Period
to

The table below provides summary statistics for permanent job vacancies with an option to work from home (WFH) and a requirement for Penetration Testing skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Penetration Testing over the 6 months to 16 August 2022 with a comparison to the same period in the previous 2 years.

Penetration Testing
UK > Work from Home
6 months to
16 Aug 2022
Same period 2021 Same period 2020
Rank 483 427 207
Rank change year-on-year -56 -220 -14
Permanent jobs citing Penetration Testing 436 225 92
As % of all permanent jobs with a WFH option 0.58% 0.55% 1.04%
As % of the Processes & Methodologies category 0.60% 0.57% 1.12%
Number of salaries quoted 332 201 86
10th Percentile £38,775 £38,750 £35,625
25th Percentile £53,750 £47,500 £43,750
Median annual salary (50th Percentile) £65,000 £61,000 £60,000
Median % change year-on-year +6.56% +1.67% -14.29%
75th Percentile £80,000 £80,000 £73,750
90th Percentile £92,500 £90,000 £101,250
UK median annual salary £66,750 £60,000 £60,000
% change year-on-year +11.25% - -2.04%

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a WFH option and a requirement for process or methodology skills.

All Process and Methodology Skills
Work from Home
Permanent vacancies with a requirement for process or methodology skills 72,825 39,230 8,190
As % of all permanent jobs with a WFH option 96.61% 95.24% 92.45%
Number of salaries quoted 42,824 29,565 7,077
10th Percentile £37,000 £35,000 £35,000
25th Percentile £46,250 £42,500 £42,500
Median annual salary (50th Percentile) £61,000 £55,000 £55,000
Median % change year-on-year +10.91% - -
75th Percentile £80,000 £75,000 £73,750
90th Percentile £95,000 £90,000 £85,000
UK median annual salary £60,000 £55,750 £55,000
% change year-on-year +7.62% +1.36% +4.76%

Penetration Testing
Trend for Jobs with a WFH Option

Job vacancies with a work from home option citing Penetration Testing as a proportion of all IT jobs advertised.

Penetration Testing trend for jobs with a WFH option

Penetration Testing
Salary Trend for Jobs with a WFH Option

3-month moving average salary quoted in job vacancies with a work from home option citing Penetration Testing.

Penetration Testing salary trend for jobs with a WFH option

Penetration Testing
Salary Histogram for Jobs with a WFH Option

Salary distribution for jobs with a work from home option citing Penetration Testing over the 6 months to 16 August 2022.

Penetration Testing salary histogram for jobs with a WFH option

For the 6 months to 16 August 2022, Penetration Testing job roles required the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent jobs with a WFH option and a requirement for Penetration Testing.

1 234 (53.67%) Cybersecurity
2 148 (33.94%) Information Security
3 142 (32.57%) Azure
4 112 (25.69%) SIEM
5 111 (25.46%) ISO/IEC 27001
6 104 (23.85%) Social Skills
7 100 (22.94%) Agile
8 96 (22.02%) Incident Response
9 93 (21.33%) AWS
10 89 (20.41%) CISSP
11 88 (20.18%) DevOps
12 87 (19.95%) Microsoft
13 83 (19.04%) Security Operations
14 81 (18.58%) Application Security
15 79 (18.12%) Firewall
16 77 (17.66%) OWASP
17 76 (17.43%) Finance
18 74 (16.97%) Problem-Solving
19 73 (16.74%) Incident Management
19 73 (16.74%) Microsoft 365
20 69 (15.83%) Docker
20 69 (15.83%) NIST
21 63 (14.45%) Windows
21 63 (14.45%) Vulnerability Management
22 62 (14.22%) CI/CD
23 61 (13.99%) Security Architecture
24 60 (13.76%) CREST Certified
25 56 (12.84%) Kubernetes
26 54 (12.39%) GDPR
27 53 (12.16%) Test Automation

Penetration Testing
Co-occurring IT Skills with a WFH Option by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 24 (5.50%) Confluence
2 12 (2.75%) IIS
3 4 (0.92%) Apache Spark
3 4 (0.92%) Ethereum
3 4 (0.92%) SharePoint
4 1 (0.23%) MS Exchange
4 1 (0.23%) MTS
Applications
1 6 (1.38%) Spreadsheet
2 1 (0.23%) Microsoft Excel
2 1 (0.23%) Microsoft Office
2 1 (0.23%) Microsoft PowerPoint
Business Applications
1 3 (0.69%) SAP ERP
1 3 (0.69%) SAP Oil and Gas
Cloud Services
1 142 (32.57%) Azure
2 93 (21.33%) AWS
3 73 (16.74%) Microsoft 365
4 51 (11.70%) Azure Sentinel
5 30 (6.88%) SaaS
6 25 (5.73%) GitHub
7 23 (5.28%) GitHub Actions
8 22 (5.05%) Azure DevOps
9 21 (4.82%) Mimecast
10 19 (4.36%) Azure Active Directory
11 18 (4.13%) Power Platform
12 16 (3.67%) Virtual Private Cloud
13 14 (3.21%) CloudFront
13 14 (3.21%) GCP
14 11 (2.52%) Azure Stack
15 8 (1.83%) PaaS
16 2 (0.46%) Amazon EC2
16 2 (0.46%) Amazon SQS
16 2 (0.46%) AWS CloudFormation
16 2 (0.46%) Route 53
Communications & Networking
1 79 (18.12%) Firewall
2 44 (10.09%) Network Security
3 40 (9.17%) Wireless
4 29 (6.65%) VPN
5 27 (6.19%) DNS
6 14 (3.21%) Internet
7 12 (2.75%) VLAN
8 9 (2.06%) WAN
9 8 (1.83%) Wireless Security
10 7 (1.61%) HTTP
10 7 (1.61%) TCP/IP
11 6 (1.38%) HTTPS
11 6 (1.38%) MPLS
11 6 (1.38%) Wireshark
12 5 (1.15%) SD-WAN
12 5 (1.15%) Wi-Fi
13 4 (0.92%) Broadband
13 4 (0.92%) Cisco Firepower
13 4 (0.92%) Intrusion Detection
13 4 (0.92%) WireGuard
Database & Business Intelligence
1 23 (5.28%) MySQL
2 17 (3.90%) Power BI
3 16 (3.67%) SQL Server
4 7 (1.61%) PostgreSQL
5 4 (0.92%) Data Warehouse
5 4 (0.92%) Elasticsearch
5 4 (0.92%) NoSQL
6 3 (0.69%) Amazon RDS
7 2 (0.46%) DocumentDB
7 2 (0.46%) Redis
8 1 (0.23%) MongoDB
8 1 (0.23%) Relational Database
Development Applications
1 36 (8.26%) Git (software)
2 30 (6.88%) GitLab
3 29 (6.65%) Jenkins
4 27 (6.19%) JIRA
4 27 (6.19%) Selenium
4 27 (6.19%) SonarQube
5 22 (5.05%) SpecFlow
6 18 (4.13%) Burp Suite
7 13 (2.98%) Metasploit
8 6 (1.38%) Emacs
8 6 (1.38%) SoapUI
8 6 (1.38%) sqlmap
9 4 (0.92%) Cucumber
9 4 (0.92%) Cypress.io
9 4 (0.92%) Postman
10 2 (0.46%) JMeter
11 1 (0.23%) AppScan
11 1 (0.23%) Moq
11 1 (0.23%) Visual Studio
11 1 (0.23%) WebDriver
General
1 104 (23.85%) Social Skills
2 76 (17.43%) Finance
3 40 (9.17%) Manufacturing
4 33 (7.57%) Retail
5 30 (6.88%) Analytical Skills
6 26 (5.96%) Inclusion and Diversity
7 23 (5.28%) Law
8 19 (4.36%) Legal
9 14 (3.21%) Presentation Skills
9 14 (3.21%) Public Sector
10 13 (2.98%) Banking
11 9 (2.06%) Marketing
12 6 (1.38%) Games
12 6 (1.38%) Organisational Skills
13 4 (0.92%) Publishing
14 3 (0.69%) Advertising
14 3 (0.69%) Automotive
14 3 (0.69%) Financial Institution
14 3 (0.69%) Telecoms
15 2 (0.46%) Wholesale Banking
Job Titles
1 69 (15.83%) Security Engineer
2 67 (15.37%) Tester
3 65 (14.91%) Penetration Tester
4 58 (13.30%) Analyst
5 56 (12.84%) Developer
6 51 (11.70%) Security Analyst
7 45 (10.32%) Consultant
8 36 (8.26%) Security Manager
9 30 (6.88%) Security Consultant
10 28 (6.42%) Information Manager
11 26 (5.96%) Information Security Manager
12 23 (5.28%) Cybersecurity Analyst
12 23 (5.28%) Software Developer
13 22 (5.05%) Developer in Test
14 20 (4.59%) Security Officer
15 19 (4.36%) Architect
16 16 (3.67%) IT Security Analyst
16 16 (3.67%) Senior Penetration Tester
16 16 (3.67%) Senior Tester
16 16 (3.67%) Software Engineer
Libraries, Frameworks & Software Standards
1 39 (8.94%) Node.js
2 38 (8.72%) OAuth
2 38 (8.72%) OAuth2
3 35 (8.03%) .NET
4 33 (7.57%) CSS
5 32 (7.34%) React
6 28 (6.42%) HTML
7 24 (5.50%) OpenID
8 22 (5.05%) .NET Core
8 22 (5.05%) jQuery
8 22 (5.05%) Lambda Expressions
8 22 (5.05%) Twitter Bootstrap
9 14 (3.21%) SAML
10 12 (2.75%) Web Services
11 8 (1.83%) AngularJS
12 6 (1.38%) LAMP
13 5 (1.15%) GraphQL
14 4 (0.92%) Chai
14 4 (0.92%) Jest
14 4 (0.92%) Next.js
Miscellaneous
1 51 (11.70%) Management Information System
2 50 (11.47%) Mobile App
3 27 (6.19%) Enterprise Software
4 23 (5.28%) Cyberthreat
5 22 (5.05%) NHS
6 21 (4.82%) Cloud Native
7 18 (4.13%) Public Cloud
8 16 (3.67%) Cyberattack
8 16 (3.67%) Greenfield Project
8 16 (3.67%) Security Operations Centre
9 14 (3.21%) IoT
10 11 (2.52%) Embedded Systems
10 11 (2.52%) User Experience
11 10 (2.29%) SCADA
12 8 (1.83%) Blockchain
12 8 (1.83%) Blog
12 8 (1.83%) Data Protection Act
13 6 (1.38%) Legacy Systems
14 4 (0.92%) Replication
14 4 (0.92%) Web3
Operating Systems
1 63 (14.45%) Windows
2 45 (10.32%) Linux
3 18 (4.13%) Windows Server
4 15 (3.44%) Unix
5 13 (2.98%) Kali Linux
6 9 (2.06%) Android
7 7 (1.61%) Mac OS
8 6 (1.38%) Apple iOS
9 5 (1.15%) Red Hat Enterprise Linux
10 4 (0.92%) Ubuntu
11 2 (0.46%) Solaris
11 2 (0.46%) Windows 10
Processes & Methodologies
1 234 (53.67%) Cybersecurity
2 148 (33.94%) Information Security
3 112 (25.69%) SIEM
4 100 (22.94%) Agile
5 96 (22.02%) Incident Response
6 88 (20.18%) DevOps
7 83 (19.04%) Security Operations
8 81 (18.58%) Application Security
9 77 (17.66%) OWASP
10 74 (16.97%) Problem-Solving
11 73 (16.74%) Incident Management
12 63 (14.45%) Vulnerability Management
13 62 (14.22%) CI/CD
14 61 (13.99%) Security Architecture
15 53 (12.16%) Test Automation
16 51 (11.70%) Threat Intelligence
17 50 (11.47%) Vulnerability Scanning
18 45 (10.32%) Red Team
18 45 (10.32%) Unit Testing
19 44 (10.09%) Vulnerability Assessment
Programming Languages
1 44 (10.09%) JavaScript
2 42 (9.63%) Bash
3 39 (8.94%) PowerShell
4 38 (8.72%) C#
5 37 (8.49%) Python
6 32 (7.34%) C++
7 31 (7.11%) PHP
8 26 (5.96%) C
9 22 (5.05%) ES6
9 22 (5.05%) SQL
10 21 (4.82%) Java
11 17 (3.90%) TypeScript
12 14 (3.21%) Go
13 10 (2.29%) Rust
14 5 (1.15%) Ruby
15 4 (0.92%) Perl
16 1 (0.23%) Elixir
16 1 (0.23%) Erlang
16 1 (0.23%) Scala
Qualifications
1 89 (20.41%) CISSP
2 60 (13.76%) CREST Certified
3 48 (11.01%) CISM
4 45 (10.32%) OSCP
5 43 (9.86%) Security Cleared
6 31 (7.11%) CEH
7 29 (6.65%) CISA
8 25 (5.73%) Degree
8 25 (5.73%) SC Cleared
9 23 (5.28%) Cyber Scheme
10 22 (5.05%) CompTIA Security+
11 15 (3.44%) Microsoft Certification
12 14 (3.21%) AWS Certification
13 13 (2.98%) Cisco Certification
13 13 (2.98%) Tigerscheme
14 10 (2.29%) CHECK Team Leader
14 10 (2.29%) CHECK Team Member
15 8 (1.83%) CompTIA CySA+
16 7 (1.61%) CCNA
16 7 (1.61%) Computer Science Degree
Quality Assurance & Compliance
1 111 (25.46%) ISO/IEC 27001
2 69 (15.83%) NIST
3 54 (12.39%) GDPR
4 51 (11.70%) Cyber Essentials
5 44 (10.09%) PCI DSS
6 43 (9.86%) QA
7 32 (7.34%) NCSC
8 29 (6.65%) Cyber Essentials PLUS
9 22 (5.05%) GRC
10 8 (1.83%) HIPAA
11 5 (1.15%) SOC 1
12 4 (0.92%) Accessibility
12 4 (0.92%) ISO/IEC 27005
12 4 (0.92%) SOC 2
12 4 (0.92%) WCAG
13 3 (0.69%) HMG Security Policy Framework
13 3 (0.69%) IASME
13 3 (0.69%) Sarbanes-Oxley
14 2 (0.46%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
15 1 (0.23%) NIST 800
System Software
1 69 (15.83%) Docker
2 42 (9.63%) Active Directory
3 17 (3.90%) VMware Infrastructure
4 9 (2.06%) Hyper-V
5 4 (0.92%) OpenSSH
5 4 (0.92%) Snort
5 4 (0.92%) Virtual Machines
6 3 (0.69%) Firmware
7 1 (0.23%) Virtual Servers
Systems Management
1 56 (12.84%) Kubernetes
2 39 (8.94%) Terraform
3 20 (4.59%) Nessus
4 18 (4.13%) Ansible
5 10 (2.29%) CASB
6 7 (1.61%) Single Sign-On
7 5 (1.15%) Nmap
8 3 (0.69%) Active Directory Federation Services
8 3 (0.69%) McAfee ePO
8 3 (0.69%) Microsoft Intune
9 2 (0.46%) HP Fortify
9 2 (0.46%) Istio
10 1 (0.23%) CSIRT
10 1 (0.23%) Grafana
10 1 (0.23%) Prometheus
10 1 (0.23%) QRadar
10 1 (0.23%) SCOM
Vendors
1 87 (19.95%) Microsoft
2 17 (3.90%) Cisco
2 17 (3.90%) VMware
3 13 (2.98%) Proofpoint
4 12 (2.75%) CrowdStrike
4 12 (2.75%) Juniper
4 12 (2.75%) Qualys
5 11 (2.52%) CheckPoint
5 11 (2.52%) Fortinet
6 10 (2.29%) CyberArk
6 10 (2.29%) Darktrace
6 10 (2.29%) F5
6 10 (2.29%) Google
6 10 (2.29%) Netskope
6 10 (2.29%) Okta
6 10 (2.29%) Palo Alto
6 10 (2.29%) Zscaler
7 8 (1.83%) McAfee
8 7 (1.61%) Citrix
8 7 (1.61%) SonicWALL