASP.NET
3 2 (0.60%) ASP.NET Core
3 2 (0.60%) Entity Framework
3 2 (0.60%) LDAP
3 2 (0.60%) OAuth2
3 2 (0.60%) OpenAPI
3 2 (0.60%) OpenID
3 2 (0.60%) RxJS
3 2 (0.60%) Swagger
3 2 (0.60%) Vitest
4 1 (0.30%) ARM Templates
4 1 (0.30%) Memcached
4 1 (0.30%) Playwright
Miscellaneous
1 82 (24.77%) Security Posture
2 35 (10.57%) Mobile App
3 32 (9.67%) Cyber Defence
4 30 (9.06%) Cyber Threat
5 21 (6.34%) Management Information System
6 14 (4.23%) Security Operations Centre
7 12 (3.63%) Self-Motivation
8 9 (2.72%) Blog
9 8 (2.42%) Data Centre
10 7 (2.11%) Cloud Native
10 7 (2.11%) Cyber Security Posture
10 7 (2.11%) Insider Threat
11 6 (1.81%) Onboarding
11 6 (1.81%) Operational Technology
12 5 (1.51%) Cyberattack
12 5 (1.51%) Hybrid Cloud
13 4 (1.21%) Enterprise Software
13 4 (1.21%) Public Cloud
14 3 (0.91%) CCTV
14 3 (0.91%) PKI
Operating Systems
1 41 (12.39%) Windows
2 35 (10.57%) Linux
3 19 (5.74%) Android
3 19 (5.74%) Apple iOS
4 11 (3.32%) Windows Server
5 4 (1.21%) Unix
6 2 (0.60%) Red Hat Enterprise Linux
6 2 (0.60%) Windows Server 2016
7 1 (0.30%) Kali Linux
7 1 (0.30%) Mac OS
Processes & Methodologies
1 225 (67.98%) Cybersecurity
2 102 (30.82%) Incident Response
3 95 (28.70%) Red Team
4 86 (25.98%) Vulnerability Management
5 70 (21.15%) Offensive Security
5 70 (21.15%) Security Testing
6 67 (20.24%) SIEM
7 64 (19.34%) Application Security
8 60 (18.13%) Information Security
9 59 (17.82%) Problem-Solving
10 58 (17.52%) Mentoring
11 54 (16.31%) Cloud Security
12 53 (16.01%) Security Operations
13 41 (12.39%) Agile
13 41 (12.39%) Threat Modelling
14 37 (11.18%) Continuous Improvement
15 36 (10.88%) Disaster Recovery
15 36 (10.88%) Threat Intelligence
16 32 (9.67%) Coaching
16 32 (9.67%) OWASP
Programming Languages
1 48 (14.50%) Python
2 47 (14.20%) PowerShell
3 30 (9.06%) Bash
4 17 (5.14%) Java
5 14 (4.23%) Go
6 6 (1.81%) C#
6 6 (1.81%) Perl
7 5 (1.51%) Bicep
7 5 (1.51%) C
7 5 (1.51%) C++
8 4 (1.21%) Ruby
8 4 (1.21%) SQL
9 3 (0.91%) Objective-C
9 3 (0.91%) Rust
10 2 (0.60%) Kusto Query Language
10 2 (0.60%) PHP
10 2 (0.60%) TypeScript
11 1 (0.30%) JavaScript
Qualifications
1 91 (27.49%) CREST Certified
2 71 (21.45%) OSCP
3 65 (19.64%) CISSP
4 62 (18.73%) Security Cleared
5 51 (15.41%) SC Cleared
6 38 (11.48%) CISM
7 37 (11.18%) Degree
8 31 (9.37%) CHECK Team Leader
9 27 (8.16%) CHECK Team Member
10 26 (7.85%) CEH
11 23 (6.95%) Cisco Certification
12 21 (6.34%) CCSAM
12 21 (6.34%) CompTIA Security+
13 17 (5.14%) CCNA
14 15 (4.53%) CCNP
14 15 (4.53%) GIAC
15 13 (3.93%) DV Cleared
16 12 (3.63%) SANS
17 10 (3.02%) GPEN
18 8 (2.42%) OSCE
Quality Assurance & Compliance
1 91 (27.49%) ISO/IEC 27001
2 49 (14.80%) NIST
3 46 (13.90%) GDPR
4 37 (11.18%) Cyber Essentials
5 23 (6.95%) PCI DSS
6 16 (4.83%) Actionable Recommendations
7 15 (4.53%) Cyber Essentials PLUS
7 15 (4.53%) GRC
8 13 (3.93%) NCSC
9 11 (3.32%) Accessibility
10 7 (2.11%) SOC 2
11 5 (1.51%) QA
12 4 (1.21%) Data Quality
12 4 (1.21%) Def Stans
12 4 (1.21%) NIST 800
12 4 (1.21%) Sarbanes-Oxley
13 3 (0.91%) COBIT
14 2 (0.60%) SLA
15 1 (0.30%) HIPAA
15 1 (0.30%) WCAG
System Software
1 35 (10.57%) Active Directory
2 7 (2.11%) VMware Infrastructure
3 3 (0.91%) Docker
3 3 (0.91%) EMC RecoverPoint
3 3 (0.91%) VMware ESXi
4 2 (0.60%) Virtual Machines
5 1 (0.30%) Virtual Desktop
Systems Management
1 18 (5.44%) Kubernetes
2 14 (4.23%) Nessus
3 11 (3.32%) Microsoft Intune
3 11 (3.32%) Nmap
4 9 (2.72%) Terraform
5 5 (1.51%) Ansible
5 5 (1.51%) CSIRT
6 3 (0.91%) FortiGate
6 3 (0.91%) SCCM
6 3 (0.91%) Single Sign-On
6 3 (0.91%) VxRail
7 2 (0.60%) CASB
7 2 (0.60%) Jamf Pro
7 2 (0.60%) Red Hat Satellite
8 1 (0.30%) Computer Emergency Response Teams
8 1 (0.30%) Consul
8 1 (0.30%) Packer
8 1 (0.30%) Progress Chef
8 1 (0.30%) Puppet
Vendors
1 70 (21.15%) Microsoft
2 25 (7.55%) Cisco
3 18 (5.44%) Splunk
4 17 (5.14%) Qualys
5 16 (4.83%) Palo Alto
6 13 (3.93%) Sophos
7 12 (3.63%) Aruba
8 10 (3.02%) CrowdStrike
8 10 (3.02%) VMware
8 10 (3.02%) Zscaler
9 8 (2.42%) CheckPoint
9 8 (2.42%) Fortinet
10 5 (1.51%) Tenable
10 5 (1.51%) TOWER Software
11 4 (1.21%) Google
11 4 (1.21%) Okta
11 4 (1.21%) Rapid7
12 3 (0.91%) Dell
12 3 (0.91%) ServiceNow
12 3 (0.91%) Veeam
116 Penetration Testing jobs Nationwide