Penetration Testing jobs, average salaries and trends for Penetration Testing skills

The following table provides summary statistics for permanent job vacancies with a requirement for Penetration Testing skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Penetration Testing over the 6 months to 23 August 2017 with a comparison to the same period in the previous 2 years.

Penetration Testing UK
Location	6 months to 23 Aug 2017	Same period 2016	Same period 2015
Rank	392	352	492
Rank change year-on-year	-40	+140	+98
Permanent jobs citing Penetration Testing	1403	1720	1191
As % of all permanent IT jobs advertised in the UK	0.80%	0.87%	0.55%
As % of the Processes & Methodologies category	0.89%	0.98%	0.62%
Number of salaries quoted	1169	1339	939
UK median annual salary	£55,000	£55,000	£52,500
Median salary % change year-on-year	-	+4.76%	+3.96%
10th Percentile	£35,000	£34,938	£33,650
90th Percentile	£83,750	£82,500	£81,250
UK excluding London median annual salary	£50,000	£50,000	£45,000
% change year-on-year	-	+11.11%	-

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

All Process and Methodology Skills UK
Permanent vacancies with a requirement for process or methodology skills	158285	175244	190972
As % of all permanent IT jobs advertised in the UK	89.94%	89.07%	88.17%
Number of salaries quoted	125396	146177	155973
UK median annual salary	£50,000	£49,000	£47,500
Median salary % change year-on-year	+2.04%	+3.16%	+5.56%
10th Percentile	£28,723	£27,500	£27,500
90th Percentile	£80,000	£77,500	£76,250
UK excluding London median annual salary	£42,500	£42,500	£42,500

Penetration Testing
Job Vacancy Trend

Job postings citing Penetration Testing as a percentage of all IT jobs advertised.

Job vacancy trend for Penetration Testing in the UK

Penetration Testing
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing Penetration Testing.

Salary trend for Penetration Testing in the UK

Penetration Testing
Salary Histogram

The salary distribution of IT jobs citing Penetration Testing over the 6 months to 23 August 2017.

Salary histogram for Penetration Testing in the UK

Penetration Testing
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 23 August 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Permanent IT Job Ads	Median Salary Past 6 Months	Median Salary % Change on Same Period Last Year	Live Job Vacancies
England	-18	1343	£55,000	-	64
UK excluding London	-10	739	£50,000	-	32
London	-19	633	£60,000	-7.69%	33
South East	+43	336	£52,500	-	16
North of England	-37	178	£50,000	-	6
North West	-34	115	£55,000	+10.00%	4
Midlands	+48	104	£42,500	-15.00%	2
West Midlands	+37	94	£42,500	-10.53%	2
Yorkshire	-14	61	£45,000	-	2
East of England	-4	44	£55,000	+15.79%	3
South West	-89	41	£45,000	-10.00%	4
Scotland	+7	24	£37,500	-28.57%	1
Wales	+8	12	£47,500	-17.39%
East Midlands	+15	9	£45,000	-18.18%
Isle of Man	-	3	-	-
North East	+15	2	£59,500	+32.22%

Penetration Testing
Top 30 Co-occurring IT Skills

For the 6 months to 23 August 2017, IT jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads with a requirement for Penetration Testing.

1	754 (53.74%)	Information Security
2	553 (39.42%)	Cybersecurity
3	420 (29.94%)	Firewall
4	380 (27.08%)	ISO/IEC 27001
5	378 (26.94%)	CISSP
6	320 (22.81%)	Windows
7	274 (19.53%)	Network Security
8	258 (18.39%)	SIEM
9	236 (16.82%)	CISM
10	218 (15.54%)	Finance
11	216 (15.40%)	Security Cleared
12	213 (15.18%)	Linux
13	206 (14.68%)	ITIL
14	204 (14.54%)	PCI DSS
15	200 (14.26%)	Vulnerability Scanning

16	196 (13.97%)	Security Architecture
17	193 (13.76%)	Degree
18	186 (13.26%)	Vulnerability Assessment
19	176 (12.54%)	Risk Management
20	174 (12.40%)	Active Directory
20	174 (12.40%)	CREST Certified
21	173 (12.33%)	TCP/IP
22	172 (12.26%)	Agile Software Development
23	170 (12.12%)	Cisco
23	170 (12.12%)	Vulnerability Management
24	155 (11.05%)	Python
25	154 (10.98%)	Java
25	154 (10.98%)	Data Protection
26	144 (10.26%)	Security Operations
27	142 (10.12%)	Ethical Hacking

Penetration Testing
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
Applications
Business Applications
Cloud Services
Communications & Networking
Database & Business Intelligence
Development Applications
General
Job Titles
Libraries, Frameworks & Software Standards
Miscellaneous
Operating Systems
Processes & Methodologies
Programming Languages
Qualifications
Quality Assurance & Compliance
System Software
Systems Management
Vendors

Application Platforms
1	40 (2.85%)	IIS
2	34 (2.42%)	MS Exchange
3	22 (1.57%)	Exchange Server 2010
4	15 (1.07%)	Exchange Server 2013
5	14 (1.00%)	SharePoint
6	13 (0.93%)	Apache
7	12 (0.86%)	Skype for Business
8	11 (0.78%)	CMS
9	8 (0.57%)	OpenStack
10	4 (0.29%)	JBoss
10	4 (0.29%)	nginx
11	1 (0.071%)	Apache Pig
11	1 (0.071%)	BizTalk Server
11	1 (0.071%)	Elasticsearch
11	1 (0.071%)	Tornado
11	1 (0.071%)	WordPress

Applications
1	10 (0.71%)	Microsoft Office
2	5 (0.36%)	Spreadsheet
3	3 (0.21%)	Microsoft Excel
3	3 (0.21%)	Microsoft PowerPoint
3	3 (0.21%)	MS Visio

Business Applications
1	5 (0.36%)	Payment Gateway
2	2 (0.14%)	Dynamics CRM
3	1 (0.071%)	Salesforce.com CRM

Cloud Services
1	95 (6.77%)	Amazon AWS
2	61 (4.35%)	SaaS
3	43 (3.06%)	IaaS
4	41 (2.92%)	Microsoft Azure
5	18 (1.28%)	Office 365
6	15 (1.07%)	PaaS
7	12 (0.86%)	Mimecast
8	6 (0.43%)	AWS CloudFormation
8	6 (0.43%)	Cloud Computing
9	4 (0.29%)	Amazon S3
9	4 (0.29%)	Google Cloud Platform
10	3 (0.21%)	Amazon ELB
10	3 (0.21%)	Amazon SQS
10	3 (0.21%)	Google Compute Engine
10	3 (0.21%)	OpenShift
11	2 (0.14%)	AWS Lambda
11	2 (0.14%)	GitHub
12	1 (0.071%)	AWS OpsWorks
12	1 (0.071%)	Route 53

Communications & Networking
1	420 (29.94%)	Firewall
2	274 (19.53%)	Network Security
3	173 (12.33%)	TCP/IP
4	89 (6.34%)	DNS
5	77 (5.49%)	Wireless
6	74 (5.27%)	WAN
7	72 (5.13%)	LAN
8	69 (4.92%)	VPN
9	68 (4.85%)	Internet
10	64 (4.56%)	DHCP
11	50 (3.56%)	VLAN
12	48 (3.42%)	Cisco ASA
13	47 (3.35%)	MPLS
14	43 (3.06%)	SAN
15	40 (2.85%)	VoIP
16	39 (2.78%)	SS7
17	34 (2.42%)	Intrusion Detection
18	32 (2.28%)	Junos
19	29 (2.07%)	HTTP
20	24 (1.71%)	Ethernet

Database & Business Intelligence
1	52 (3.71%)	SQL Server
2	16 (1.14%)	MySQL
3	12 (0.86%)	SQL Server 2008
3	12 (0.86%)	SQL Server 2012
3	12 (0.86%)	SQL Server 2014
4	10 (0.71%)	Big Data
4	10 (0.71%)	MongoDB
5	8 (0.57%)	NoSQL
6	6 (0.43%)	Microsoft Analysis Services
6	6 (0.43%)	SQL Server Analysis Services
6	6 (0.43%)	SQL Server Integration Services
7	4 (0.29%)	Hadoop
7	4 (0.29%)	PostgreSQL
7	4 (0.29%)	SQL Server 2016
8	3 (0.21%)	GIS
8	3 (0.21%)	Looker
8	3 (0.21%)	Redis
9	1 (0.071%)	Apache Hive
9	1 (0.071%)	Hazelcast
9	1 (0.071%)	Relational Database

Development Applications
1	42 (2.99%)	Burp Suite
2	31 (2.21%)	Metasploit
3	25 (1.78%)	AppScan
4	20 (1.43%)	Git (software)
5	18 (1.28%)	Paros
6	17 (1.21%)	Selenium
7	13 (0.93%)	Jenkins
7	13 (0.93%)	WebScarab
8	12 (0.86%)	Eclipse
8	12 (0.86%)	Xcode
9	7 (0.50%)	Cucumber
9	7 (0.50%)	JUnit
10	6 (0.43%)	Appium
10	6 (0.43%)	FitNesse
10	6 (0.43%)	Hudson
10	6 (0.43%)	SoapUI
10	6 (0.43%)	WebDriver
11	5 (0.36%)	Sonatype Nexus
12	4 (0.29%)	IDA Disassembler
12	4 (0.29%)	Team Foundation Server

General
1	218 (15.54%)	Finance
2	106 (7.56%)	Telecoms
3	75 (5.35%)	Banking
4	70 (4.99%)	Legal
5	35 (2.49%)	Law
6	25 (1.78%)	Retail
7	19 (1.35%)	Marketing
8	15 (1.07%)	Automotive
9	14 (1.00%)	Aerospace
10	11 (0.78%)	Electronics
10	11 (0.78%)	Investment Banking
10	11 (0.78%)	Publishing
11	9 (0.64%)	Financial Institution
11	9 (0.64%)	Games
11	9 (0.64%)	Military
12	7 (0.50%)	Digital Economy
12	7 (0.50%)	Manufacturing
12	7 (0.50%)	Spanish Language
13	4 (0.29%)	Advertising
13	4 (0.29%)	Local Government

Job Titles
1	275 (19.60%)	Analyst
2	249 (17.75%)	Tester
3	226 (16.11%)	Penetration Tester
3	226 (16.11%)	Security Analyst
4	164 (11.69%)	Security Engineer
5	144 (10.26%)	Consultant
6	132 (9.41%)	Security Consultant
7	116 (8.27%)	Security Manager
8	101 (7.20%)	Business Manager
9	100 (7.13%)	Network Engineer
10	99 (7.06%)	Business Development Manager
10	99 (7.06%)	Development Manager
11	83 (5.92%)	IT Engineer
12	79 (5.63%)	IT Analyst
13	73 (5.20%)	IT Security Analyst
14	66 (4.70%)	IT Security Engineer
15	60 (4.28%)	Senior Tester
16	56 (3.99%)	Security Specialist
17	55 (3.92%)	Senior Penetration Tester
18	53 (3.78%)	Team Leader

Libraries, Frameworks & Software Standards
1	62 (4.42%)	.NET
2	48 (3.42%)	Web Services
3	43 (3.06%)	HTML
4	25 (1.78%)	Node.js
5	23 (1.64%)	XML
6	17 (1.21%)	RESTful
7	16 (1.14%)	Django
7	16 (1.14%)	J2EE
8	15 (1.07%)	CSS
9	12 (0.86%)	CGI
10	10 (0.71%)	ASP.NET
10	10 (0.71%)	JSON
10	10 (0.71%)	SOAP
11	8 (0.57%)	SAML
12	7 (0.50%)	OAuth
12	7 (0.50%)	Spring
13	6 (0.43%)	Ajax
13	6 (0.43%)	HTML5
13	6 (0.43%)	LAMP
13	6 (0.43%)	OAuth2

Miscellaneous
1	116 (8.27%)	Management Information System
2	108 (7.70%)	Data Protection Act
3	97 (6.91%)	Data Centre
4	92 (6.56%)	Computer Science
5	52 (3.71%)	Analytical Skills
6	50 (3.56%)	SCADA
7	47 (3.35%)	Cyberthreat
8	46 (3.28%)	Mobile App
9	37 (2.64%)	Smartphone
10	34 (2.42%)	Distributed Denial-of-Service
11	31 (2.21%)	Cyber Attack
12	27 (1.92%)	iPad
13	24 (1.71%)	Field-Programmable Gate Array
13	24 (1.71%)	PKI
14	22 (1.57%)	Cyber Defence
15	19 (1.35%)	CESG
16	16 (1.14%)	Security Operations Centre
17	15 (1.07%)	Cybercrime
17	15 (1.07%)	Greenfield Project
18	14 (1.00%)	Client/Server

Operating Systems
1	320 (22.81%)	Windows
2	213 (15.18%)	Linux
3	139 (9.91%)	Windows Server
4	105 (7.48%)	Unix
5	91 (6.49%)	Android
6	86 (6.13%)	Apple iOS
7	41 (2.92%)	Mac OS X
8	40 (2.85%)	Windows Server 2008
9	35 (2.49%)	Windows Server 2012
10	26 (1.85%)	VxWorks
11	22 (1.57%)	Kali Linux
12	14 (1.00%)	Solaris
13	10 (0.71%)	Windows 7
14	6 (0.43%)	Windows Server 2003
15	5 (0.36%)	CentOS
15	5 (0.36%)	Ubuntu
16	4 (0.29%)	KNOPPIX
17	2 (0.14%)	FreeBSD
17	2 (0.14%)	HPUX
17	2 (0.14%)	Windows 10

Processes & Methodologies
1	754 (53.74%)	Information Security
2	553 (39.42%)	Cybersecurity
3	258 (18.39%)	SIEM
4	206 (14.68%)	ITIL
5	200 (14.26%)	Vulnerability Scanning
6	196 (13.97%)	Security Architecture
7	186 (13.26%)	Vulnerability Assessment
8	176 (12.54%)	Risk Management
9	172 (12.26%)	Agile Software Development
10	170 (12.12%)	Vulnerability Management
11	154 (10.98%)	Data Protection
12	144 (10.26%)	Security Operations
13	142 (10.12%)	Ethical Hacking
14	126 (8.98%)	Security Testing
15	117 (8.34%)	Business Development
16	112 (7.98%)	OWASP
17	110 (7.84%)	Network Design
18	92 (6.56%)	Risk Assessment
19	90 (6.41%)	Incident Management
20	88 (6.27%)	Data Loss Prevention

Programming Languages
1	155 (11.05%)	Python
2	154 (10.98%)	Java
3	132 (9.41%)	C
4	90 (6.41%)	C++
5	74 (5.27%)	SQL
6	67 (4.78%)	Perl
7	62 (4.42%)	Ruby
8	54 (3.85%)	C#
9	49 (3.49%)	JavaScript
10	39 (2.78%)	PHP
11	35 (2.49%)	PowerShell
12	27 (1.92%)	Bash Shell
13	17 (1.21%)	VB
14	13 (0.93%)	VB.NET
15	10 (0.71%)	Groovy
16	7 (0.50%)	VBScript
17	6 (0.43%)	Ada
17	6 (0.43%)	Scala
18	5 (0.36%)	Objective-C
19	4 (0.29%)	Go

Qualifications
1	378 (26.94%)	CISSP
2	236 (16.82%)	CISM
3	216 (15.40%)	Security Cleared
4	193 (13.76%)	Degree
5	174 (12.40%)	CREST Certified
6	137 (9.76%)	CEH
7	103 (7.34%)	OSCP
8	94 (6.70%)	DV Cleared
9	85 (6.06%)	Cisco Certification
10	68 (4.85%)	CCNP
11	64 (4.56%)	CISA
12	61 (4.35%)	CHECK Team Member
13	59 (4.21%)	CCNA
14	58 (4.13%)	CHECK Team Leader
14	58 (4.13%)	SC Cleared
15	52 (3.71%)	GIAC
16	38 (2.71%)	GCIH
17	37 (2.64%)	SANS
18	36 (2.57%)	Computer Science Degree
19	34 (2.42%)	GPEN

Quality Assurance & Compliance
1	380 (27.08%)	ISO/IEC 27001
2	204 (14.54%)	PCI DSS
3	120 (8.55%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
4	60 (4.28%)	Cyber Essentials
5	57 (4.06%)	GDPR
6	31 (2.21%)	COBIT
7	30 (2.14%)	Sarbanes-Oxley
8	24 (1.71%)	Cyber Essentials PLUS
9	23 (1.64%)	QA
10	21 (1.50%)	ISO/IEC 27005
11	13 (0.93%)	ISO 22301
11	13 (0.93%)	SLA
12	9 (0.64%)	NIST 800
13	8 (0.57%)	ISO 9001
14	6 (0.43%)	HMG Security Policy Framework
14	6 (0.43%)	ISO 31000
14	6 (0.43%)	MISRA
15	5 (0.36%)	HIPAA
16	3 (0.21%)	JSP 440
16	3 (0.21%)	PA-DSS

System Software
1	174 (12.40%)	Active Directory
2	50 (3.56%)	ProxySG
3	30 (2.14%)	Hyper-V
4	18 (1.28%)	VMware Infrastructure
5	13 (0.93%)	Docker
6	10 (0.71%)	Firmware
7	8 (0.57%)	Virtual Machines
7	8 (0.57%)	VMware ESXi
8	6 (0.43%)	vSphere
9	5 (0.36%)	Snort
10	2 (0.14%)	VirtualBox
11	1 (0.071%)	KVM
11	1 (0.071%)	LXC
11	1 (0.071%)	VMware NSX
11	1 (0.071%)	Xen
11	1 (0.071%)	XenApp

Systems Management
1	61 (4.35%)	Nessus
2	20 (1.43%)	Nmap
3	17 (1.21%)	Computer Emergency Response Teams
4	13 (0.93%)	EnCase
5	12 (0.86%)	SCCM
6	11 (0.78%)	FTK
6	11 (0.78%)	Microsoft Clustering
7	10 (0.71%)	Puppet
8	9 (0.64%)	Ansible
8	9 (0.64%)	HP Fortify
8	9 (0.64%)	SCOM
9	8 (0.57%)	Cisco CUCM
9	8 (0.57%)	McAfee ePO
10	7 (0.50%)	Opscode Chef
11	6 (0.43%)	CSIRT
11	6 (0.43%)	Network Intrusion Detection System
11	6 (0.43%)	OpenVAS
12	5 (0.36%)	WebInspect
13	4 (0.29%)	QRadar
13	4 (0.29%)	RSA enVision

Vendors
1	170 (12.12%)	Cisco
2	114 (8.13%)	CheckPoint
3	88 (6.27%)	Microsoft
4	68 (4.85%)	Palo Alto
5	58 (4.13%)	Juniper
6	54 (3.85%)	VMware
7	53 (3.78%)	Blue Coat
8	43 (3.06%)	Apple
9	42 (2.99%)	HP
10	40 (2.85%)	Qualys
11	34 (2.42%)	Splunk
12	31 (2.21%)	ArcSight
13	23 (1.64%)	Citrix
14	19 (1.35%)	Avaya
15	18 (1.28%)	IBM
15	18 (1.28%)	SolarWinds
16	17 (1.21%)	Forcepoint
16	17 (1.21%)	Oracle
17	16 (1.14%)	F5
18	14 (1.00%)	Red Hat

66 Penetration Testing job vacancies Nationwide

Penetration TestingJob Vacancy Trend

Penetration TestingSalary Trend

Penetration TestingSalary Histogram

Penetration TestingTop 16 Job Locations

Penetration TestingTop 30 Co-occurring IT Skills