Penetration Testing Job Trends, Salaries & Related Skills

Penetration Testing
UK

The table below provides summary statistics and salary benchmarking for jobs requiring Penetration Testing skills. It covers permanent job vacancies from the 6 months leading up to 15 October 2025, with comparisons to the same periods in the previous two years.

Location	6 months to 15 Oct 2025	Same period 2024	Same period 2023
Rank	474	425	424
Rank change year-on-year	-49	-1	+143
Permanent jobs citing Penetration Testing	183	364	350
As % of all permanent jobs in the UK	0.37%	0.51%	0.62%
As % of the Processes & Methodologies category	0.42%	0.62%	0.66%
Number of salaries quoted	152	193	321
10^th Percentile	£47,750	£46,795	£42,500
25^th Percentile	£53,735	£56,250	£51,000
Median annual salary (50^th Percentile)	£69,384	£66,250	£62,500
Median % change year-on-year	+4.73%	+6.00%	-10.71%
75^th Percentile	£87,708	£87,500	£77,500
90^th Percentile	£90,000	£100,000	£90,000
UK excluding London median annual salary	£62,500	£62,500	£57,500
% change year-on-year	-	+8.70%	-11.54%

All Process and Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies requiring process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills	43,738	58,305	52,769
As % of all permanent jobs advertised in the UK	88.91%	82.16%	94.06%
Number of salaries quoted	24,553	31,325	40,400
10^th Percentile	£28,250	£32,925	£32,500
25^th Percentile	£36,250	£44,000	£45,000
Median annual salary (50^th Percentile)	£55,000	£60,000	£60,000
Median % change year-on-year	-8.33%	-	-
75^th Percentile	£75,000	£78,750	£80,000
90^th Percentile	£95,000	£97,500	£97,500
UK excluding London median annual salary	£47,500	£52,600	£54,000
% change year-on-year	-9.70%	-2.59%	+2.86%

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of permanent IT job postings citing Penetration Testing relative to all permanent IT jobs advertised.

Penetration Testing
Salary Trend

Salary distribution trend for jobs in the UK citing Penetration Testing.

Penetration Testing
Salary Histogram

Salary distribution for jobs citing Penetration Testing over the 6 months to 15 October 2025.

Salary histogram for Penetration Testing in the UK

Penetration Testing
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 15 October 2025. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Permanent IT Job Ads	Median Salary Past 6 Months	Median Salary % Change on Same Period Last Year	Live Jobs
England	-14	164	£65,000	-0.95%	148
London	+21	90	£75,000	-	51
UK excluding London	-17	82	£62,500	-	124
Work from Home	-14	67	£69,384	+6.74%	123
North of England	+5	26	£57,500	-6.12%	33
South East	-3	21	£60,000	+1.69%	44
Yorkshire	+33	18	£55,000	+4.76%	6
Midlands	+7	13	£59,000	+2.61%	19
South West	+30	9	£70,000	+5.66%	16
West Midlands	+19	9	£55,000	-15.38%	14
North West	-25	6	£67,192	+4.99%	24
Northern Ireland	-	6	£70,000	-	2
Scotland	-39	5	£90,000	+27.21%	5
East Midlands	+12	4	£61,250	+6.52%	4
Wales	+19	2	£75,574	-16.03%	3
North East	-	2	£75,574	-	3

Penetration Testing
Top 30 Co-Occurring Skills & Capabilities

For the 6 months to 15 October 2025, job vacancies citing Penetration Testing also mentioned the following skills and capabilities in order of popularity. The figures indicate the absolute number of co-occurrences and as a proportion of all permanent job ads with a requirement for Penetration Testing.

1	110 (60.11%)	Cybersecurity
2	87 (47.54%)	Social Skills
3	75 (40.98%)	ISO/IEC 27001
4	72 (39.34%)	Incident Response
5	60 (32.79%)	Azure
5	60 (32.79%)	Vulnerability Management
5	60 (32.79%)	Microsoft
6	57 (31.15%)	Firewall
7	56 (30.60%)	Python
7	56 (30.60%)	SIEM
7	56 (30.60%)	NIST
8	46 (25.14%)	Network Security
9	42 (22.95%)	PowerShell
10	41 (22.40%)	Vulnerability Assessment
11	40 (21.86%)	Information Security

11	40 (21.86%)	Vulnerability Scanning
12	39 (21.31%)	Windows
13	36 (19.67%)	Degree
13	36 (19.67%)	AWS
14	35 (19.13%)	CISSP
15	34 (18.58%)	Security Cleared
15	34 (18.58%)	Bash
15	34 (18.58%)	Security Operations
16	33 (18.03%)	SC Cleared
17	32 (17.49%)	DevOps
18	30 (16.39%)	Security Testing
19	29 (15.85%)	Finance
19	29 (15.85%)	Cloud Security
20	27 (14.75%)	Cyber Essentials
21	26 (14.21%)	Linux

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1	6 (3.28%)	Microsoft Exchange
2	3 (1.64%)	SharePoint

Applications
1	6 (3.28%)	Microsoft Excel
1	6 (3.28%)	Microsoft Office
2	1 (0.55%)	GNU Octave

Cloud Services
1	60 (32.79%)	Azure
2	36 (19.67%)	AWS
3	23 (12.57%)	Microsoft 365
4	18 (9.84%)	Entra ID
5	14 (7.65%)	Slack
6	12 (6.56%)	Azure Sentinel
7	10 (5.46%)	GitHub
8	8 (4.37%)	GCP
9	7 (3.83%)	Power Platform
10	6 (3.28%)	GitHub Actions
10	6 (3.28%)	Google Workspace
10	6 (3.28%)	Microsoft Purview
11	4 (2.19%)	Azure Key Vault
12	3 (1.64%)	Azure DevOps
12	3 (1.64%)	Azure Logic Apps
12	3 (1.64%)	IBM Cloud
12	3 (1.64%)	Mimecast
12	3 (1.64%)	PaaS
13	2 (1.09%)	Rubrik
13	2 (1.09%)	SaaS

Communications & Networking
1	57 (31.15%)	Firewall
2	46 (25.14%)	Network Security
3	12 (6.56%)	Wireless
4	11 (6.01%)	VPN
5	10 (5.46%)	TCP/IP
6	9 (4.92%)	VLAN
6	9 (4.92%)	Wireshark
7	7 (3.83%)	Intrusion Detection
7	7 (3.83%)	SSL
7	7 (3.83%)	Wi-Fi
8	5 (2.73%)	BGP
8	5 (2.73%)	OSPF
9	3 (1.64%)	Cisco ISE
9	3 (1.64%)	Ethernet
9	3 (1.64%)	Spanning Tree
9	3 (1.64%)	WAN
10	2 (1.09%)	Cisco Nexus
10	2 (1.09%)	HTTP
10	2 (1.09%)	LAN
10	2 (1.09%)	WLAN

Database & Business Intelligence
1	7 (3.83%)	Power BI
2	6 (3.28%)	Tableau
3	2 (1.09%)	Elasticsearch
3	2 (1.09%)	SQL Server

Development Applications
1	17 (9.29%)	JIRA
2	12 (6.56%)	Burp Suite
3	11 (6.01%)	Metasploit
4	6 (3.28%)	Jenkins
5	3 (1.64%)	Git
6	2 (1.09%)	AppScan
6	2 (1.09%)	GitLab

General
1	87 (47.54%)	Social Skills
2	29 (15.85%)	Finance
3	24 (13.11%)	Influencing Skills
4	23 (12.57%)	Inclusion and Diversity
5	20 (10.93%)	Analytical Skills
6	14 (7.65%)	Presentation Skills
7	10 (5.46%)	Legal
8	7 (3.83%)	Law
9	4 (2.19%)	Banking
10	3 (1.64%)	Documentation Skills
10	3 (1.64%)	Electronics
10	3 (1.64%)	Mandarin Language
10	3 (1.64%)	Marketing
11	2 (1.09%)	Financial Institution
11	2 (1.09%)	Manufacturing
11	2 (1.09%)	Military
11	2 (1.09%)	Organisational Skills
11	2 (1.09%)	Public Sector
11	2 (1.09%)	Retail
12	1 (0.55%)	Advertising

Job Titles
1	50 (27.32%)	Security Engineer
2	34 (18.58%)	Analyst
3	29 (15.85%)	Security Analyst
4	23 (12.57%)	Senior
5	19 (10.38%)	Lead
6	18 (9.84%)	Architect
7	17 (9.29%)	Cybersecurity Engineer
7	17 (9.29%)	Security Architect
8	15 (8.20%)	Senior Security Engineer
9	14 (7.65%)	Penetration Tester
9	14 (7.65%)	Tester
10	11 (6.01%)	Network Engineer
11	10 (5.46%)	IT Manager
12	9 (4.92%)	Cybersecurity Specialist
12	9 (4.92%)	Infrastructure Engineer
12	9 (4.92%)	Security Specialist
13	8 (4.37%)	Cloud Engineer
13	8 (4.37%)	Principal Architect
13	8 (4.37%)	Principal Security Architect
13	8 (4.37%)	Vulnerability Management Engineer

Libraries, Frameworks & Software Standards
1	5 (2.73%)	JSON
2	2 (1.09%)	Elastic Stack
3	1 (0.55%)	EDI
3	1 (0.55%)	ModSecurity
3	1 (0.55%)	PyTorch
3	1 (0.55%)	TensorFlow
3	1 (0.55%)	YAML

Miscellaneous
1	22 (12.02%)	Management Information System
1	22 (12.02%)	Security Posture
2	17 (9.29%)	Security Operations Centre
3	16 (8.74%)	Cyber Threat
4	10 (5.46%)	Self-Motivation
5	9 (4.92%)	Mobile App
6	8 (4.37%)	Cyber Defence
7	7 (3.83%)	Data Centre
7	7 (3.83%)	Operational Technology
8	6 (3.28%)	Analytical Mindset
8	6 (3.28%)	Cyber Kill Chain
9	5 (2.73%)	Cloud Native
10	4 (2.19%)	Distributed Systems
10	4 (2.19%)	PKI
11	3 (1.64%)	Cyberattack
11	3 (1.64%)	Enterprise Software
11	3 (1.64%)	Onboarding
11	3 (1.64%)	Public Cloud
11	3 (1.64%)	SCADA
11	3 (1.64%)	Virtual Team

Operating Systems
1	39 (21.31%)	Windows
2	26 (14.21%)	Linux
3	8 (4.37%)	Kali Linux
4	6 (3.28%)	Unix
4	6 (3.28%)	Windows Server
5	3 (1.64%)	Android
5	3 (1.64%)	Apple iOS
5	3 (1.64%)	VMS
6	1 (0.55%)	Debian
6	1 (0.55%)	Ubuntu
6	1 (0.55%)	Windows 10
6	1 (0.55%)	Windows Server 2016
6	1 (0.55%)	Windows Server 2019

Processes & Methodologies
1	110 (60.11%)	Cybersecurity
2	72 (39.34%)	Incident Response
3	60 (32.79%)	Vulnerability Management
4	56 (30.60%)	SIEM
5	41 (22.40%)	Vulnerability Assessment
6	40 (21.86%)	Information Security
6	40 (21.86%)	Vulnerability Scanning
7	34 (18.58%)	Security Operations
8	32 (17.49%)	DevOps
9	30 (16.39%)	Security Testing
10	29 (15.85%)	Cloud Security
11	25 (13.66%)	Security Architecture
12	24 (13.11%)	CI/CD
12	24 (13.11%)	Risk Management
13	21 (11.48%)	Application Security
13	21 (11.48%)	Problem-Solving
14	20 (10.93%)	Security Management
14	20 (10.93%)	Technology Transformation
14	20 (10.93%)	Vulnerability Remediation
15	19 (10.38%)	Threat Modelling

Programming Languages
1	56 (30.60%)	Python
2	42 (22.95%)	PowerShell
3	34 (18.58%)	Bash
4	17 (9.29%)	Go
5	10 (5.46%)	SQL
6	7 (3.83%)	JavaScript
7	6 (3.28%)	R
8	4 (2.19%)	C
8	4 (2.19%)	C#
8	4 (2.19%)	C++
8	4 (2.19%)	Java
9	3 (1.64%)	Perl
10	1 (0.55%)	Kotlin
10	1 (0.55%)	Kusto Query Language
10	1 (0.55%)	Objective-C
10	1 (0.55%)	Scala

Qualifications
1	36 (19.67%)	Degree
2	35 (19.13%)	CISSP
3	34 (18.58%)	Security Cleared
4	33 (18.03%)	SC Cleared
5	19 (10.38%)	OSCP
6	15 (8.20%)	Cisco Certification
6	15 (8.20%)	SANS
7	13 (7.10%)	CREST Certified
8	12 (6.56%)	CCNA
8	12 (6.56%)	CCNP
8	12 (6.56%)	CompTIA Security+
8	12 (6.56%)	GCIA
9	8 (4.37%)	AWS Certification
9	8 (4.37%)	CHECK Team Leader
9	8 (4.37%)	DV Cleared
10	7 (3.83%)	CEH
10	7 (3.83%)	CISA
10	7 (3.83%)	GIAC
11	6 (3.28%)	ACCA
11	6 (3.28%)	CIMA

Quality Assurance & Compliance
1	75 (40.98%)	ISO/IEC 27001
2	56 (30.60%)	NIST
3	27 (14.75%)	Cyber Essentials
4	20 (10.93%)	Accessibility
5	19 (10.38%)	NCSC
6	13 (7.10%)	GDPR
7	12 (6.56%)	QA
8	3 (1.64%)	Cyber Essentials PLUS
8	3 (1.64%)	GRC
8	3 (1.64%)	SOC 2
9	2 (1.09%)	NIST 800
9	2 (1.09%)	PCI DSS
10	1 (0.55%)	COBIT
10	1 (0.55%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
10	1 (0.55%)	ISO/IEC 42001

System Software
1	20 (10.93%)	Active Directory
2	14 (7.65%)	Virtual Machines
3	4 (2.19%)	Firmware
3	4 (2.19%)	VMware ESXi
3	4 (2.19%)	VMware Infrastructure
4	2 (1.09%)	EMC RecoverPoint
4	2 (1.09%)	pfSense
4	2 (1.09%)	Squid
5	1 (0.55%)	Hyper-V

Systems Management
1	11 (6.01%)	Microsoft Intune
2	10 (5.46%)	Nessus
2	10 (5.46%)	Single Sign-On
3	6 (3.28%)	Jamf Pro
3	6 (3.28%)	Nmap
4	5 (2.73%)	Kubernetes
4	5 (2.73%)	QRadar
5	3 (1.64%)	Proxmox
6	2 (1.09%)	Cisco CUCM
6	2 (1.09%)	Kibana
6	2 (1.09%)	Progress Chef
6	2 (1.09%)	Terraform
6	2 (1.09%)	VxRail
7	1 (0.55%)	Ansible
7	1 (0.55%)	CASB
7	1 (0.55%)	SCCM
7	1 (0.55%)	ZENworks

Vendors
1	60 (32.79%)	Microsoft
2	17 (9.29%)	Cisco
3	16 (8.74%)	Tenable
4	14 (7.65%)	ServiceNow
5	9 (4.92%)	Splunk
6	7 (3.83%)	Google
6	7 (3.83%)	Meraki
6	7 (3.83%)	Oracle
7	6 (3.28%)	Fortinet
7	6 (3.28%)	VMware
8	5 (2.73%)	Palo Alto
9	4 (2.19%)	CheckPoint
9	4 (2.19%)	Sophos
9	4 (2.19%)	Zscaler
10	3 (1.64%)	IBM
11	2 (1.09%)	Citrix
11	2 (1.09%)	CrowdStrike
11	2 (1.09%)	Dell
11	2 (1.09%)	LogicMonitor
11	2 (1.09%)	Okta

Penetration TestingUK

All Process and Methodology SkillsUK

Penetration TestingJob Vacancy Trend

Penetration TestingSalary Trend

Penetration TestingSalary Histogram

Penetration TestingTop 16 Job Locations

Penetration TestingTop 30 Co-Occurring Skills & Capabilities

Penetration TestingCo-Occurring Skills & Capabilities by Category