Penetration Testing Job Trends, Salaries & Related Skills

Penetration Testing
UK

The table below provides summary statistics and salary benchmarking for jobs requiring Penetration Testing skills. It covers permanent job vacancies from the 6 months leading up to 4 December 2025, with comparisons to the same periods in the previous two years.

	6 months to 4 Dec 2025	Same period 2024	Same period 2023
Rank	484	421	376
Rank change year-on-year	-63	-45	+149
Permanent jobs citing Penetration Testing	173	370	366
As % of all permanent jobs in the UK	0.31%	0.58%	0.73%
As % of the Processes & Methodologies category	0.38%	0.68%	0.78%
Number of salaries quoted	150	213	316
10^th Percentile	£48,124	£47,500	£42,500
25^th Percentile	£55,000	£56,250	£51,750
Median annual salary (50^th Percentile)	£70,000	£65,000	£62,500
Median % change year-on-year	+7.69%	+4.00%	-9.68%
75^th Percentile	£87,500	£88,750	£77,500
90^th Percentile	£90,000	£100,000	£90,000
UK excluding London median annual salary	£63,750	£60,000	£58,500
% change year-on-year	+6.25%	+2.56%	-10.00%

All Process and Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies requiring process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills	46,039	54,754	46,743
As % of all permanent jobs advertised in the UK	83.81%	86.35%	93.74%
Number of salaries quoted	28,176	28,458	35,978
10^th Percentile	£28,250	£35,000	£32,500
25^th Percentile	£36,250	£45,000	£43,750
Median annual salary (50^th Percentile)	£55,000	£60,000	£60,000
Median % change year-on-year	-8.33%	-	-
75^th Percentile	£75,000	£80,000	£80,000
90^th Percentile	£95,000	£98,750	£98,750
UK excluding London median annual salary	£47,500	£54,793	£52,500
% change year-on-year	-13.31%	+4.37%	-1.41%

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of permanent IT job postings citing Penetration Testing relative to all permanent IT jobs advertised.

Penetration Testing
Salary Trend

Salary distribution trend for jobs in the UK citing Penetration Testing.

Penetration Testing
Salary Histogram

Salary distribution for jobs citing Penetration Testing over the 6 months to 4 December 2025.

Salary histogram for Penetration Testing in the UK

Penetration Testing
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 4 December 2025. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Permanent IT Job Ads	Median Salary Past 6 Months	Median Salary % Change on Same Period Last Year	Live Jobs
England	-28	154	£70,000	+7.69%	338
UK excluding London	+7	87	£63,750	+6.25%	331
London	-19	70	£75,000	-	44
Work from Home	+2	62	£65,000	-	124
South West	+30	27	£80,000	+25.00%	54
South East	+16	23	£58,750	-2.08%	71
Midlands	+30	18	£53,000	-7.83%	68
West Midlands	+25	11	£54,000	+2.86%	45
North of England	+13	10	£56,250	-6.25%	74
Yorkshire	+7	8	£56,250	+7.14%	30
East Midlands	+21	7	£51,058	-11.20%	20
Scotland	-7	7	£90,000	+21.21%	16
North West	+16	2	£57,500	-8.00%	37
Northern Ireland	-1	2	£70,000	+16.67%	2
East of England	+24	1	£85,000	+198.25%	41

Penetration Testing
Top 30 Co-Occurring Skills & Capabilities

For the 6 months to 4 December 2025, job vacancies citing Penetration Testing also mentioned the following skills and capabilities in order of popularity. The figures indicate the absolute number of co-occurrences and as a proportion of all permanent job ads with a requirement for Penetration Testing.

1	89 (51.45%)	Cybersecurity
2	72 (41.62%)	ISO/IEC 27001
3	67 (38.73%)	Incident Response
4	58 (33.53%)	Python
5	56 (32.37%)	Azure
6	55 (31.79%)	NIST
7	54 (31.21%)	Microsoft
8	50 (28.90%)	SIEM
9	48 (27.75%)	CISSP
10	46 (26.59%)	Firewall
10	46 (26.59%)	Vulnerability Management
11	41 (23.70%)	Degree
12	40 (23.12%)	PowerShell
13	37 (21.39%)	Bash
14	36 (20.81%)	Security Cleared

14	36 (20.81%)	Vulnerability Assessment
15	33 (19.08%)	Vulnerability Scanning
16	32 (18.50%)	Security Operations
17	31 (17.92%)	Information Security
18	30 (17.34%)	DevOps
18	30 (17.34%)	Network Security
19	29 (16.76%)	CREST Certified
19	29 (16.76%)	Cyber Essentials
19	29 (16.76%)	Problem-Solving
19	29 (16.76%)	SC Cleared
20	27 (15.61%)	Accessibility
20	27 (15.61%)	Application Security
20	27 (15.61%)	Technology Transformation
20	27 (15.61%)	Vulnerability Remediation
20	27 (15.61%)	Windows

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1	6 (3.47%)	Microsoft Exchange
2	3 (1.73%)	SharePoint
3	1 (0.58%)	Confluence

Applications
1	7 (4.05%)	Microsoft Excel
1	7 (4.05%)	Microsoft Office
2	1 (0.58%)	GNU Octave
2	1 (0.58%)	Weka

Cloud Services
1	56 (32.37%)	Azure
2	24 (13.87%)	AWS
3	16 (9.25%)	GitHub
4	15 (8.67%)	Entra ID
4	15 (8.67%)	Slack
5	13 (7.51%)	Azure Sentinel
6	12 (6.94%)	GitHub Actions
6	12 (6.94%)	Microsoft 365
7	11 (6.36%)	Microsoft Purview
8	10 (5.78%)	Power Platform
9	5 (2.89%)	GCP
10	4 (2.31%)	Azure Key Vault
11	3 (1.73%)	Azure Logic Apps
11	3 (1.73%)	IBM Cloud
11	3 (1.73%)	Mimecast
11	3 (1.73%)	PaaS
11	3 (1.73%)	SaaS
12	2 (1.16%)	Azure DevOps
12	2 (1.16%)	Rubrik
12	2 (1.16%)	SecurityScorecard

Communications & Networking
1	46 (26.59%)	Firewall
2	30 (17.34%)	Network Security
3	21 (12.14%)	TCP/IP
4	13 (7.51%)	VPN
5	8 (4.62%)	Intrusion Detection
5	8 (4.62%)	Wi-Fi
5	8 (4.62%)	Wireshark
6	6 (3.47%)	Wireless
7	5 (2.89%)	HTTP
7	5 (2.89%)	VLAN
8	4 (2.31%)	BGP
8	4 (2.31%)	DNS
8	4 (2.31%)	Ethernet
8	4 (2.31%)	OSPF
9	3 (1.73%)	Cisco ISE
9	3 (1.73%)	Modbus
9	3 (1.73%)	Spanning Tree
10	2 (1.16%)	Cisco Nexus
10	2 (1.16%)	Internet
10	2 (1.16%)	SSH

Database & Business Intelligence
1	10 (5.78%)	Power BI
2	7 (4.05%)	Tableau
3	2 (1.16%)	SQL Server
4	1 (0.58%)	Elasticsearch

Development Applications
1	19 (10.98%)	Burp Suite
2	18 (10.40%)	Metasploit
3	17 (9.83%)	JIRA
4	12 (6.94%)	Jenkins
5	2 (1.16%)	IDA Disassembler
6	1 (0.58%)	Git
6	1 (0.58%)	GitLab

General
1	73 (42.20%)	Social Skills
2	32 (18.50%)	Finance
3	20 (11.56%)	Analytical Skills
4	18 (10.40%)	Influencing Skills
5	16 (9.25%)	Presentation Skills
6	13 (7.51%)	Inclusion and Diversity
7	11 (6.36%)	Public Sector
8	6 (3.47%)	Banking
9	5 (2.89%)	Manufacturing
9	5 (2.89%)	Retail
10	4 (2.31%)	Documentation Skills
10	4 (2.31%)	Electronics
10	4 (2.31%)	Law
11	3 (1.73%)	Mandarin Language
11	3 (1.73%)	Military
12	2 (1.16%)	Legal
12	2 (1.16%)	Marketing
12	2 (1.16%)	Organisational Skills
13	1 (0.58%)	Advertising
13	1 (0.58%)	Telecoms

Job Titles
1	50 (28.90%)	Security Engineer
2	32 (18.50%)	Analyst
3	28 (16.18%)	Security Analyst
4	22 (12.72%)	Senior
5	20 (11.56%)	Tester
6	19 (10.98%)	Penetration Tester
7	17 (9.83%)	Cybersecurity Engineer
8	15 (8.67%)	Senior Security Engineer
9	14 (8.09%)	Applications Engineer
10	13 (7.51%)	IT Manager
11	11 (6.36%)	Consultant
11	11 (6.36%)	Security Consultant
12	9 (5.20%)	Network Engineer
13	8 (4.62%)	Cybersecurity Analyst
13	8 (4.62%)	Cybersecurity Consultant
13	8 (4.62%)	Information Analyst
13	8 (4.62%)	Information Security Analyst
13	8 (4.62%)	Vulnerability Management Engineer
14	7 (4.05%)	Internal Audit Manager
14	7 (4.05%)	Lead

Libraries, Frameworks & Software Standards
1	5 (2.89%)	JSON
2	1 (0.58%)	Elastic Stack
2	1 (0.58%)	ModSecurity
2	1 (0.58%)	PyTorch
2	1 (0.58%)	TensorFlow
2	1 (0.58%)	YAML

Miscellaneous
1	27 (15.61%)	Management Information System
2	24 (13.87%)	Security Posture
3	16 (9.25%)	Cyber Threat
4	14 (8.09%)	Security Operations Centre
5	9 (5.20%)	Cyber Defence
5	9 (5.20%)	Operational Technology
6	7 (4.05%)	PKI
6	7 (4.05%)	Self-Motivation
7	6 (3.47%)	Analytical Mindset
7	6 (3.47%)	Cyber Kill Chain
7	6 (3.47%)	SCADA
8	5 (2.89%)	Cloud Native
8	5 (2.89%)	Data Centre
8	5 (2.89%)	Enterprise Software
9	4 (2.31%)	Linux Command Line
10	3 (1.73%)	Cyberattack
10	3 (1.73%)	Insider Threat
10	3 (1.73%)	Mobile App
10	3 (1.73%)	Renewable Energy
10	3 (1.73%)	Virtual Team

Operating Systems
1	27 (15.61%)	Windows
2	26 (15.03%)	Linux
3	7 (4.05%)	Unix
4	6 (3.47%)	Kali Linux
4	6 (3.47%)	Windows Server
5	3 (1.73%)	VMS
6	1 (0.58%)	Android
6	1 (0.58%)	Apple iOS
6	1 (0.58%)	Debian
6	1 (0.58%)	Ubuntu
6	1 (0.58%)	Windows 10
6	1 (0.58%)	Windows Server 2016
6	1 (0.58%)	Windows Server 2019

Processes & Methodologies
1	89 (51.45%)	Cybersecurity
2	67 (38.73%)	Incident Response
3	50 (28.90%)	SIEM
4	46 (26.59%)	Vulnerability Management
5	36 (20.81%)	Vulnerability Assessment
6	33 (19.08%)	Vulnerability Scanning
7	32 (18.50%)	Security Operations
8	31 (17.92%)	Information Security
9	30 (17.34%)	DevOps
10	29 (16.76%)	Problem-Solving
11	27 (15.61%)	Application Security
11	27 (15.61%)	Technology Transformation
11	27 (15.61%)	Vulnerability Remediation
12	25 (14.45%)	Red Team
12	25 (14.45%)	Threat Modelling
13	22 (12.72%)	CI/CD
14	21 (12.14%)	ITIL
14	21 (12.14%)	Security Testing
15	19 (10.98%)	Cloud Security
16	18 (10.40%)	Roadmaps

Programming Languages
1	58 (33.53%)	Python
2	40 (23.12%)	PowerShell
3	37 (21.39%)	Bash
4	15 (8.67%)	Go
5	13 (7.51%)	SQL
6	7 (4.05%)	R
7	6 (3.47%)	C
7	6 (3.47%)	C++
8	5 (2.89%)	C#
8	5 (2.89%)	JavaScript
9	2 (1.16%)	Perl
10	1 (0.58%)	Java
10	1 (0.58%)	Kusto Query Language
10	1 (0.58%)	Scala

Qualifications
1	48 (27.75%)	CISSP
2	41 (23.70%)	Degree
3	36 (20.81%)	Security Cleared
4	29 (16.76%)	CREST Certified
4	29 (16.76%)	SC Cleared
5	24 (13.87%)	Cisco Certification
6	23 (13.29%)	SANS
7	22 (12.72%)	OSCP
8	17 (9.83%)	CCNA
9	15 (8.67%)	CHECK Team Member
9	15 (8.67%)	CompTIA Security+
10	14 (8.09%)	DV Cleared
11	13 (7.51%)	GIAC
12	12 (6.94%)	GCIA
13	11 (6.36%)	CCNP
14	9 (5.20%)	CISA
14	9 (5.20%)	GCIH
15	8 (4.62%)	CEH
15	8 (4.62%)	CHECK Team Leader
16	7 (4.05%)	Cyber Scheme

Quality Assurance & Compliance
1	72 (41.62%)	ISO/IEC 27001
2	55 (31.79%)	NIST
3	29 (16.76%)	Cyber Essentials
4	27 (15.61%)	Accessibility
5	18 (10.40%)	GDPR
6	8 (4.62%)	NCSC
7	5 (2.89%)	GRC
7	5 (2.89%)	NIST 800
8	4 (2.31%)	QA
9	3 (1.73%)	Actionable Recommendations
9	3 (1.73%)	ITGC
9	3 (1.73%)	PCI DSS
9	3 (1.73%)	RMADS
10	2 (1.16%)	Cyber Essentials PLUS
10	2 (1.16%)	ISO/IEC 27005
11	1 (0.58%)	COBIT
11	1 (0.58%)	GxP
11	1 (0.58%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
11	1 (0.58%)	Sarbanes-Oxley
11	1 (0.58%)	SOC 2

System Software
1	15 (8.67%)	Virtual Machines
2	10 (5.78%)	Active Directory
3	6 (3.47%)	VMware Infrastructure
4	4 (2.31%)	VMware ESXi
5	3 (1.73%)	Firmware
5	3 (1.73%)	Hyper-V
6	2 (1.16%)	EMC RecoverPoint
6	2 (1.16%)	pfSense
6	2 (1.16%)	Squid
7	1 (0.58%)	Docker
7	1 (0.58%)	vSphere

Systems Management
1	15 (8.67%)	Nessus
1	15 (8.67%)	Nmap
2	8 (4.62%)	QRadar
3	5 (2.89%)	Single Sign-On
4	4 (2.31%)	Microsoft Intune
5	3 (1.73%)	ArcSight ESM
5	3 (1.73%)	Proxmox
6	2 (1.16%)	Cisco CUCM
6	2 (1.16%)	Kubernetes
6	2 (1.16%)	Terraform
6	2 (1.16%)	VxRail
7	1 (0.58%)	Ansible
7	1 (0.58%)	CASB
7	1 (0.58%)	Kibana
7	1 (0.58%)	Progress Chef
7	1 (0.58%)	SCCM
7	1 (0.58%)	ZENworks

Vendors
1	54 (31.21%)	Microsoft
2	17 (9.83%)	Tenable
3	15 (8.67%)	ServiceNow
4	13 (7.51%)	Cisco
5	11 (6.36%)	Splunk
6	8 (4.62%)	VMware
7	7 (4.05%)	Oracle
8	6 (3.47%)	Fortinet
9	5 (2.89%)	Palo Alto
10	4 (2.31%)	CheckPoint
10	4 (2.31%)	Zscaler
11	3 (1.73%)	ArcSight
11	3 (1.73%)	CyberArk
11	3 (1.73%)	IBM
11	3 (1.73%)	LogLogic
11	3 (1.73%)	LogRhythm
11	3 (1.73%)	McAfee
11	3 (1.73%)	Qualys
12	2 (1.16%)	Okta
12	2 (1.16%)	Trend Micro

Penetration TestingUK

All Process and Methodology SkillsUK

Penetration TestingJob Vacancy Trend

Penetration TestingSalary Trend

Penetration TestingSalary Histogram

Penetration TestingTop 15 Job Locations

Penetration TestingTop 30 Co-Occurring Skills & Capabilities

Penetration TestingCo-Occurring Skills & Capabilities by Category