Penetration Testing Job Trends

Penetration Testing
UK

The table below provides summary statistics and salary benchmarking for jobs requiring Penetration Testing skills. It covers permanent job vacancies from the 6 months leading up to 24 June 2026, with comparisons to the same periods in the previous two years.

 6 months to
24 Jun 2026		 Same period 2025 Same period 2024
Rank 431 443 470
Rank change year-on-year +12 +27 -12
Permanent jobs citing Penetration Testing 358 228 496
As % of all permanent jobs in the UK 0.38% 0.50% 0.46%
As % of the Processes & Methodologies category 0.51% 0.55% 0.56%
Number of salaries quoted 237 173 403
10th Percentile £42,500 £44,000 £38,797
25th Percentile £50,000 £55,000 £48,750
Median annual salary (50th Percentile) £70,000 £67,500 £65,000
Median % change year-on-year +3.70% +3.85% +1.96%
75th Percentile £87,500 £80,000 £80,625
90th Percentile £100,000 £95,000 £97,500
UK excluding London median annual salary £55,000 £67,500 £60,000
% change year-on-year -18.52% +12.50% +9.09%

All Process & Methodology Skills
UK

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies requiring process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills 69,604 41,717 88,260
As % of all permanent jobs advertised in the UK 73.20% 92.25% 81.84%
Number of salaries quoted 48,009 22,461 62,520
10th Percentile £30,000 £28,800 £29,750
25th Percentile £41,250 £38,750 £40,000
Median annual salary (50th Percentile) £60,000 £57,500 £55,000
Median % change year-on-year +4.35% +4.55% -9.54%
75th Percentile £78,750 £77,500 £72,500
90th Percentile £100,000 £100,000 £92,500
UK excluding London median annual salary £52,500 £50,000 £50,000
% change year-on-year +5.00% - -9.09%

Penetration Testing
Job Vacancy Trend

Historical trend showing the proportion of permanent IT job postings citing Penetration Testing relative to all permanent IT jobs advertised.

Penetration Testing job vacancy trend in the UK

Penetration Testing
Salary Trend

Salary distribution trend for jobs in the UK citing Penetration Testing.

Salary distribution trend for jobs in the UK citing Penetration Testing

Penetration Testing
Salary Histogram

Salary distribution for jobs citing Penetration Testing over the 6 months to 24 June 2026.

Salary histogram for Penetration Testing in the UK

Penetration Testing
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 24 June 2026. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Permanent
IT Job Ads		 Median Salary
Past 6 Months		 Median Salary
% Change
on Same Period
Last Year		 Live
Jobs
England +18 319 £70,000 +3.70% 76
UK excluding London +4 182 £55,000 -18.52% 53
London +23 140 £82,500 +17.86% 36
Work from Home +60 122 £72,500 -3.33% 31
South East +8 62 £72,500 +3.57% 20
South West -22 48 £50,000 -25.93% 10
Midlands -23 30 £51,058 -24.36% 6
North of England -51 24 £56,000 -2.61% 7
West Midlands -21 19 £65,000 -3.70% 4
Yorkshire -44 14 £55,000 - 5
Scotland +16 11 £85,000 +21.43% 1
East Midlands -19 11 £46,743 +16.86% 2
North East -40 6 £75,000 +3.18%
East of England - 6 £32,500 - 2
North West -18 4 £61,750 +4.22% 2
Wales -45 3 £55,000 -27.22% 3

Penetration Testing
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1 8 (2.23%) Microsoft Exchange
2 7 (1.96%) SharePoint
3 3 (0.84%) Confluence
3 3 (0.84%) IIS
4 2 (0.56%) Apache Spark
5 1 (0.28%) Apache
5 1 (0.28%) Drupal
5 1 (0.28%) nginx
5 1 (0.28%) WordPress
Applications
1 2 (0.56%) Spreadsheet
Business Applications
1 1 (0.28%) Exchequer
1 1 (0.28%) Magento
1 1 (0.28%) SAP EHS
1 1 (0.28%) SAP S/4HANA
Cloud Services
1 82 (22.91%) Azure
2 81 (22.63%) AWS
3 33 (9.22%) Microsoft 365
4 28 (7.82%) GCP
5 15 (4.19%) Entra ID
6 13 (3.63%) GitHub
7 10 (2.79%) Azure Sentinel
7 10 (2.79%) SaaS
8 9 (2.51%) GitHub Actions
9 6 (1.68%) Microsoft Purview
10 4 (1.12%) Amazon EKS
10 4 (1.12%) AWS CloudFormation
10 4 (1.12%) Azure DevOps
10 4 (1.12%) Azure Key Vault
10 4 (1.12%) Mimecast
10 4 (1.12%) Rubrik
11 3 (0.84%) Cloud Computing
11 3 (0.84%) IaaS
11 3 (0.84%) OneDrive
11 3 (0.84%) PaaS
Communications & Networking
1 75 (20.95%) Firewall
2 29 (8.10%) Network Security
3 23 (6.42%) Cisco Nexus
3 23 (6.42%) Internet
4 22 (6.15%) Wi-Fi
4 22 (6.15%) Wireless
5 20 (5.59%) VPN
6 14 (3.91%) LAN
6 14 (3.91%) WAN
7 12 (3.35%) DNS
8 11 (3.07%) TCP/IP
9 9 (2.51%) Cisco ISE
10 7 (1.96%) VLAN
11 6 (1.68%) Intrusion Detection
12 4 (1.12%) DHCP
12 4 (1.12%) HTTPS
13 3 (0.84%) DMARC
13 3 (0.84%) DMZ
13 3 (0.84%) SSL
13 3 (0.84%) VoIP
Database & Business Intelligence
1 6 (1.68%) SQL Server
2 3 (0.84%) Amazon RDS
3 2 (0.56%) Hadoop
3 2 (0.56%) MongoDB
3 2 (0.56%) NoSQL
4 1 (0.28%) InterSystems Cache
4 1 (0.28%) KNIME
4 1 (0.28%) Power BI
4 1 (0.28%) Redis
Development Applications
1 23 (6.42%) Burp Suite
2 22 (6.15%) Metasploit
3 10 (2.79%) JIRA
4 8 (2.23%) Jenkins
5 6 (1.68%) Bitbucket
6 3 (0.84%) Git
6 3 (0.84%) Yeoman
7 2 (0.56%) Cucumber
7 2 (0.56%) Gatling
7 2 (0.56%) JMeter
7 2 (0.56%) NUnit
7 2 (0.56%) Selenium
8 1 (0.28%) Cypress.io
8 1 (0.28%) GitLab
8 1 (0.28%) IDA Disassembler
8 1 (0.28%) JUnit
8 1 (0.28%) Postman
8 1 (0.28%) Snyk
8 1 (0.28%) SonarQube
8 1 (0.28%) Vagrant
General
1 114 (31.84%) Social Skills
2 83 (23.18%) Finance
3 37 (10.34%) Analytical Skills
3 37 (10.34%) Public Sector
4 33 (9.22%) Law
5 22 (6.15%) Inclusion and Diversity
6 19 (5.31%) Banking
6 19 (5.31%) Retail
7 10 (2.79%) Legal
8 8 (2.23%) Marketing
9 7 (1.96%) Pharmaceutical
10 4 (1.12%) Financial Institution
10 4 (1.12%) Influencing Skills
10 4 (1.12%) Telecoms
11 3 (0.84%) Back Office
12 2 (0.56%) Digital Health
12 2 (0.56%) Digital Healthcare
12 2 (0.56%) Military
12 2 (0.56%) Social Housing
13 1 (0.28%) French Language
Job Titles
1 80 (22.35%) Senior
2 60 (16.76%) Analyst
3 52 (14.53%) Consultant
4 51 (14.25%) Penetration Tester
4 51 (14.25%) Security Analyst
4 51 (14.25%) Tester
5 43 (12.01%) Security Consultant
6 39 (10.89%) Senior Analyst
7 37 (10.34%) Senior Security Analyst
8 30 (8.38%) Lead
9 26 (7.26%) Cybersecurity Analyst
9 26 (7.26%) Security Engineer
10 25 (6.98%) Security Manager
11 22 (6.15%) Senior Cybersecurity Analyst
12 21 (5.87%) Security Specialist
13 19 (5.31%) Team Leader
14 18 (5.03%) Cybersecurity Consultant
15 15 (4.19%) Network Analyst
15 15 (4.19%) Senior Network Analyst
16 13 (3.63%) Network Security Analyst
Libraries, Frameworks & Software Standards
1 4 (1.12%) .NET
1 4 (1.12%) RESTful
2 3 (0.84%) .NET Framework
2 3 (0.84%) OAuth
3 2 (0.56%) AngularJS
3 2 (0.56%) ASP.NET
3 2 (0.56%) ASP.NET Core
3 2 (0.56%) Entity Framework
3 2 (0.56%) Kafka
3 2 (0.56%) LDAP
3 2 (0.56%) OAuth2
3 2 (0.56%) OpenAPI
3 2 (0.56%) OpenID
3 2 (0.56%) Playwright
3 2 (0.56%) RxJS
3 2 (0.56%) Swagger
3 2 (0.56%) Vitest
4 1 (0.28%) ARM Templates
4 1 (0.28%) Gherkin
4 1 (0.28%) Memcached
Miscellaneous
1 87 (24.30%) Security Posture
2 36 (10.06%) Mobile App
3 32 (8.94%) Cyber Threat
4 31 (8.66%) Cyber Defence
5 23 (6.42%) Management Information System
6 15 (4.19%) Self-Motivation
7 14 (3.91%) Security Operations Centre
8 9 (2.51%) Blog
8 9 (2.51%) Data Centre
8 9 (2.51%) Onboarding
9 8 (2.23%) Cloud Native
10 7 (1.96%) Cyber Security Posture
11 6 (1.68%) Cyberattack
11 6 (1.68%) Hybrid Cloud
11 6 (1.68%) Insider Threat
11 6 (1.68%) Operational Technology
12 5 (1.40%) Enterprise Software
13 4 (1.12%) Public Cloud
14 3 (0.84%) NHS
14 3 (0.84%) PKI
Operating Systems
1 46 (12.85%) Windows
2 39 (10.89%) Linux
3 17 (4.75%) Android
3 17 (4.75%) Apple iOS
4 13 (3.63%) Windows Server
5 4 (1.12%) Unix
6 3 (0.84%) Kali Linux
7 2 (0.56%) Red Hat Enterprise Linux
7 2 (0.56%) Windows Server 2016
8 1 (0.28%) Mac OS
Processes & Methodologies
1 247 (68.99%) Cybersecurity
2 110 (30.73%) Incident Response
3 99 (27.65%) Vulnerability Management
4 93 (25.98%) Red Team
5 75 (20.95%) Security Testing
5 75 (20.95%) SIEM
6 71 (19.83%) Offensive Security
7 66 (18.44%) Application Security
8 62 (17.32%) Mentoring
8 62 (17.32%) Problem-Solving
8 62 (17.32%) Security Operations
9 60 (16.76%) Cloud Security
10 59 (16.48%) Information Security
11 44 (12.29%) Continuous Improvement
12 43 (12.01%) Threat Modelling
13 42 (11.73%) Disaster Recovery
14 40 (11.17%) Agile
15 39 (10.89%) Threat Intelligence
16 35 (9.78%) Vulnerability Assessment
17 34 (9.50%) OWASP
Programming Languages
1 51 (14.25%) Python
2 50 (13.97%) PowerShell
3 29 (8.10%) Bash
4 15 (4.19%) Java
5 12 (3.35%) Go
6 6 (1.68%) C#
6 6 (1.68%) SQL
7 5 (1.40%) Bicep
7 5 (1.40%) C
7 5 (1.40%) C++
7 5 (1.40%) Perl
8 4 (1.12%) Ruby
9 3 (0.84%) Objective-C
9 3 (0.84%) PHP
9 3 (0.84%) Rust
10 2 (0.56%) JavaScript
10 2 (0.56%) Kusto Query Language
10 2 (0.56%) TypeScript
Qualifications
1 92 (25.70%) CREST Certified
2 69 (19.27%) OSCP
3 65 (18.16%) CISSP
3 65 (18.16%) Security Cleared
4 53 (14.80%) SC Cleared
5 41 (11.45%) CISM
6 38 (10.61%) Degree
7 33 (9.22%) CHECK Team Leader
8 31 (8.66%) CHECK Team Member
9 25 (6.98%) CEH
10 21 (5.87%) CCSAM
10 21 (5.87%) Cisco Certification
11 20 (5.59%) CompTIA Security+
12 16 (4.47%) CCNA
12 16 (4.47%) CCNP
13 14 (3.91%) DV Cleared
13 14 (3.91%) GIAC
14 12 (3.35%) SANS
15 8 (2.23%) OSCE
16 7 (1.96%) GPEN
Quality Assurance & Compliance
1 100 (27.93%) ISO/IEC 27001
2 53 (14.80%) NIST
3 50 (13.97%) GDPR
4 41 (11.45%) Cyber Essentials
5 24 (6.70%) PCI DSS
6 17 (4.75%) Cyber Essentials PLUS
6 17 (4.75%) GRC
7 15 (4.19%) NCSC
8 14 (3.91%) Actionable Recommendations
9 12 (3.35%) Accessibility
10 7 (1.96%) SOC 2
11 6 (1.68%) QA
12 5 (1.40%) Sarbanes-Oxley
13 4 (1.12%) Data Quality
13 4 (1.12%) Def Stans
13 4 (1.12%) NIST 800
14 3 (0.84%) COBIT
15 2 (0.56%) SLA
16 1 (0.28%) GxP
16 1 (0.28%) WCAG
System Software
1 37 (10.34%) Active Directory
2 8 (2.23%) VMware Infrastructure
3 4 (1.12%) EMC RecoverPoint
4 3 (0.84%) Docker
4 3 (0.84%) VMware ESXi
5 2 (0.56%) Virtual Machines
6 1 (0.28%) Virtual Desktop
Systems Management
1 18 (5.03%) Kubernetes
2 15 (4.19%) Nessus
3 12 (3.35%) Nmap
4 11 (3.07%) Microsoft Intune
5 10 (2.79%) Terraform
6 5 (1.40%) Ansible
7 4 (1.12%) CSIRT
7 4 (1.12%) VxRail
8 3 (0.84%) FortiGate
8 3 (0.84%) SCCM
8 3 (0.84%) Single Sign-On
9 2 (0.56%) CASB
9 2 (0.56%) Jamf Pro
9 2 (0.56%) Red Hat Satellite
10 1 (0.28%) Computer Emergency Response Teams
10 1 (0.28%) Consul
10 1 (0.28%) OpenVAS
10 1 (0.28%) Packer
10 1 (0.28%) Progress Chef
10 1 (0.28%) Puppet
Vendors
1 70 (19.55%) Microsoft
2 31 (8.66%) Cisco
3 26 (7.26%) Qualys
4 23 (6.42%) Palo Alto
5 20 (5.59%) Splunk
6 19 (5.31%) Aruba
7 14 (3.91%) Sophos
8 11 (3.07%) CrowdStrike
8 11 (3.07%) VMware
8 11 (3.07%) Zscaler
9 9 (2.51%) CheckPoint
10 8 (2.23%) Fortinet
11 5 (1.40%) Rapid7
11 5 (1.40%) Tenable
11 5 (1.40%) TOWER Software
12 4 (1.12%) Google
12 4 (1.12%) Okta
13 3 (0.84%) Dell
13 3 (0.84%) ServiceNow
13 3 (0.84%) Veeam
94 Penetration Testing jobs Nationwide