Penetration Testing Job Trends

Penetration Testing
UK

The table below provides summary statistics and salary benchmarking for jobs requiring Penetration Testing skills. It covers permanent job vacancies from the 6 months leading up to 4 June 2026, with comparisons to the same periods in the previous two years.

 6 months to
4 Jun 2026		 Same period 2025 Same period 2024
Rank 442 439 448
Rank change year-on-year -3 +9 +27
Permanent jobs citing Penetration Testing 315 237 508
As % of all permanent jobs in the UK 0.34% 0.54% 0.49%
As % of the Processes & Methodologies category 0.46% 0.58% 0.60%
Number of salaries quoted 213 180 403
10th Percentile £42,500 £42,425 £38,797
25th Percentile £50,000 £55,938 £48,750
Median annual salary (50th Percentile) £67,500 £67,500 £65,000
Median % change year-on-year - +3.85% -
75th Percentile £89,000 £81,438 £82,500
90th Percentile £99,500 £95,000 £95,000
UK excluding London median annual salary £55,000 £67,500 £57,500
% change year-on-year -18.52% +17.39% +4.55%

All Process & Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies requiring process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills 68,107 40,669 85,373
As % of all permanent jobs advertised in the UK 73.51% 93.11% 83.11%
Number of salaries quoted 45,062 21,401 61,158
10th Percentile £30,000 £29,500 £29,250
25th Percentile £41,114 £40,000 £40,000
Median annual salary (50th Percentile) £60,000 £57,500 £55,000
Median % change year-on-year +4.35% +4.55% -9.69%
75th Percentile £78,750 £77,500 £72,500
90th Percentile £100,000 £100,000 £92,500
UK excluding London median annual salary £52,500 £50,967 £50,000
% change year-on-year +3.01% +1.93% -9.09%

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of permanent IT job postings citing Penetration Testing relative to all permanent IT jobs advertised.

Penetration Testing job vacancy trend in the UK

Penetration Testing
Salary Trend

Salary distribution trend for jobs in the UK citing Penetration Testing.

Salary distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Salary Histogram

Salary distribution for jobs citing Penetration Testing over the 6 months to 4 June 2026.

Salary histogram for Penetration Testing in the UK

Penetration Testing
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 4 June 2026. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Permanent
IT Job Ads		 Median Salary
Past 6 Months		 Median Salary
% Change
on Same Period
Last Year		 Live
Jobs
England -5 284 £65,000 -3.70% 108
UK excluding London -34 160 £55,000 -18.52% 82
London +3 123 £82,500 +13.79% 54
Work from Home +46 110 £67,500 -10.00% 60
South West -14 46 £50,000 -27.27% 14
South East -14 44 £72,500 +3.57% 31
Midlands -44 29 £51,058 -24.36% 6
North of England -53 27 £56,000 -8.20% 10
West Midlands -45 19 £62,500 -7.41% 6
Yorkshire -42 14 £55,000 - 6
Scotland +14 10 £85,000 +21.97% 14
East Midlands -18 10 £51,058 +27.65%
North West -12 7 £56,000 -8.20% 2
North East -34 6 £75,000 +3.18% 2
East of England -23 4 £30,000 - 2

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1 7 (2.22%) Microsoft Exchange
2 6 (1.90%) SharePoint
3 3 (0.95%) IIS
4 2 (0.63%) Confluence
5 1 (0.32%) Apache
5 1 (0.32%) Drupal
5 1 (0.32%) nginx
5 1 (0.32%) WordPress
Applications
1 1 (0.32%) Weka
Business Applications
1 1 (0.32%) Exchequer
1 1 (0.32%) Magento
1 1 (0.32%) SAP EHS
1 1 (0.32%) SAP S/4HANA
Cloud Services
1 73 (23.17%) AWS
2 70 (22.22%) Azure
3 28 (8.89%) Microsoft 365
4 26 (8.25%) GCP
5 14 (4.44%) Entra ID
6 13 (4.13%) GitHub
7 12 (3.81%) Azure Sentinel
8 9 (2.86%) GitHub Actions
9 8 (2.54%) SaaS
10 5 (1.59%) Microsoft Purview
11 4 (1.27%) Amazon EKS
11 4 (1.27%) AWS CloudFormation
11 4 (1.27%) Azure DevOps
11 4 (1.27%) Azure Key Vault
11 4 (1.27%) Mimecast
12 3 (0.95%) IaaS
12 3 (0.95%) OneDrive
12 3 (0.95%) PaaS
12 3 (0.95%) Rubrik
13 2 (0.63%) Figma
Communications & Networking
1 53 (16.83%) Firewall
2 27 (8.57%) Network Security
3 20 (6.35%) Wireless
4 19 (6.03%) VPN
5 12 (3.81%) Internet
6 11 (3.49%) DNS
6 11 (3.49%) TCP/IP
7 9 (2.86%) Cisco Nexus
8 8 (2.54%) Cisco ISE
8 8 (2.54%) Wi-Fi
9 7 (2.22%) VLAN
10 6 (1.90%) Intrusion Detection
10 6 (1.90%) LAN
10 6 (1.90%) WAN
11 4 (1.27%) DHCP
11 4 (1.27%) HTTPS
12 3 (0.95%) DMARC
12 3 (0.95%) DMZ
12 3 (0.95%) SSL
12 3 (0.95%) VoIP
Database & Business Intelligence
1 5 (1.59%) SQL Server
2 3 (0.95%) Amazon RDS
3 1 (0.32%) InterSystems Cache
3 1 (0.32%) KNIME
3 1 (0.32%) MongoDB
3 1 (0.32%) Power BI
3 1 (0.32%) Redis
Development Applications
1 23 (7.30%) Burp Suite
2 22 (6.98%) Metasploit
3 8 (2.54%) Jenkins
4 7 (2.22%) JIRA
5 6 (1.90%) Bitbucket
6 3 (0.95%) Git
7 2 (0.63%) Gatling
7 2 (0.63%) NUnit
7 2 (0.63%) Yeoman
8 1 (0.32%) Cucumber
8 1 (0.32%) GitLab
8 1 (0.32%) IDA Disassembler
8 1 (0.32%) JMeter
8 1 (0.32%) JUnit
8 1 (0.32%) Postman
8 1 (0.32%) Selenium
8 1 (0.32%) Vagrant
General
1 102 (32.38%) Social Skills
2 78 (24.76%) Finance
3 33 (10.48%) Public Sector
4 30 (9.52%) Law
5 27 (8.57%) Analytical Skills
6 22 (6.98%) Banking
6 22 (6.98%) Inclusion and Diversity
7 20 (6.35%) Retail
8 10 (3.17%) Legal
9 8 (2.54%) Pharmaceutical
10 6 (1.90%) Marketing
11 5 (1.59%) Telecoms
12 4 (1.27%) Financial Institution
13 3 (0.95%) Back Office
13 3 (0.95%) Influencing Skills
14 2 (0.63%) Aerospace
14 2 (0.63%) Social Housing
15 1 (0.32%) French Language
15 1 (0.32%) German Language
15 1 (0.32%) Investment Banking
Job Titles
1 61 (19.37%) Senior
2 53 (16.83%) Penetration Tester
2 53 (16.83%) Tester
3 50 (15.87%) Consultant
4 44 (13.97%) Security Consultant
5 38 (12.06%) Analyst
6 31 (9.84%) Security Analyst
7 28 (8.89%) Lead
8 27 (8.57%) Security Manager
9 23 (7.30%) Security Engineer
10 22 (6.98%) Senior Analyst
10 22 (6.98%) Senior Security Analyst
11 21 (6.67%) Cybersecurity Consultant
12 19 (6.03%) Team Leader
13 17 (5.40%) Security Specialist
14 13 (4.13%) Senior Penetration Tester
14 13 (4.13%) Senior Tester
15 12 (3.81%) Test Team Leader
16 11 (3.49%) Cybersecurity Analyst
17 10 (3.17%) Cybersecurity Manager
Libraries, Frameworks & Software Standards
1 4 (1.27%) .NET
2 3 (0.95%) .NET Framework
2 3 (0.95%) OAuth
2 3 (0.95%) RESTful
3 2 (0.63%) AngularJS
3 2 (0.63%) ASP.NET
3 2 (0.63%) ASP.NET Core
3 2 (0.63%) Entity Framework
3 2 (0.63%) OAuth2
3 2 (0.63%) OpenAPI
3 2 (0.63%) OpenID
3 2 (0.63%) RxJS
3 2 (0.63%) Swagger
3 2 (0.63%) Vitest
4 1 (0.32%) ARM Templates
4 1 (0.32%) LDAP
4 1 (0.32%) Memcached
4 1 (0.32%) Playwright
Miscellaneous
1 70 (22.22%) Security Posture
2 38 (12.06%) Mobile App
3 31 (9.84%) Cyber Defence
4 27 (8.57%) Cyber Threat
5 18 (5.71%) Management Information System
6 12 (3.81%) Security Operations Centre
6 12 (3.81%) Self-Motivation
7 9 (2.86%) Data Centre
8 8 (2.54%) Blog
8 8 (2.54%) Cyber Security Posture
9 7 (2.22%) Operational Technology
10 6 (1.90%) Onboarding
11 5 (1.59%) Cloud Native
11 5 (1.59%) Insider Threat
11 5 (1.59%) Public Cloud
12 4 (1.27%) Cyberattack
12 4 (1.27%) Enterprise Software
13 3 (0.95%) CCTV
13 3 (0.95%) Hybrid Cloud
13 3 (0.95%) PKI
Operating Systems
1 43 (13.65%) Windows
2 38 (12.06%) Linux
3 20 (6.35%) Android
3 20 (6.35%) Apple iOS
4 10 (3.17%) Windows Server
5 4 (1.27%) Unix
6 2 (0.63%) Windows Server 2016
7 1 (0.32%) Kali Linux
7 1 (0.32%) Mac OS
7 1 (0.32%) Red Hat Enterprise Linux
Processes & Methodologies
1 211 (66.98%) Cybersecurity
2 96 (30.48%) Incident Response
3 95 (30.16%) Red Team
4 70 (22.22%) Security Testing
4 70 (22.22%) Vulnerability Management
5 65 (20.63%) Offensive Security
6 62 (19.68%) Application Security
7 60 (19.05%) SIEM
8 59 (18.73%) Mentoring
9 54 (17.14%) Information Security
10 53 (16.83%) Problem-Solving
11 51 (16.19%) Cloud Security
12 45 (14.29%) Security Operations
13 41 (13.02%) Agile
14 38 (12.06%) Threat Modelling
15 34 (10.79%) Continuous Improvement
16 33 (10.48%) Disaster Recovery
16 33 (10.48%) OWASP
17 31 (9.84%) Coaching
17 31 (9.84%) Vulnerability Assessment
Programming Languages
1 51 (16.19%) Python
2 47 (14.92%) PowerShell
3 33 (10.48%) Bash
4 16 (5.08%) Java
5 14 (4.44%) Go
6 7 (2.22%) C#
6 7 (2.22%) Perl
7 6 (1.90%) C
7 6 (1.90%) C++
8 5 (1.59%) Bicep
8 5 (1.59%) Ruby
9 4 (1.27%) SQL
10 3 (0.95%) Objective-C
10 3 (0.95%) Rust
11 2 (0.63%) Kusto Query Language
11 2 (0.63%) PHP
11 2 (0.63%) TypeScript
12 1 (0.32%) JavaScript
Qualifications
1 95 (30.16%) CREST Certified
2 73 (23.17%) OSCP
3 66 (20.95%) CISSP
4 59 (18.73%) Security Cleared
5 48 (15.24%) SC Cleared
6 37 (11.75%) CISM
6 37 (11.75%) Degree
7 31 (9.84%) CHECK Team Leader
8 29 (9.21%) CHECK Team Member
9 28 (8.89%) CEH
10 23 (7.30%) Cisco Certification
11 21 (6.67%) CCSAM
12 19 (6.03%) CompTIA Security+
13 17 (5.40%) CCNA
14 15 (4.76%) CCNP
15 14 (4.44%) GIAC
16 13 (4.13%) DV Cleared
17 12 (3.81%) SANS
18 11 (3.49%) GPEN
19 8 (2.54%) OSCE
Quality Assurance & Compliance
1 88 (27.94%) ISO/IEC 27001
2 46 (14.60%) NIST
3 43 (13.65%) GDPR
4 38 (12.06%) Cyber Essentials
5 22 (6.98%) PCI DSS
6 16 (5.08%) Actionable Recommendations
6 16 (5.08%) Cyber Essentials PLUS
6 16 (5.08%) GRC
7 13 (4.13%) NCSC
8 10 (3.17%) Accessibility
9 7 (2.22%) SOC 2
10 5 (1.59%) QA
11 4 (1.27%) Data Quality
12 3 (0.95%) COBIT
12 3 (0.95%) Def Stans
12 3 (0.95%) NIST 800
13 2 (0.63%) GxP
13 2 (0.63%) Sarbanes-Oxley
14 1 (0.32%) SLA
14 1 (0.32%) WCAG
System Software
1 34 (10.79%) Active Directory
2 6 (1.90%) VMware Infrastructure
3 4 (1.27%) Docker
4 3 (0.95%) EMC RecoverPoint
4 3 (0.95%) VMware ESXi
5 1 (0.32%) Virtual Desktop
5 1 (0.32%) Virtual Machines
5 1 (0.32%) vSphere
Systems Management
1 18 (5.71%) Kubernetes
2 16 (5.08%) Nessus
3 12 (3.81%) Nmap
4 11 (3.49%) Microsoft Intune
5 8 (2.54%) Terraform
6 5 (1.59%) Ansible
6 5 (1.59%) CSIRT
7 3 (0.95%) FortiGate
7 3 (0.95%) SCCM
7 3 (0.95%) Single Sign-On
7 3 (0.95%) VxRail
8 2 (0.63%) CASB
8 2 (0.63%) Jamf Pro
9 1 (0.32%) Computer Emergency Response Teams
9 1 (0.32%) Consul
9 1 (0.32%) Packer
9 1 (0.32%) Progress Chef
9 1 (0.32%) Puppet
9 1 (0.32%) Red Hat Satellite
Vendors
1 68 (21.59%) Microsoft
2 18 (5.71%) Cisco
3 17 (5.40%) Splunk
4 13 (4.13%) Sophos
5 10 (3.17%) CrowdStrike
5 10 (3.17%) Qualys
5 10 (3.17%) Zscaler
6 9 (2.86%) Palo Alto
6 9 (2.86%) VMware
7 8 (2.54%) CheckPoint
7 8 (2.54%) Fortinet
8 5 (1.59%) Aruba
8 5 (1.59%) TOWER Software
9 4 (1.27%) Okta
10 3 (0.95%) Dell
10 3 (0.95%) Rapid7
10 3 (0.95%) Veeam
11 2 (0.63%) Darktrace
11 2 (0.63%) DevExpress
11 2 (0.63%) Google
148 Penetration Testing jobs Nationwide