Application Security Contracts, Co-occurring Skills & Contractor Rates

Application Security (AppSec)
UK

The following table provides summary statistics for contract job vacancies with a requirement for Application Security skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited Application Security over the 6 months to 27 April 2024 with a comparison to the same period in the previous 2 years.

Location	6 months to 27 Apr 2024	Same period 2023	Same period 2022
Rank	351	280	353
Rank change year-on-year	-71	+73	+23
Contract jobs citing Application Security	258	569	675
As % of all contract jobs advertised in the UK	0.60%	0.95%	0.76%
As % of the Processes & Methodologies category	0.69%	1.06%	0.84%
Number of daily rates quoted	153	411	487
10^th Percentile	£490	£488	£441
25^th Percentile	£542	£540	£513
Median daily rate (50^th Percentile)	£600	£640	£600
Median % change year-on-year	-6.25%	+6.67%	+9.09%
75^th Percentile	£689	£750	£688
90^th Percentile	£775	£838	£800
UK excluding London median daily rate	£643	£600	£575
% change year-on-year	+7.08%	+4.35%	+8.90%
Number of hourly rates quoted	0	3	2
10^th Percentile	-	£46.25	£41.00
25^th Percentile	-	£63.13	£42.50
Median hourly rate	-	£95.00	£45.00
Median % change year-on-year	-	+111.11%	+46.34%
75^th Percentile	-	£100.63	£47.50
90^th Percentile	-	£102.50	£49.00
UK excluding London median hourly rate	-	£95.00	-

All Process and Methodology Skills
UK

Application Security is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for process or methodology skills.

Contract vacancies with a requirement for process or methodology skills	37,374	53,774	80,482
As % of all contract IT jobs advertised in the UK	86.31%	89.91%	90.60%
Number of daily rates quoted	24,095	37,304	56,474
10^th Percentile	£300	£325	£340
25^th Percentile	£413	£438	£425
Median daily rate (50^th Percentile)	£525	£550	£525
Median % change year-on-year	-4.55%	+4.76%	+8.25%
75^th Percentile	£638	£650	£638
90^th Percentile	£750	£750	£738
UK excluding London median daily rate	£500	£500	£475
% change year-on-year	-	+5.26%	+9.20%
Number of hourly rates quoted	2,422	1,763	1,928
10^th Percentile	£12.75	£11.00	£12.50
25^th Percentile	£16.00	£16.25	£15.25
Median hourly rate	£35.00	£37.34	£25.00
Median % change year-on-year	-6.27%	+49.36%	-
75^th Percentile	£59.44	£65.00	£49.25
90^th Percentile	£72.50	£75.00	£63.75
UK excluding London median hourly rate	£36.00	£36.00	£20.00
% change year-on-year	-	+80.00%	-8.17%

Application Security
Job Vacancy Trend

Job postings citing Application Security as a proportion of all IT jobs advertised.

Job vacancy trend for Application Security in the UK

Application Security
Contractor Daily Rate Trend

3-month moving average daily rate quoted in jobs citing Application Security.

Daily rate trend for Application Security in the UK

Application Security
Daily Rate Histogram

Daily rate distribution for jobs citing Application Security over the 6 months to 27 April 2024.

Daily rate histogram for Application Security in the UK

Application Security
Contractor Hourly Rate Trend

3-month moving average hourly rates quoted in jobs citing Application Security.

Hourly rate trend for Application Security in the UK

Application Security
Top 16 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Application Security within the UK over the 6 months to 27 April 2024. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Contract IT Job Ads	Median Daily Rate Past 6 Months	Median Daily Rate % Change on Same Period Last Year	Live Jobs
England	-42	213	£606	-10.22%	99
Work from Home	+29	129	£600	-8.81%	72
UK excluding London	+36	113	£643	+7.08%	47
London	-74	106	£600	-14.29%	44
South East	+59	66	£513	-26.79%	18
North of England	+15	23	£650	+4.00%	15
Yorkshire	+21	12	£615	+6.96%	7
Scotland	+34	9	£623	+24.50%
North West	+4	9	£676	+11.64%	6
Midlands	-13	8	£650	+13.04%	7
West Midlands	+1	7	£650	+11.11%	7
South West	+19	4	£600	-7.69%	4
Wales	+13	2	£666	+40.26%	1
North East	+13	2	£625	-26.23%	2
East of England	+12	2	£850	+21.43%	4
East Midlands	+16	1	£567	+8.00%

Application Security
Top 30 Co-occurring Skills and Capabilities

For the 6 months to 27 April 2024, contractor job vacancies citing Application Security also mentioned the following skills and capabilities in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all contract job ads with a requirement for Application Security.

1	103 (39.92%)	Cybersecurity
2	88 (34.11%)	Security Testing
3	77 (29.84%)	Cloud Security
4	75 (29.07%)	Penetration Testing
5	73 (28.29%)	OWASP
6	68 (26.36%)	CI/CD
7	64 (24.81%)	Security Cleared
7	64 (24.81%)	Mobile App
8	62 (24.03%)	Azure
9	59 (22.87%)	AWS
9	59 (22.87%)	SaaS
10	58 (22.48%)	DevOps
11	54 (20.93%)	Stakeholder Management
12	53 (20.54%)	PaaS
13	52 (20.16%)	IaaS

14	51 (19.77%)	OSCP
15	50 (19.38%)	GDPR
16	49 (18.99%)	GIAC
17	48 (18.60%)	CREST Certified
18	47 (18.22%)	GPEN
19	45 (17.44%)	Information Security
19	45 (17.44%)	NIST
20	44 (17.05%)	Windows
21	43 (16.67%)	SANS
21	43 (16.67%)	Deployment Automation
22	42 (16.28%)	Vulnerability Management
22	42 (16.28%)	PCI DSS
22	42 (16.28%)	Finance
23	41 (15.89%)	Identity Access Management
24	40 (15.50%)	Agile

Application Security
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
Applications
Business Applications
Cloud Services
Communications & Networking
Database & Business Intelligence
Development Applications
General
Job Titles
Libraries, Frameworks & Software Standards
Miscellaneous
Operating Systems
Processes & Methodologies
Programming Languages
Qualifications
Quality Assurance & Compliance
System Software
Systems Management
Vendors

Application Platforms
1	3 (1.16%)	Microsoft Exchange
2	2 (0.78%)	SharePoint
3	1 (0.39%)	Confluence
3	1 (0.39%)	IBM Notes
3	1 (0.39%)	nginx
3	1 (0.39%)	SAS

Applications
1	12 (4.65%)	Microsoft Office
2	5 (1.94%)	Microsoft Project

Business Applications
1	1 (0.39%)	Oracle EBS
1	1 (0.39%)	SAP S/4HANA

Cloud Services
1	62 (24.03%)	Azure
2	59 (22.87%)	AWS
2	59 (22.87%)	SaaS
3	53 (20.54%)	PaaS
4	52 (20.16%)	IaaS
5	34 (13.18%)	GCP
6	21 (8.14%)	Serverless
7	15 (5.81%)	AWS CloudFormation
8	10 (3.88%)	Entra ID
9	9 (3.49%)	GitHub
10	7 (2.71%)	Azure DevOps
10	7 (2.71%)	OpenShift
11	6 (2.33%)	Amazon EKS
11	6 (2.33%)	Azure API Management
11	6 (2.33%)	Azure Key Vault
11	6 (2.33%)	Azure Monitor
11	6 (2.33%)	Virtual Private Cloud
12	5 (1.94%)	Azure Data Factory
12	5 (1.94%)	Azure Functions
12	5 (1.94%)	Azure Logic Apps

Communications & Networking
1	39 (15.12%)	5G
1	39 (15.12%)	Broadband
2	34 (13.18%)	Firewall
3	26 (10.08%)	Network Security
4	10 (3.88%)	DNS
4	10 (3.88%)	Wireless
5	7 (2.71%)	HTTPS
6	6 (2.33%)	Intrusion Detection
6	6 (2.33%)	VPN
7	5 (1.94%)	DHCP
7	5 (1.94%)	SD-WAN
7	5 (1.94%)	WAN
8	4 (1.55%)	IPv4
9	3 (1.16%)	Cisco ISE
9	3 (1.16%)	NGFW
10	2 (0.78%)	HTTP
10	2 (0.78%)	Internet
10	2 (0.78%)	TCP/IP
11	1 (0.39%)	FTP
11	1 (0.39%)	Kerberos

Database & Business Intelligence
1	14 (5.43%)	SQL Server
2	8 (3.10%)	MySQL
3	5 (1.94%)	Azure SQL Database
4	4 (1.55%)	Metadata
4	4 (1.55%)	RDBMS
4	4 (1.55%)	Relational Database
5	3 (1.16%)	Amazon Athena
5	3 (1.16%)	Data Warehouse
5	3 (1.16%)	NoSQL
5	3 (1.16%)	SQL Server Integration Services
6	1 (0.39%)	Data Lake
6	1 (0.39%)	Data Vault
6	1 (0.39%)	DB2
6	1 (0.39%)	Oracle Reports
6	1 (0.39%)	SAP HANA

Development Applications
1	12 (4.65%)	Jenkins
2	11 (4.26%)	Git
3	9 (3.49%)	GitLab
3	9 (3.49%)	Sonatype Nexus
4	8 (3.10%)	Burp Suite
4	8 (3.10%)	Robot Framework
5	7 (2.71%)	JIRA
5	7 (2.71%)	Visual Studio
6	6 (2.33%)	Gradle
6	6 (2.33%)	Maven
7	4 (1.55%)	Browser DevTools
8	3 (1.16%)	SonarQube
9	2 (0.78%)	Appium
9	2 (0.78%)	AppScan
9	2 (0.78%)	git-flow
9	2 (0.78%)	Subversion
9	2 (0.78%)	XCTest
9	2 (0.78%)	XCUITest
10	1 (0.39%)	Postman
10	1 (0.39%)	rollup.js

General
1	42 (16.28%)	Finance
2	39 (15.12%)	Law
2	39 (15.12%)	Organisational Skills
2	39 (15.12%)	Social Skills
3	20 (7.75%)	Analytical Skills
4	17 (6.59%)	Banking
5	16 (6.20%)	Public Sector
6	15 (5.81%)	Documentation Skills
7	7 (2.71%)	Retail
8	5 (1.94%)	Legal
9	4 (1.55%)	Electronics
9	4 (1.55%)	Presentation Skills
10	3 (1.16%)	Financial Institution
10	3 (1.16%)	Telecoms
11	2 (0.78%)	Automotive
11	2 (0.78%)	Publishing
12	1 (0.39%)	Arabic Language
12	1 (0.39%)	Back Office
12	1 (0.39%)	Health Technology
12	1 (0.39%)	Retail Banking

Job Titles
1	69 (26.74%)	Architect
2	48 (18.60%)	Penetration Tester
2	48 (18.60%)	Tester
3	42 (16.28%)	Security Architect
4	41 (15.89%)	Security Specialist
5	39 (15.12%)	Security Penetration Tester
5	39 (15.12%)	Security Tester
5	39 (15.12%)	Testing Specialist
6	32 (12.40%)	Consultant
6	32 (12.40%)	Security Consultant
7	27 (10.47%)	Security Engineer
8	22 (8.53%)	Solutions Architect
9	21 (8.14%)	Senior
10	19 (7.36%)	Applications Engineer
11	12 (4.65%)	Analyst
11	12 (4.65%)	Cloud Architect
11	12 (4.65%)	Cloud Engineer
11	12 (4.65%)	Senior Architect
12	11 (4.26%)	Senior Security Architect
13	10 (3.88%)	Security Manager

Libraries, Frameworks & Software Standards
1	39 (15.12%)	Web Services
2	24 (9.30%)	SailPoint
3	11 (4.26%)	OAuth
4	8 (3.10%)	SAML
5	6 (2.33%)	CSS
5	6 (2.33%)	OpenID
6	5 (1.94%)	ARM Templates
6	5 (1.94%)	HTML
6	5 (1.94%)	OAuth2
6	5 (1.94%)	REST
7	4 (1.55%)	.NET
7	4 (1.55%)	FIX Protocol
7	4 (1.55%)	HTML5
7	4 (1.55%)	JSON
7	4 (1.55%)	RESTful
8	3 (1.16%)	Elastic Stack
8	3 (1.16%)	SOAP
8	3 (1.16%)	XML
9	2 (0.78%)	Play Framework
9	2 (0.78%)	React Native

Miscellaneous
1	64 (24.81%)	Mobile App
2	18 (6.98%)	Data Centre
3	15 (5.81%)	Cloud Native
3	15 (5.81%)	PKI
4	14 (5.43%)	IoT
5	13 (5.04%)	Security Posture
6	8 (3.10%)	Operational Technology
7	6 (2.33%)	Cyber Threat
7	6 (2.33%)	Management Information System
7	6 (2.33%)	Public Cloud
8	5 (1.94%)	Security Operations Centre
9	3 (1.16%)	Cyberattack
10	2 (0.78%)	Cyber Security Posture
10	2 (0.78%)	Data Protection Act
10	2 (0.78%)	Hedge funds
10	2 (0.78%)	Hybrid Cloud
10	2 (0.78%)	W3C
11	1 (0.39%)	Onboarding
11	1 (0.39%)	Product Ownership
11	1 (0.39%)	Team-Oriented Environment

Operating Systems
1	44 (17.05%)	Windows
2	30 (11.63%)	Linux
3	15 (5.81%)	Windows Server
4	14 (5.43%)	Unix
5	12 (4.65%)	Windows Server 2019
6	4 (1.55%)	CentOS
6	4 (1.55%)	Windows Server 2016
7	2 (0.78%)	Android
7	2 (0.78%)	Apple iOS
8	1 (0.39%)	Windows 10

Processes & Methodologies
1	103 (39.92%)	Cybersecurity
2	88 (34.11%)	Security Testing
3	77 (29.84%)	Cloud Security
4	75 (29.07%)	Penetration Testing
5	73 (28.29%)	OWASP
6	68 (26.36%)	CI/CD
7	58 (22.48%)	DevOps
8	54 (20.93%)	Stakeholder Management
9	45 (17.44%)	Information Security
10	43 (16.67%)	Deployment Automation
11	42 (16.28%)	Vulnerability Management
12	41 (15.89%)	Identity Access Management
13	40 (15.50%)	Agile
14	39 (15.12%)	DevSecOps
14	39 (15.12%)	MITRE ATT&CK
15	37 (14.34%)	Static Application Security Testing
16	34 (13.18%)	Security Architecture
17	33 (12.79%)	Infrastructure as Code
17	33 (12.79%)	SDLC
18	30 (11.63%)	Containerisation

Programming Languages
1	36 (13.95%)	Python
2	26 (10.08%)	PowerShell
3	14 (5.43%)	JavaScript
4	13 (5.04%)	C++
4	13 (5.04%)	Shell Script
5	12 (4.65%)	Bash
5	12 (4.65%)	SQL
6	8 (3.10%)	Ruby
7	7 (2.71%)	C#
8	6 (2.33%)	Groovy
8	6 (2.33%)	Java
8	6 (2.33%)	PHP
9	4 (1.55%)	C
9	4 (1.55%)	Go
9	4 (1.55%)	T-SQL
9	4 (1.55%)	VBScript
10	3 (1.16%)	Perl
11	2 (0.78%)	Scala
11	2 (0.78%)	Swift
12	1 (0.39%)	PL/SQL

Qualifications
1	64 (24.81%)	Security Cleared
2	51 (19.77%)	OSCP
3	49 (18.99%)	GIAC
4	48 (18.60%)	CREST Certified
5	47 (18.22%)	GPEN
6	43 (16.67%)	SANS
7	22 (8.53%)	CISSP
8	17 (6.59%)	SC Cleared
9	16 (6.20%)	CISM
9	16 (6.20%)	Degree
10	11 (4.26%)	CEH
11	8 (3.10%)	AWS Certification
11	8 (3.10%)	ISACA
12	7 (2.71%)	CISA
12	7 (2.71%)	Master's Degree
12	7 (2.71%)	MBA
13	5 (1.94%)	DV Cleared
14	3 (1.16%)	Azure Certification
14	3 (1.16%)	Cisco Certification
14	3 (1.16%)	CRISC

Quality Assurance & Compliance
1	50 (19.38%)	GDPR
2	45 (17.44%)	NIST
3	42 (16.28%)	PCI DSS
4	40 (15.50%)	NCSC
5	11 (4.26%)	COBIT
6	10 (3.88%)	ISO/IEC 27001
7	8 (3.10%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
8	7 (2.71%)	QA
8	7 (2.71%)	RMADS
9	4 (1.55%)	Accessibility
10	2 (0.78%)	Automotive SPICE
10	2 (0.78%)	AUTOSAR
11	1 (0.39%)	GLBA
11	1 (0.39%)	GRC
11	1 (0.39%)	HIPAA
11	1 (0.39%)	HMG Security Policy Framework
11	1 (0.39%)	ISAE 3402
11	1 (0.39%)	ISO 31000
11	1 (0.39%)	Sarbanes-Oxley
11	1 (0.39%)	WCAG

System Software
1	26 (10.08%)	Active Directory
2	17 (6.59%)	Docker
3	8 (3.10%)	VMware Infrastructure
4	2 (0.78%)	Virtual Desktop
5	1 (0.39%)	IAG
5	1 (0.39%)	Virtual Machines

Systems Management
1	37 (14.34%)	Terraform
2	23 (8.91%)	Ansible
3	16 (6.20%)	Kubernetes
4	4 (1.55%)	Nessus
5	3 (1.16%)	Grafana
5	3 (1.16%)	Graylog
5	3 (1.16%)	Nagios
5	3 (1.16%)	Prometheus
5	3 (1.16%)	Puppet
5	3 (1.16%)	Single Sign-On
6	2 (0.78%)	HP Fortify
6	2 (0.78%)	Progress Chef
6	2 (0.78%)	SCCM
6	2 (0.78%)	WebInspect
7	1 (0.39%)	Computer Emergency Response Teams
7	1 (0.39%)	CSIRT
7	1 (0.39%)	McAfee ePO
7	1 (0.39%)	Thomson Reuters DACS
7	1 (0.39%)	Trend Micro Deep Security
7	1 (0.39%)	WMI

Vendors
1	39 (15.12%)	Virgin Media
2	27 (10.47%)	Microsoft
3	23 (8.91%)	CyberArk
4	22 (8.53%)	BeyondTrust
4	22 (8.53%)	ServiceNow
5	9 (3.49%)	Splunk
5	9 (3.49%)	VMware
6	6 (2.33%)	Checkmarx
6	6 (2.33%)	Cisco
6	6 (2.33%)	Veracode
7	5 (1.94%)	Red Hat
8	4 (1.55%)	F5
9	3 (1.16%)	CheckPoint
9	3 (1.16%)	Oracle
9	3 (1.16%)	Qualys
9	3 (1.16%)	SAP
9	3 (1.16%)	Tufin
9	3 (1.16%)	Zscaler
10	2 (0.78%)	CrowdStrike
10	2 (0.78%)	Okta

Application Security (AppSec)UK

All Process and Methodology SkillsUK

Application SecurityJob Vacancy Trend

Application SecurityContractor Daily Rate Trend

Application SecurityDaily Rate Histogram

Application SecurityContractor Hourly Rate Trend

Application SecurityTop 16 Contract Locations

Application SecurityTop 30 Co-occurring Skills and Capabilities

Application SecurityCo-occurring Skills and Capabilities by Category