Hybrid/Remote Penetration Testing Job Trends

Penetration Testing
UK > Work from Home

The table below provides summary statistics and salary benchmarking for remote or hybrid work requiring Penetration Testing skills. It covers permanent job vacancies from the 6 months leading up to 18 July 2026, with comparisons to the same periods in the previous two years.

6 months to
18 Jul 2026
Same period 2025 Same period 2024
Rank 314 369 365
Rank change year-on-year +55 -4 -3
Permanent jobs citing Penetration Testing 126 66 200
As % of all permanent jobs with remote/hybrid work options 0.59% 0.40% 0.65%
As % of the Processes & Methodologies category 0.71% 0.43% 0.74%
Number of salaries quoted 88 60 175
10th Percentile £45,000 £51,125 £37,500
25th Percentile £50,000 £55,313 £47,500
Median annual salary (50th Percentile) £75,000 £72,750 £60,000
Median % change year-on-year +3.09% +21.25% -7.69%
75th Percentile £94,813 £88,333 £75,000
90th Percentile £108,250 £105,000 £105,000
UK median annual salary £70,000 £67,500 £64,000
% change year-on-year +3.70% +5.47% +2.40%

All Process & Methodology Skills
Work from Home

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies with remote or hybrid options requiring process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills 17,786 15,322 27,147
As % of all permanent jobs with a WFH option 82.77% 93.26% 88.64%
Number of salaries quoted 12,956 9,066 20,494
10th Percentile £35,000 £29,913 £34,000
25th Percentile £44,972 £41,250 £42,500
Median annual salary (50th Percentile) £60,000 £60,000 £57,500
Median % change year-on-year - +4.35% -8.00%
75th Percentile £80,000 £78,750 £76,250
90th Percentile £100,000 £102,500 £95,000
UK median annual salary £60,000 £56,888 £55,000
% change year-on-year +5.47% +3.43% -8.71%

Penetration Testing
Job Vacancy Trend for Remote/Hybrid Jobs

Historical trend showing the proportion of permanent IT job postings citing Penetration Testing and offering remote or hybrid work options relative to all permanent IT jobs advertised.

Penetration Testing job vacancy trend for remote/hybrid jobs

Penetration Testing
Salary Trend for Remote/Hybrid Jobs

Salary distribution trend for jobs with remote/hybrid work options citing Penetration Testing.

Salary distribution trend for jobs with remote/hybrid work options citing Penetration Testing

Penetration Testing
Salary Histogram for Remote/Hybrid Jobs

Salary distribution for jobs with remote/hybrid work options citing Penetration Testing over the 6 months to 18 July 2026.

Penetration Testing salary histogram for jobs with remote/hybrid work options

Penetration Testing
Co-Occurring Skills & Capabilities in Remote/Hybrid Jobs by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1 1 (0.79%) Apache
1 1 (0.79%) Confluence
1 1 (0.79%) Drupal
1 1 (0.79%) IIS
1 1 (0.79%) nginx
1 1 (0.79%) SharePoint
1 1 (0.79%) WordPress
Business Applications
1 1 (0.79%) Magento
Cloud Services
1 40 (31.75%) AWS
2 38 (30.16%) Azure
3 19 (15.08%) GCP
4 4 (3.17%) Amazon EKS
4 4 (3.17%) AWS CloudFormation
4 4 (3.17%) Azure DevOps
4 4 (3.17%) Microsoft 365
4 4 (3.17%) Mimecast
4 4 (3.17%) SaaS
5 3 (2.38%) Entra ID
6 2 (1.59%) Azure Key Vault
6 2 (1.59%) Figma
7 1 (0.79%) Amazon ECS
7 1 (0.79%) AWS Control Tower
7 1 (0.79%) Azure Monitor
7 1 (0.79%) Azure Sentinel
7 1 (0.79%) GitHub Actions
7 1 (0.79%) Power Automate
7 1 (0.79%) Power Platform
7 1 (0.79%) PowerApps
Communications & Networking
1 39 (30.95%) Firewall
2 15 (11.90%) Cisco Nexus
3 12 (9.52%) Network Security
4 11 (8.73%) Wi-Fi
5 7 (5.56%) VPN
6 4 (3.17%) Cisco ISE
6 4 (3.17%) DNS
6 4 (3.17%) Intrusion Detection
7 3 (2.38%) VLAN
7 3 (2.38%) Wireless
8 2 (1.59%) Broadband
9 1 (0.79%) DMARC
9 1 (0.79%) HTTP
9 1 (0.79%) Internet
9 1 (0.79%) TCP/IP
Database & Business Intelligence
1 1 (0.79%) Amazon RDS
1 1 (0.79%) InterSystems Cache
1 1 (0.79%) Redis
1 1 (0.79%) SQL Server
Development Applications
1 10 (7.94%) Burp Suite
2 9 (7.14%) Metasploit
3 4 (3.17%) JIRA
4 3 (2.38%) Git
5 2 (1.59%) Bitbucket
5 2 (1.59%) Gatling
5 2 (1.59%) NUnit
6 1 (0.79%) Cucumber
6 1 (0.79%) GitLab
6 1 (0.79%) IDA Disassembler
6 1 (0.79%) JMeter
6 1 (0.79%) JUnit
6 1 (0.79%) Postman
6 1 (0.79%) Selenium
6 1 (0.79%) Vagrant
General
1 55 (43.65%) Social Skills
2 15 (11.90%) Analytical Skills
3 14 (11.11%) Law
3 14 (11.11%) Public Sector
4 13 (10.32%) Banking
5 12 (9.52%) Retail
6 11 (8.73%) Finance
7 8 (6.35%) Inclusion and Diversity
8 4 (3.17%) Legal
9 3 (2.38%) Back Office
9 3 (2.38%) Financial Institution
10 2 (1.59%) Influencing Skills
10 2 (1.59%) Marketing
10 2 (1.59%) Social Housing
Job Titles
1 29 (23.02%) Penetration Tester
1 29 (23.02%) Tester
2 26 (20.63%) Senior
3 21 (16.67%) Analyst
4 16 (12.70%) Security Analyst
5 15 (11.90%) Senior Analyst
6 14 (11.11%) Consultant
6 14 (11.11%) Security Consultant
7 13 (10.32%) Cybersecurity Analyst
8 11 (8.73%) Network Analyst
8 11 (8.73%) Security Manager
8 11 (8.73%) Senior Network Analyst
9 10 (7.94%) Senior Cybersecurity Analyst
9 10 (7.94%) Senior Security Analyst
10 9 (7.14%) Architect
11 8 (6.35%) Security Specialist
12 7 (5.56%) Client Director
12 7 (5.56%) Cybersecurity Manager
12 7 (5.56%) Services Director
13 6 (4.76%) Security Penetration Tester
Libraries, Frameworks & Software Standards
1 4 (3.17%) .NET
1 4 (3.17%) RESTful
2 3 (2.38%) .NET Framework
3 2 (1.59%) AngularJS
3 2 (1.59%) ASP.NET
3 2 (1.59%) ASP.NET Core
3 2 (1.59%) Entity Framework
3 2 (1.59%) OpenAPI
3 2 (1.59%) RxJS
3 2 (1.59%) Swagger
3 2 (1.59%) Vitest
4 1 (0.79%) ARM Templates
4 1 (0.79%) Memcached
4 1 (0.79%) OAuth
4 1 (0.79%) Playwright
Miscellaneous
1 32 (25.40%) Security Posture
2 21 (16.67%) Cyber Threat
3 14 (11.11%) Mobile App
4 8 (6.35%) Management Information System
5 7 (5.56%) Blog
6 6 (4.76%) Cloud Native
7 4 (3.17%) Cyber Defence
7 4 (3.17%) Insider Threat
7 4 (3.17%) Public Cloud
7 4 (3.17%) Self-Motivation
8 3 (2.38%) Cyber Kill Chain
8 3 (2.38%) Operational Technology
9 2 (1.59%) Distributed Systems
9 2 (1.59%) Enterprise Software
9 2 (1.59%) Housing Association
9 2 (1.59%) Security Operations Centre
9 2 (1.59%) Social Media
10 1 (0.79%) AI Agents
10 1 (0.79%) Cyberattack
10 1 (0.79%) Data Centre
Operating Systems
1 20 (15.87%) Linux
2 19 (15.08%) Windows
3 16 (12.70%) Android
3 16 (12.70%) Apple iOS
4 5 (3.97%) Kali Linux
5 4 (3.17%) Windows Server
6 1 (0.79%) Mac OS
Processes & Methodologies
1 81 (64.29%) Cybersecurity
2 44 (34.92%) Incident Response
3 42 (33.33%) Vulnerability Management
4 33 (26.19%) Information Security
5 32 (25.40%) Cloud Security
6 30 (23.81%) Red Team
7 25 (19.84%) SIEM
8 23 (18.25%) Security Testing
9 22 (17.46%) Problem-Solving
10 21 (16.67%) Risk Management
11 20 (15.87%) Threat Modelling
12 18 (14.29%) Disaster Recovery
12 18 (14.29%) OWASP
13 17 (13.49%) Cyber Threat Intelligence
13 17 (13.49%) Security Architecture
13 17 (13.49%) Threat Intelligence
14 16 (12.70%) AI
14 16 (12.70%) Mentoring
15 15 (11.90%) Application Security
15 15 (11.90%) Offensive Security
Programming Languages
1 20 (15.87%) Python
2 14 (11.11%) PowerShell
3 12 (9.52%) Java
4 11 (8.73%) Go
5 5 (3.97%) C
5 5 (3.97%) C#
5 5 (3.97%) C++
6 4 (3.17%) Bash
6 4 (3.17%) Perl
6 4 (3.17%) Ruby
7 3 (2.38%) Objective-C
7 3 (2.38%) PHP
7 3 (2.38%) Rust
8 2 (1.59%) Bicep
8 2 (1.59%) JavaScript
8 2 (1.59%) SQL
8 2 (1.59%) TypeScript
Qualifications
1 31 (24.60%) CREST Certified
2 30 (23.81%) Security Cleared
3 27 (21.43%) SC Cleared
4 21 (16.67%) OSCP
5 20 (15.87%) CISSP
6 16 (12.70%) CISM
7 9 (7.14%) CHECK Team Member
7 9 (7.14%) Degree
8 8 (6.35%) CEH
8 8 (6.35%) GIAC
9 7 (5.56%) DV Cleared
10 6 (4.76%) CCNP
10 6 (4.76%) CHECK Team Leader
10 6 (4.76%) Cisco Certification
11 5 (3.97%) GPEN
11 5 (3.97%) GXPN
12 4 (3.17%) CCNA
12 4 (3.17%) CompTIA Security+
12 4 (3.17%) OSCE
13 3 (2.38%) CCSAS
Quality Assurance & Compliance
1 54 (42.86%) ISO/IEC 27001
2 30 (23.81%) NIST
3 26 (20.63%) GDPR
4 22 (17.46%) Cyber Essentials
4 22 (17.46%) PCI DSS
5 12 (9.52%) Actionable Recommendations
6 11 (8.73%) GRC
7 9 (7.14%) Cyber Essentials PLUS
8 7 (5.56%) NCSC
9 4 (3.17%) Def Stans
9 4 (3.17%) NIST 800
10 3 (2.38%) Data Quality
10 3 (2.38%) SOC 2
11 2 (1.59%) Accessibility
11 2 (1.59%) QA
12 1 (0.79%) ISO/IEC 42001
12 1 (0.79%) WCAG
System Software
1 10 (7.94%) Active Directory
2 2 (1.59%) Docker
Systems Management
1 11 (8.73%) Kubernetes
2 8 (6.35%) Nmap
3 5 (3.97%) Terraform
4 3 (2.38%) CSIRT
4 3 (2.38%) Nessus
5 1 (0.79%) Ansible
5 1 (0.79%) Consul
5 1 (0.79%) OpenVAS
5 1 (0.79%) Packer
5 1 (0.79%) Progress Chef
5 1 (0.79%) Puppet
Vendors
1 25 (19.84%) Microsoft
2 15 (11.90%) Cisco
2 15 (11.90%) Qualys
3 14 (11.11%) Palo Alto
4 11 (8.73%) Aruba
5 7 (5.56%) Fortinet
5 7 (5.56%) Sophos
5 7 (5.56%) Splunk
6 4 (3.17%) CheckPoint
6 4 (3.17%) CrowdStrike
6 4 (3.17%) Okta
6 4 (3.17%) Zscaler
7 3 (2.38%) New Relic
7 3 (2.38%) SolarWinds
7 3 (2.38%) Zerto
8 2 (1.59%) DevExpress
8 2 (1.59%) Google
9 1 (0.79%) Foundry
9 1 (0.79%) TOWER Software
9 1 (0.79%) Veeam