Penetration Testing Job Trends

Penetration Testing
UK

The table below provides summary statistics and salary benchmarking for jobs requiring Penetration Testing skills. It covers permanent job vacancies from the 6 months leading up to 10 May 2026, with comparisons to the same periods in the previous two years.

 6 months to
10 May 2026		 Same period 2025 Same period 2024
Rank 443 418 442
Rank change year-on-year -25 +24 +30
Permanent jobs citing Penetration Testing 289 242 519
As % of all permanent jobs in the UK 0.32% 0.55% 0.54%
As % of the Processes & Methodologies category 0.43% 0.59% 0.63%
Number of salaries quoted 200 193 406
10th Percentile £42,500 £44,000 £38,987
25th Percentile £50,000 £57,500 £47,500
Median annual salary (50th Percentile) £65,000 £69,500 £65,000
Median % change year-on-year -6.47% +6.92% -3.70%
75th Percentile £89,250 £88,333 £82,500
90th Percentile £97,750 £97,500 £95,000
UK excluding London median annual salary £56,000 £67,500 £55,000
% change year-on-year -17.04% +22.73% -

All Process & Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies requiring process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills 67,438 40,826 82,224
As % of all permanent jobs advertised in the UK 74.22% 93.31% 85.22%
Number of salaries quoted 42,850 22,742 59,687
10th Percentile £30,000 £30,250 £29,000
25th Percentile £40,000 £42,000 £40,000
Median annual salary (50th Percentile) £60,000 £60,000 £55,000
Median % change year-on-year - +9.09% -10.10%
75th Percentile £78,750 £80,000 £72,500
90th Percentile £100,000 £102,491 £92,500
UK excluding London median annual salary £52,500 £52,500 £50,000
% change year-on-year - +5.00% -9.09%

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of permanent IT job postings citing Penetration Testing relative to all permanent IT jobs advertised.

Penetration Testing job vacancy trend in the UK

Penetration Testing
Salary Trend

Salary distribution trend for jobs in the UK citing Penetration Testing.

Salary distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Salary Histogram

Salary distribution for jobs citing Penetration Testing over the 6 months to 10 May 2026.

Salary histogram for Penetration Testing in the UK

Penetration Testing
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 10 May 2026. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Permanent
IT Job Ads		 Median Salary
Past 6 Months		 Median Salary
% Change
on Same Period
Last Year		 Live
Jobs
England -10 252 £62,500 -7.41% 79
UK excluding London -42 144 £56,000 -17.04% 38
London +3 111 £78,750 +7.88% 43
Work from Home +31 97 £60,000 -20.00% 34
South West -12 48 £50,000 -25.93% 9
South East -38 33 £72,500 +3.57% 9
North of England -53 25 £56,000 -8.20% 7
Midlands -25 22 £56,250 -16.67% 9
West Midlands -41 14 £65,000 -3.70% 8
Yorkshire -49 13 £55,000 - 2
Scotland -5 12 £87,500 +17.85% 1
East Midlands -23 8 £51,058 +27.65% 1
North West -13 7 £56,000 -8.20% 5
North East -40 5 £75,000 -1.32%
East of England -4 4 £30,000 - 2

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1 6 (2.08%) SharePoint
2 5 (1.73%) Microsoft Exchange
3 3 (1.04%) IIS
4 2 (0.69%) Confluence
5 1 (0.35%) Apache
5 1 (0.35%) Drupal
5 1 (0.35%) nginx
5 1 (0.35%) WordPress
Applications
1 2 (0.69%) Weka
Business Applications
1 1 (0.35%) Exchequer
1 1 (0.35%) Magento
1 1 (0.35%) SAP EHS
1 1 (0.35%) SAP S/4HANA
Cloud Services
1 62 (21.45%) AWS
1 62 (21.45%) Azure
2 23 (7.96%) Microsoft 365
3 22 (7.61%) GCP
4 17 (5.88%) GitHub
5 13 (4.50%) Entra ID
5 13 (4.50%) GitHub Actions
6 12 (4.15%) Azure Sentinel
7 7 (2.42%) Microsoft Purview
8 6 (2.08%) SaaS
9 4 (1.38%) Amazon EKS
9 4 (1.38%) AWS CloudFormation
9 4 (1.38%) Azure DevOps
9 4 (1.38%) Azure Key Vault
9 4 (1.38%) Mimecast
10 3 (1.04%) IaaS
10 3 (1.04%) OneDrive
10 3 (1.04%) PaaS
11 2 (0.69%) Figma
11 2 (0.69%) Power Platform
Communications & Networking
1 46 (15.92%) Firewall
2 29 (10.03%) Network Security
3 20 (6.92%) Wireless
4 18 (6.23%) VPN
5 16 (5.54%) TCP/IP
6 11 (3.81%) DNS
7 8 (2.77%) Internet
8 7 (2.42%) Cisco ISE
8 7 (2.42%) Intrusion Detection
8 7 (2.42%) VLAN
9 4 (1.38%) Cisco Nexus
9 4 (1.38%) HTTPS
9 4 (1.38%) VoIP
10 3 (1.04%) DHCP
10 3 (1.04%) DMARC
10 3 (1.04%) DMZ
10 3 (1.04%) LAN
10 3 (1.04%) SSL
10 3 (1.04%) WAN
10 3 (1.04%) Wi-Fi
Database & Business Intelligence
1 5 (1.73%) SQL Server
2 3 (1.04%) Amazon RDS
3 2 (0.69%) Power BI
4 1 (0.35%) InterSystems Cache
4 1 (0.35%) MongoDB
4 1 (0.35%) Redis
Development Applications
1 24 (8.30%) Burp Suite
1 24 (8.30%) Metasploit
2 12 (4.15%) Jenkins
3 6 (2.08%) Bitbucket
4 5 (1.73%) JIRA
5 2 (0.69%) Git
5 2 (0.69%) NUnit
6 1 (0.35%) Gatling
6 1 (0.35%) JMeter
6 1 (0.35%) Vagrant
General
1 85 (29.41%) Finance
2 82 (28.37%) Social Skills
3 35 (12.11%) Public Sector
4 24 (8.30%) Banking
4 24 (8.30%) Inclusion and Diversity
4 24 (8.30%) Law
5 18 (6.23%) Analytical Skills
6 17 (5.88%) Retail
7 9 (3.11%) Pharmaceutical
8 8 (2.77%) Legal
9 7 (2.42%) Marketing
10 6 (2.08%) Telecoms
11 4 (1.38%) Financial Institution
12 3 (1.04%) Aerospace
12 3 (1.04%) Back Office
12 3 (1.04%) Influencing Skills
13 2 (0.69%) Public Speaking
13 2 (0.69%) Social Housing
14 1 (0.35%) Documentation Skills
14 1 (0.35%) Investment Banking
Job Titles
1 49 (16.96%) Consultant
2 45 (15.57%) Senior
3 44 (15.22%) Penetration Tester
3 44 (15.22%) Tester
4 43 (14.88%) Security Consultant
5 34 (11.76%) Analyst
6 27 (9.34%) Security Analyst
6 27 (9.34%) Security Manager
7 23 (7.96%) Cybersecurity Consultant
7 23 (7.96%) Lead
7 23 (7.96%) Security Engineer
8 15 (5.19%) Security Specialist
8 15 (5.19%) Senior Analyst
8 15 (5.19%) Senior Security Analyst
9 14 (4.84%) Team Leader
10 13 (4.50%) Applications Engineer
11 12 (4.15%) Test Team Leader
12 10 (3.46%) Head of Security
12 10 (3.46%) Senior Penetration Tester
12 10 (3.46%) Senior Tester
Libraries, Frameworks & Software Standards
1 4 (1.38%) .NET
2 3 (1.04%) .NET Framework
3 2 (0.69%) AngularJS
3 2 (0.69%) ASP.NET
3 2 (0.69%) ASP.NET Core
3 2 (0.69%) Entity Framework
3 2 (0.69%) OAuth
3 2 (0.69%) OAuth2
3 2 (0.69%) OpenAPI
3 2 (0.69%) OpenID
3 2 (0.69%) RESTful
3 2 (0.69%) RxJS
3 2 (0.69%) Swagger
3 2 (0.69%) Vitest
4 1 (0.35%) ARM Templates
4 1 (0.35%) LDAP
4 1 (0.35%) Memcached
Miscellaneous
1 67 (23.18%) Security Posture
2 36 (12.46%) Mobile App
3 28 (9.69%) Cyber Defence
4 25 (8.65%) Cyber Threat
5 17 (5.88%) Management Information System
6 12 (4.15%) Self-Motivation
7 9 (3.11%) Security Operations Centre
8 8 (2.77%) Blog
9 7 (2.42%) Cyber Security Posture
9 7 (2.42%) Data Centre
10 5 (1.73%) Cloud Native
10 5 (1.73%) Enterprise Software
10 5 (1.73%) Operational Technology
10 5 (1.73%) Public Cloud
11 4 (1.38%) Insider Threat
12 3 (1.04%) CCTV
12 3 (1.04%) Cyberattack
12 3 (1.04%) Onboarding
12 3 (1.04%) PKI
13 2 (0.69%) Data Protection Act
Operating Systems
1 37 (12.80%) Windows
2 34 (11.76%) Linux
3 15 (5.19%) Android
3 15 (5.19%) Apple iOS
4 6 (2.08%) Windows Server
5 4 (1.38%) Unix
6 2 (0.69%) Windows Server 2016
7 1 (0.35%) Kali Linux
7 1 (0.35%) Mac OS
7 1 (0.35%) Red Hat Enterprise Linux
Processes & Methodologies
1 184 (63.67%) Cybersecurity
2 87 (30.10%) Red Team
3 86 (29.76%) Incident Response
4 63 (21.80%) Security Testing
5 61 (21.11%) Application Security
6 56 (19.38%) Mentoring
6 56 (19.38%) Offensive Security
7 54 (18.69%) Information Security
7 54 (18.69%) Vulnerability Management
8 53 (18.34%) SIEM
9 46 (15.92%) Problem-Solving
10 39 (13.49%) Agile
11 37 (12.80%) Cloud Security
11 37 (12.80%) Security Operations
12 33 (11.42%) Threat Modelling
13 30 (10.38%) Business Strategy
13 30 (10.38%) Business Transformation
14 29 (10.03%) Coaching
14 29 (10.03%) Internal Audit
14 29 (10.03%) Vulnerability Assessment
Programming Languages
1 52 (17.99%) Python
2 46 (15.92%) PowerShell
3 38 (13.15%) Bash
4 15 (5.19%) Java
5 13 (4.50%) Go
6 8 (2.77%) C#
6 8 (2.77%) Perl
7 6 (2.08%) C
7 6 (2.08%) C++
7 6 (2.08%) Ruby
8 5 (1.73%) SQL
9 4 (1.38%) Bicep
10 3 (1.04%) Objective-C
10 3 (1.04%) Rust
11 2 (0.69%) Kusto Query Language
11 2 (0.69%) TypeScript
12 1 (0.35%) PHP
Qualifications
1 96 (33.22%) CREST Certified
2 71 (24.57%) OSCP
3 69 (23.88%) CISSP
4 50 (17.30%) Security Cleared
5 43 (14.88%) SC Cleared
6 41 (14.19%) Degree
7 34 (11.76%) CHECK Team Member
7 34 (11.76%) CISM
8 28 (9.69%) CEH
9 27 (9.34%) CHECK Team Leader
10 23 (7.96%) Cisco Certification
11 21 (7.27%) CCSAM
12 16 (5.54%) CCNA
12 16 (5.54%) CompTIA Security+
13 15 (5.19%) SANS
14 13 (4.50%) CCNP
15 11 (3.81%) GIAC
15 11 (3.81%) GPEN
16 10 (3.46%) Cyber Scheme
17 9 (3.11%) DV Cleared
Quality Assurance & Compliance
1 83 (28.72%) ISO/IEC 27001
2 43 (14.88%) GDPR
3 42 (14.53%) NIST
4 34 (11.76%) Cyber Essentials
5 20 (6.92%) PCI DSS
6 16 (5.54%) Actionable Recommendations
7 14 (4.84%) Cyber Essentials PLUS
7 14 (4.84%) GRC
8 13 (4.50%) Accessibility
9 10 (3.46%) NCSC
10 7 (2.42%) SOC 2
11 4 (1.38%) Data Quality
12 3 (1.04%) COBIT
12 3 (1.04%) GxP
12 3 (1.04%) QA
13 2 (0.69%) ITGC
13 2 (0.69%) Sarbanes-Oxley
14 1 (0.35%) HIPAA
14 1 (0.35%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
14 1 (0.35%) SLA
System Software
1 28 (9.69%) Active Directory
2 6 (2.08%) VMware Infrastructure
3 3 (1.04%) Docker
3 3 (1.04%) VMware ESXi
4 2 (0.69%) EMC RecoverPoint
4 2 (0.69%) vSphere
5 1 (0.35%) Hyper-V
5 1 (0.35%) Virtual Desktop
5 1 (0.35%) Virtual Machines
Systems Management
1 19 (6.57%) Nessus
2 15 (5.19%) Kubernetes
3 14 (4.84%) Nmap
4 11 (3.81%) Microsoft Intune
5 8 (2.77%) Terraform
6 5 (1.73%) Ansible
6 5 (1.73%) CSIRT
7 4 (1.38%) Single Sign-On
8 3 (1.04%) FortiGate
9 2 (0.69%) CASB
9 2 (0.69%) Jamf Pro
9 2 (0.69%) SCCM
9 2 (0.69%) VxRail
10 1 (0.35%) ArcSight ESM
10 1 (0.35%) Consul
10 1 (0.35%) Packer
10 1 (0.35%) Progress Chef
10 1 (0.35%) Puppet
10 1 (0.35%) QRadar
10 1 (0.35%) Red Hat Satellite
Vendors
1 63 (21.80%) Microsoft
2 14 (4.84%) Splunk
3 12 (4.15%) Cisco
3 12 (4.15%) Sophos
4 9 (3.11%) VMware
4 9 (3.11%) Zscaler
5 8 (2.77%) Fortinet
6 7 (2.42%) CheckPoint
6 7 (2.42%) CrowdStrike
7 5 (1.73%) Qualys
7 5 (1.73%) TOWER Software
8 4 (1.38%) Okta
8 4 (1.38%) Palo Alto
9 3 (1.04%) Dell
9 3 (1.04%) Veeam
10 2 (0.69%) DevExpress
10 2 (0.69%) Google
10 2 (0.69%) Rapid7
10 2 (0.69%) Tenable
11 1 (0.35%) CyberArk
103 Penetration Testing jobs Nationwide