Hybrid/Remote Penetration Testing Job Trends

Penetration Testing
UK > Work from Home

The table below provides summary statistics and salary benchmarking for remote or hybrid work requiring Penetration Testing skills. It covers permanent job vacancies from the 6 months leading up to 12 March 2026, with comparisons to the same periods in the previous two years.

 6 months to
12 Mar 2026		 Same period 2025 Same period 2024
Rank 309 290 322
Rank change year-on-year -19 +32 +90
Permanent jobs citing Penetration Testing 86 121 237
As % of all permanent jobs with remote/hybrid work options 0.51% 0.87% 0.79%
As % of the Processes & Methodologies category 0.60% 0.91% 0.86%
Number of salaries quoted 68 93 205
10th Percentile £42,500 £52,500 £41,250
25th Percentile £48,165 £61,250 £48,750
Median annual salary (50th Percentile) £60,000 £70,000 £60,000
Median % change year-on-year -14.29% +16.67% -11.11%
75th Percentile £77,338 £88,750 £87,500
90th Percentile £97,500 £94,800 £105,000
UK median annual salary £72,434 £69,750 £65,000
% change year-on-year +3.85% +7.31% -6.07%

All Process & Methodology Skills
Work from Home

Penetration Testing falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all permanent job vacancies with remote or hybrid options requiring process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills 14,297 13,240 27,544
As % of all permanent jobs with a WFH option 85.26% 95.33% 92.13%
Number of salaries quoted 9,336 8,795 22,823
10th Percentile £31,250 £34,750 £34,000
25th Percentile £42,500 £46,250 £42,500
Median annual salary (50th Percentile) £60,000 £62,500 £57,500
Median % change year-on-year -4.00% +8.70% -8.00%
75th Percentile £80,000 £81,250 £75,772
90th Percentile £100,000 £102,500 £95,000
UK median annual salary £55,000 £60,000 £55,000
% change year-on-year -8.33% +9.09% -11.31%

Penetration Testing
Job Vacancy Trend for Remote/Hybrid Jobs

Historical trend showing the proportion of permanent IT job postings citing Penetration Testing and offering remote or hybrid work options relative to all permanent IT jobs advertised.

Penetration Testing job vacancy trend for remote/hybrid jobs

Penetration Testing
Salary Trend for Remote/Hybrid Jobs

Salary distribution trend for jobs with remote/hybrid work options citing Penetration Testing.

Salary distribution trend for jobs with remote/hybrid work options citing Penetration Testing

Penetration Testing
Salary Histogram for Remote/Hybrid Jobs

Salary distribution for jobs with remote/hybrid work options citing Penetration Testing over the 6 months to 12 March 2026.

Penetration Testing salary histogram for jobs with remote/hybrid work options

Penetration Testing
Co-Occurring Skills & Capabilities in Remote/Hybrid Jobs by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1 3 (3.49%) Microsoft Exchange
1 3 (3.49%) SharePoint
2 1 (1.16%) Confluence
Applications
1 3 (3.49%) Microsoft Excel
1 3 (3.49%) Microsoft Office
Cloud Services
1 24 (27.91%) AWS
2 22 (25.58%) Azure
3 10 (11.63%) GCP
4 5 (5.81%) Entra ID
5 3 (3.49%) IBM Cloud
5 3 (3.49%) Microsoft 365
5 3 (3.49%) Mimecast
5 3 (3.49%) Power Platform
6 2 (2.33%) Azure DevOps
6 2 (2.33%) SaaS
7 1 (1.16%) Amazon EKS
7 1 (1.16%) AWS CloudFormation
7 1 (1.16%) Azure Key Vault
7 1 (1.16%) Azure Monitor
7 1 (1.16%) Azure Sentinel
7 1 (1.16%) Figma
7 1 (1.16%) GitHub
Communications & Networking
1 20 (23.26%) Firewall
2 11 (12.79%) TCP/IP
3 8 (9.30%) Network Security
4 7 (8.14%) VPN
5 5 (5.81%) Wireshark
6 4 (4.65%) Ethernet
6 4 (4.65%) Wi-Fi
7 3 (3.49%) Cisco ISE
7 3 (3.49%) Cisco Nexus
7 3 (3.49%) DMARC
7 3 (3.49%) Intrusion Detection
7 3 (3.49%) VLAN
8 2 (2.33%) DNS
8 2 (2.33%) HTTP
9 1 (1.16%) ICMP
9 1 (1.16%) Modbus
9 1 (1.16%) SSH
9 1 (1.16%) Wireless
Database & Business Intelligence
1 3 (3.49%) Power BI
1 3 (3.49%) Tableau
Development Applications
1 16 (18.60%) Burp Suite
1 16 (18.60%) Metasploit
2 1 (1.16%) Bitbucket
2 1 (1.16%) Git
2 1 (1.16%) IDA Disassembler
2 1 (1.16%) JIRA
2 1 (1.16%) NUnit
General
1 44 (51.16%) Social Skills
2 14 (16.28%) Public Sector
2 14 (16.28%) Retail
3 13 (15.12%) Banking
4 11 (12.79%) Inclusion and Diversity
5 9 (10.47%) Analytical Skills
6 8 (9.30%) Finance
7 7 (8.14%) Law
8 4 (4.65%) Electronics
9 3 (3.49%) Marketing
10 1 (1.16%) Back Office
10 1 (1.16%) Documentation Skills
10 1 (1.16%) Financial Institution
10 1 (1.16%) Investment Banking
10 1 (1.16%) Legal
10 1 (1.16%) Manufacturing
Job Titles
1 22 (25.58%) Tester
2 21 (24.42%) Penetration Tester
3 14 (16.28%) Security Specialist
4 11 (12.79%) Senior
5 10 (11.63%) Security Manager
6 9 (10.47%) Analyst
7 8 (9.30%) IT Manager
7 8 (9.30%) Senior Penetration Tester
7 8 (9.30%) Senior Tester
8 7 (8.14%) Threat Intelligence Specialist
9 6 (6.98%) Consultant
9 6 (6.98%) Security Consultant
10 5 (5.81%) Cybersecurity Consultant
10 5 (5.81%) Head of Professional Services
10 5 (5.81%) Lead
10 5 (5.81%) Security Analyst
10 5 (5.81%) Security Engineer
11 4 (4.65%) Auditor
11 4 (4.65%) Cybersecurity Analyst
11 4 (4.65%) Cybersecurity Engineer
Libraries, Frameworks & Software Standards
1 2 (2.33%) .NET
2 1 (1.16%) .NET Framework
2 1 (1.16%) AngularJS
2 1 (1.16%) ASP.NET
2 1 (1.16%) ASP.NET Core
2 1 (1.16%) Entity Framework
2 1 (1.16%) JSON
2 1 (1.16%) OpenAPI
2 1 (1.16%) RESTful
2 1 (1.16%) RxJS
2 1 (1.16%) Swagger
2 1 (1.16%) Vitest
Miscellaneous
1 23 (26.74%) Security Posture
2 12 (13.95%) Cyber Threat
3 7 (8.14%) Cyber Defence
3 7 (8.14%) Insider Threat
4 6 (6.98%) Mobile App
5 5 (5.81%) Enterprise Software
6 4 (4.65%) Analytical Mindset
6 4 (4.65%) Data Centre
6 4 (4.65%) Operational Technology
6 4 (4.65%) Security Operations Centre
6 4 (4.65%) Self-Motivation
7 3 (3.49%) Blog
7 3 (3.49%) Cloud Native
7 3 (3.49%) Cyberattack
7 3 (3.49%) PKI
8 2 (2.33%) Public Cloud
9 1 (1.16%) Arduino
9 1 (1.16%) Driving Licence
9 1 (1.16%) Embedded Systems
9 1 (1.16%) Raspberry Pi
Operating Systems
1 12 (13.95%) Windows
2 11 (12.79%) Linux
3 9 (10.47%) Android
3 9 (10.47%) Apple iOS
4 3 (3.49%) Unix
4 3 (3.49%) Windows Server
5 1 (1.16%) Kali Linux
5 1 (1.16%) Mac OS
Processes & Methodologies
1 57 (66.28%) Cybersecurity
2 32 (37.21%) Incident Response
3 23 (26.74%) Information Security
4 16 (18.60%) SIEM
5 15 (17.44%) Problem-Solving
5 15 (17.44%) Red Team
6 14 (16.28%) Actionable Insight
6 14 (16.28%) Offensive Security
7 13 (15.12%) Application Security
7 13 (15.12%) Disaster Recovery
7 13 (15.12%) SDLC
8 12 (13.95%) Cloud Security
8 12 (13.95%) Ethical Hacking
9 11 (12.79%) Decision-Making
9 11 (12.79%) Threat Modelling
9 11 (12.79%) Vulnerability Management
10 10 (11.63%) Security Testing
10 10 (11.63%) Threat Intelligence
11 9 (10.47%) Reverse Engineering
11 9 (10.47%) Security Architecture
Programming Languages
1 13 (15.12%) Python
2 8 (9.30%) C
2 8 (9.30%) C++
2 8 (9.30%) Java
3 7 (8.14%) Go
4 4 (4.65%) PowerShell
4 4 (4.65%) SQL
5 3 (3.49%) C#
5 3 (3.49%) R
6 2 (2.33%) Bash
7 1 (1.16%) Bicep
7 1 (1.16%) JavaScript
7 1 (1.16%) Perl
7 1 (1.16%) Ruby
7 1 (1.16%) TypeScript
Qualifications
1 30 (34.88%) CREST Certified
2 25 (29.07%) OSCP
3 23 (26.74%) Security Cleared
4 20 (23.26%) CISSP
5 19 (22.09%) Degree
6 18 (20.93%) SC Cleared
7 13 (15.12%) CHECK Team Member
8 12 (13.95%) CCNA
8 12 (13.95%) Cisco Certification
9 11 (12.79%) CEH
10 10 (11.63%) CompTIA Security+
10 10 (11.63%) GPEN
10 10 (11.63%) Microsoft Certification
10 10 (11.63%) Microsoft Certified Professional
11 9 (10.47%) Cyber Scheme
11 9 (10.47%) GIAC
12 7 (8.14%) CISMP
12 7 (8.14%) DV Cleared
12 7 (8.14%) MCSE
13 5 (5.81%) CCNP
Quality Assurance & Compliance
1 36 (41.86%) ISO/IEC 27001
2 20 (23.26%) GDPR
3 15 (17.44%) Cyber Essentials
4 14 (16.28%) Actionable Recommendations
5 11 (12.79%) PCI DSS
6 9 (10.47%) Cyber Essentials PLUS
6 9 (10.47%) NIST
7 6 (6.98%) GRC
8 3 (3.49%) Data Quality
8 3 (3.49%) NCSC
9 1 (1.16%) Accessibility
9 1 (1.16%) NIST 800
9 1 (1.16%) QA
9 1 (1.16%) SOC 2
System Software
1 9 (10.47%) Active Directory
2 3 (3.49%) VMware ESXi
2 3 (3.49%) VMware Infrastructure
Systems Management
1 15 (17.44%) Nmap
2 13 (15.12%) Nessus
3 8 (9.30%) Kubernetes
4 3 (3.49%) CSIRT
4 3 (3.49%) Proxmox
5 2 (2.33%) Terraform
6 1 (1.16%) Microsoft Intune
6 1 (1.16%) Single Sign-On
Vendors
1 23 (26.74%) Microsoft
2 10 (11.63%) Cisco
3 3 (3.49%) CheckPoint
3 3 (3.49%) Fortinet
3 3 (3.49%) IBM
3 3 (3.49%) Okta
3 3 (3.49%) Oracle
3 3 (3.49%) Sophos
3 3 (3.49%) Splunk
3 3 (3.49%) Veeam
3 3 (3.49%) VMware
3 3 (3.49%) Zscaler
4 2 (2.33%) Qualys
5 1 (1.16%) DevExpress
5 1 (1.16%) Google
61 hybrid/remote Penetration Testing jobs