Penetration Testing Job Trends, Salaries & Related Skills

Penetration Testing
UK

The table below provides summary statistics and salary benchmarking for jobs requiring Penetration Testing skills. It covers permanent job vacancies from the 6 months leading up to 14 November 2025, with comparisons to the same periods in the previous two years.

	6 months to 14 Nov 2025	Same period 2024	Same period 2023
Rank	463	423	392
Rank change year-on-year	-40	-31	+150
Permanent jobs citing Penetration Testing	201	365	353
As % of all permanent jobs in the UK	0.38%	0.54%	0.67%
As % of the Processes & Methodologies category	0.44%	0.65%	0.71%
Number of salaries quoted	168	201	314
10^th Percentile	£47,750	£47,500	£42,500
25^th Percentile	£52,500	£55,000	£51,931
Median annual salary (50^th Percentile)	£69,384	£65,000	£62,500
Median % change year-on-year	+6.74%	+4.00%	-9.68%
75^th Percentile	£85,063	£87,500	£77,500
90^th Percentile	£90,000	£100,000	£90,000
UK excluding London median annual salary	£65,000	£60,000	£60,000
% change year-on-year	+8.33%	-	-7.69%

All Process and Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies requiring process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills	45,732	56,416	49,415
As % of all permanent jobs advertised in the UK	86.33%	83.00%	93.81%
Number of salaries quoted	27,268	29,481	37,851
10^th Percentile	£28,250	£34,000	£32,500
25^th Percentile	£35,500	£45,000	£43,750
Median annual salary (50^th Percentile)	£54,793	£60,000	£60,000
Median % change year-on-year	-8.68%	-	-
75^th Percentile	£75,000	£78,750	£80,000
90^th Percentile	£95,000	£97,500	£98,750
UK excluding London median annual salary	£47,500	£54,000	£52,500
% change year-on-year	-12.04%	+2.86%	-

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of permanent IT job postings citing Penetration Testing relative to all permanent IT jobs advertised.

Penetration Testing
Salary Trend

Salary distribution trend for jobs in the UK citing Penetration Testing.

Penetration Testing
Salary Histogram

Salary distribution for jobs citing Penetration Testing over the 6 months to 14 November 2025.

Salary histogram for Penetration Testing in the UK

Penetration Testing
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 14 November 2025. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Permanent IT Job Ads	Median Salary Past 6 Months	Median Salary % Change on Same Period Last Year	Live Jobs
England	-5	182	£69,384	+6.74%	184
UK excluding London	+1	100	£65,000	+8.33%	117
London	-5	85	£75,000	-	73
Work from Home	+5	73	£65,000	-	120
South West	+36	23	£80,000	+25.00%	19
North of England	+21	23	£58,750	-2.08%	35
South East	+8	23	£57,500	-4.17%	32
Midlands	+39	21	£54,000	-6.09%	18
Yorkshire	+18	18	£55,000	+4.76%	6
West Midlands	+22	14	£55,000	-6.38%	17
East Midlands	+23	7	£51,058	-11.20%	1
Scotland	-36	6	£90,000	+22.87%	4
North West	+19	4	£67,192	+7.51%	25
Northern Ireland	+5	3	£69,692	+16.15%	1
East of England	+22	1	£85,000	+198.25%	7
Wales	-	1	£69,384	-	2
North East	-	1	£69,384	-	4

Penetration Testing
Top 30 Co-Occurring Skills & Capabilities

For the 6 months to 14 November 2025, job vacancies citing Penetration Testing also mentioned the following skills and capabilities in order of popularity. The figures indicate the absolute number of co-occurrences and as a proportion of all permanent job ads with a requirement for Penetration Testing.

1	118 (58.71%)	Cybersecurity
2	80 (39.80%)	ISO/IEC 27001
3	79 (39.30%)	Incident Response
4	66 (32.84%)	Microsoft
5	65 (32.34%)	Azure
5	65 (32.34%)	Python
6	63 (31.34%)	SIEM
7	62 (30.85%)	Firewall
8	61 (30.35%)	NIST
9	58 (28.86%)	Vulnerability Management
10	43 (21.39%)	CISSP
10	43 (21.39%)	Vulnerability Scanning
11	42 (20.90%)	Information Security
11	42 (20.90%)	Security Cleared
12	41 (20.40%)	Degree

12	41 (20.40%)	Network Security
12	41 (20.40%)	PowerShell
13	40 (19.90%)	Vulnerability Assessment
13	40 (19.90%)	Windows
14	39 (19.40%)	Bash
15	38 (18.91%)	AWS
16	36 (17.91%)	SC Cleared
17	35 (17.41%)	Security Operations
18	34 (16.92%)	Security Testing
19	33 (16.42%)	DevOps
20	31 (15.42%)	Cyber Essentials
21	29 (14.43%)	Linux
21	29 (14.43%)	Problem-Solving
22	28 (13.93%)	Threat Modelling
23	27 (13.43%)	Application Security

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1	6 (2.99%)	Microsoft Exchange
2	3 (1.49%)	SharePoint
3	1 (0.50%)	Confluence

Applications
1	7 (3.48%)	Microsoft Excel
1	7 (3.48%)	Microsoft Office
2	1 (0.50%)	GNU Octave

Cloud Services
1	65 (32.34%)	Azure
2	38 (18.91%)	AWS
3	22 (10.95%)	Microsoft 365
4	17 (8.46%)	Entra ID
5	15 (7.46%)	Slack
6	14 (6.97%)	GitHub
7	13 (6.47%)	Azure Sentinel
8	11 (5.47%)	Microsoft Purview
9	10 (4.98%)	GitHub Actions
9	10 (4.98%)	Power Platform
10	7 (3.48%)	GCP
11	4 (1.99%)	Azure Key Vault
11	4 (1.99%)	SaaS
12	3 (1.49%)	Azure DevOps
12	3 (1.49%)	Azure Logic Apps
12	3 (1.49%)	IBM Cloud
12	3 (1.49%)	Mimecast
12	3 (1.49%)	PaaS
13	2 (1.00%)	Rubrik
13	2 (1.00%)	SecurityScorecard

Communications & Networking
1	62 (30.85%)	Firewall
2	41 (20.40%)	Network Security
3	18 (8.96%)	TCP/IP
4	13 (6.47%)	VPN
5	10 (4.98%)	Intrusion Detection
6	8 (3.98%)	Wi-Fi
6	8 (3.98%)	Wireshark
7	7 (3.48%)	Wireless
8	6 (2.99%)	VLAN
9	5 (2.49%)	BGP
9	5 (2.49%)	HTTP
9	5 (2.49%)	OSPF
10	4 (1.99%)	DNS
10	4 (1.99%)	Ethernet
11	3 (1.49%)	Cisco ISE
11	3 (1.49%)	Modbus
11	3 (1.49%)	Spanning Tree
11	3 (1.49%)	WAN
12	2 (1.00%)	Cisco Nexus
12	2 (1.00%)	SSH

Database & Business Intelligence
1	10 (4.98%)	Power BI
2	7 (3.48%)	Tableau
3	2 (1.00%)	Elasticsearch
3	2 (1.00%)	SQL Server

Development Applications
1	19 (9.45%)	JIRA
2	17 (8.46%)	Burp Suite
3	16 (7.96%)	Metasploit
4	10 (4.98%)	Jenkins
5	3 (1.49%)	Git
6	2 (1.00%)	GitLab
6	2 (1.00%)	IDA Disassembler

General
1	90 (44.78%)	Social Skills
2	30 (14.93%)	Finance
3	23 (11.44%)	Analytical Skills
3	23 (11.44%)	Inclusion and Diversity
4	19 (9.45%)	Influencing Skills
5	16 (7.96%)	Presentation Skills
6	9 (4.48%)	Law
7	7 (3.48%)	Public Sector
8	6 (2.99%)	Retail
9	5 (2.49%)	Banking
9	5 (2.49%)	Documentation Skills
9	5 (2.49%)	Manufacturing
10	4 (1.99%)	Electronics
10	4 (1.99%)	Military
11	3 (1.49%)	Legal
11	3 (1.49%)	Mandarin Language
11	3 (1.49%)	Marketing
12	2 (1.00%)	Organisational Skills
13	1 (0.50%)	Advertising
13	1 (0.50%)	Telecoms

Job Titles
1	55 (27.36%)	Security Engineer
2	38 (18.91%)	Analyst
3	33 (16.42%)	Security Analyst
4	26 (12.94%)	Senior
5	20 (9.95%)	Cybersecurity Engineer
5	20 (9.95%)	Lead
5	20 (9.95%)	Tester
6	19 (9.45%)	Penetration Tester
7	17 (8.46%)	Senior Security Engineer
8	14 (6.97%)	Architect
9	12 (5.97%)	Applications Engineer
9	12 (5.97%)	Security Specialist
10	11 (5.47%)	IT Manager
10	11 (5.47%)	Network Engineer
10	11 (5.47%)	Security Architect
11	9 (4.48%)	Cybersecurity Analyst
11	9 (4.48%)	Information Analyst
11	9 (4.48%)	Information Security Analyst
11	9 (4.48%)	Lead Architect
11	9 (4.48%)	Lead Security Architect

Libraries, Frameworks & Software Standards
1	5 (2.49%)	JSON
2	2 (1.00%)	Elastic Stack
3	1 (0.50%)	ModSecurity
3	1 (0.50%)	PyTorch
3	1 (0.50%)	TensorFlow
3	1 (0.50%)	YAML

Miscellaneous
1	29 (14.43%)	Management Information System
2	24 (11.94%)	Security Posture
3	16 (7.96%)	Cyber Threat
3	16 (7.96%)	Security Operations Centre
4	10 (4.98%)	Operational Technology
5	9 (4.48%)	Cyber Defence
5	9 (4.48%)	Mobile App
6	8 (3.98%)	Self-Motivation
7	7 (3.48%)	Analytical Mindset
7	7 (3.48%)	Cloud Native
7	7 (3.48%)	Data Centre
7	7 (3.48%)	PKI
8	6 (2.99%)	Cyber Kill Chain
8	6 (2.99%)	SCADA
9	5 (2.49%)	Enterprise Software
10	4 (1.99%)	Cyberattack
10	4 (1.99%)	Distributed Systems
10	4 (1.99%)	Linux Command Line
10	4 (1.99%)	Onboarding
11	3 (1.49%)	Insider Threat

Operating Systems
1	40 (19.90%)	Windows
2	29 (14.43%)	Linux
3	7 (3.48%)	Unix
4	6 (2.99%)	Kali Linux
4	6 (2.99%)	Windows Server
5	3 (1.49%)	VMS
6	2 (1.00%)	Android
6	2 (1.00%)	Apple iOS
7	1 (0.50%)	Debian
7	1 (0.50%)	Ubuntu
7	1 (0.50%)	Windows 10
7	1 (0.50%)	Windows Server 2016
7	1 (0.50%)	Windows Server 2019

Processes & Methodologies
1	118 (58.71%)	Cybersecurity
2	79 (39.30%)	Incident Response
3	63 (31.34%)	SIEM
4	58 (28.86%)	Vulnerability Management
5	43 (21.39%)	Vulnerability Scanning
6	42 (20.90%)	Information Security
7	40 (19.90%)	Vulnerability Assessment
8	35 (17.41%)	Security Operations
9	34 (16.92%)	Security Testing
10	33 (16.42%)	DevOps
11	29 (14.43%)	Problem-Solving
12	28 (13.93%)	Threat Modelling
13	27 (13.43%)	Application Security
13	27 (13.43%)	Cloud Security
13	27 (13.43%)	Vulnerability Remediation
14	26 (12.94%)	CI/CD
14	26 (12.94%)	Security Architecture
15	25 (12.44%)	Technology Transformation
16	23 (11.44%)	Red Team
17	20 (9.95%)	ITIL

Programming Languages
1	65 (32.34%)	Python
2	41 (20.40%)	PowerShell
3	39 (19.40%)	Bash
4	18 (8.96%)	Go
5	13 (6.47%)	SQL
6	7 (3.48%)	JavaScript
6	7 (3.48%)	R
7	6 (2.99%)	C
7	6 (2.99%)	C++
8	5 (2.49%)	C#
9	3 (1.49%)	Java
9	3 (1.49%)	Perl
10	1 (0.50%)	Kusto Query Language
10	1 (0.50%)	Scala

Qualifications
1	43 (21.39%)	CISSP
2	42 (20.90%)	Security Cleared
3	41 (20.40%)	Degree
4	36 (17.91%)	SC Cleared
5	25 (12.44%)	CREST Certified
6	23 (11.44%)	Cisco Certification
7	22 (10.95%)	OSCP
8	21 (10.45%)	SANS
9	18 (8.96%)	CCNA
10	16 (7.96%)	CompTIA Security+
10	16 (7.96%)	DV Cleared
11	13 (6.47%)	GIAC
12	12 (5.97%)	CCNP
12	12 (5.97%)	GCIA
13	10 (4.98%)	CEH
14	9 (4.48%)	CHECK Team Leader
14	9 (4.48%)	CHECK Team Member
14	9 (4.48%)	CISA
15	7 (3.48%)	CIMA
15	7 (3.48%)	Computer Science Degree

Quality Assurance & Compliance
1	80 (39.80%)	ISO/IEC 27001
2	61 (30.35%)	NIST
3	31 (15.42%)	Cyber Essentials
4	25 (12.44%)	Accessibility
5	19 (9.45%)	GDPR
6	16 (7.96%)	NCSC
7	5 (2.49%)	NIST 800
7	5 (2.49%)	QA
8	4 (1.99%)	GRC
9	3 (1.49%)	Actionable Recommendations
9	3 (1.49%)	ITGC
9	3 (1.49%)	PCI DSS
9	3 (1.49%)	RMADS
10	2 (1.00%)	Cyber Essentials PLUS
10	2 (1.00%)	ISO/IEC 27005
11	1 (0.50%)	COBIT
11	1 (0.50%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
11	1 (0.50%)	ISO/IEC 42001
11	1 (0.50%)	Sarbanes-Oxley
11	1 (0.50%)	SOC 2

System Software
1	15 (7.46%)	Virtual Machines
2	13 (6.47%)	Active Directory
3	6 (2.99%)	VMware Infrastructure
4	4 (1.99%)	VMware ESXi
5	3 (1.49%)	Firmware
5	3 (1.49%)	Hyper-V
6	2 (1.00%)	EMC RecoverPoint
6	2 (1.00%)	pfSense
6	2 (1.00%)	Squid

Systems Management
1	13 (6.47%)	Nessus
1	13 (6.47%)	Nmap
2	8 (3.98%)	QRadar
3	7 (3.48%)	Single Sign-On
4	5 (2.49%)	Kubernetes
4	5 (2.49%)	Microsoft Intune
5	3 (1.49%)	ArcSight ESM
5	3 (1.49%)	Proxmox
6	2 (1.00%)	Cisco CUCM
6	2 (1.00%)	Kibana
6	2 (1.00%)	Progress Chef
6	2 (1.00%)	Terraform
6	2 (1.00%)	VxRail
7	1 (0.50%)	Ansible
7	1 (0.50%)	CASB
7	1 (0.50%)	Jamf Pro
7	1 (0.50%)	SCCM
7	1 (0.50%)	ZENworks

Vendors
1	66 (32.84%)	Microsoft
2	17 (8.46%)	Tenable
3	15 (7.46%)	Cisco
3	15 (7.46%)	ServiceNow
4	12 (5.97%)	Splunk
5	8 (3.98%)	Oracle
5	8 (3.98%)	VMware
6	6 (2.99%)	Fortinet
7	5 (2.49%)	Palo Alto
8	4 (1.99%)	CheckPoint
8	4 (1.99%)	LogRhythm
8	4 (1.99%)	Sophos
8	4 (1.99%)	Zscaler
9	3 (1.49%)	ArcSight
9	3 (1.49%)	CyberArk
9	3 (1.49%)	IBM
9	3 (1.49%)	LogLogic
9	3 (1.49%)	McAfee
9	3 (1.49%)	Qualys
10	2 (1.00%)	SonicWALL

Penetration TestingUK

All Process and Methodology SkillsUK

Penetration TestingJob Vacancy Trend

Penetration TestingSalary Trend

Penetration TestingSalary Histogram

Penetration TestingTop 17 Job Locations

Penetration TestingTop 30 Co-Occurring Skills & Capabilities

Penetration TestingCo-Occurring Skills & Capabilities by Category