The table below looks at the statistics for OWASP skills in IT contracts advertised across the UK. Included is a guide to the contractor rates offered in IT contracts that have cited OWASP over the 3 months to 10 December 2016 with a comparison to the same period over the previous 2 years.

Note that daily contractor rates and hourly contractor rates are treated separately. When calculating average contractor rates, daily rates are not derived from quoted hourly rates or vice versa.

3 months to
10 Dec 2016
Same period 2015 Same period 2014
Open Web Application Security Project (OWASP)
Rank 450 580 599
Rank change year-on-year
+130 +19
Contract jobs citing OWASP 164 69 49
As % of all contract IT jobs located in the UK 0.33% 0.13% 0.087%
As % of the Processes & Methodologies category 0.40% 0.15% 0.11%
Number of daily rates quoted 100 46 31
Median daily rate £475 £430 £450
Median daily rate % change year-on-year
+10.46% -4.44%
90% offered a daily rate of more than £365 £301 £348
10% offered a daily rate of more than £600 £550 £500
UK excluding London median daily rate £475 £438 £450
% change year-on-year
+8.57% -2.77%
Number of hourly rates quoted 0 0 0
Median hourly rate - - -
UK excluding London median hourly rate - - -

The following table is for comparison with the above and provides statistics for the entire Processes & Methodologies category in contract jobs advertised across the UK.

Processes & Methodologies Category
UK
Contract IT job ads with a match in the
Processes & Methodologies category
40909 44671 43502
As % of all contract IT jobs located in the UK 82.54% 81.22% 77.13%
Number of daily rates quoted 27247 28978 28332
Median daily rate £450 £425 £420
Median daily rate % change year-on-year
+5.88% +1.19%
90% offered a daily rate of more than £300 £297 £275
10% offered a daily rate of more than £600 £600 £600
UK excluding London median daily rate £413 £400 £385
% change year-on-year
+3.12% +3.89%
Number of hourly rates quoted 1079 1330 1204
Median hourly rate £29.25 £30.15 £25.00
Median hourly rate % change year-on-year
-2.98% +20.60%
90% offered a hourly rate of more than £12.50 £12.35 £11.75
10% offered a hourly rate of more than £50.00 £50.00 £48.10
UK excluding London median hourly rate £30.00 £34.00 £25.00
% change year-on-year
-11.76% +36.00%

OWASP
Jobs Demand Trend

The demand trend of contract jobs citing OWASP as a proportion of all IT contracts with a match in the Processes & Methodologies category.

OWASP Jobs Demand Trend in the UK

OWASP
Daily Rate Trend

This chart provides the 3-month moving average for daily rates quoted in IT contract jobs citing OWASP within the UK.

OWASP Daily Rate Trend in the UK

OWASP
Daily Rate Histogram

This chart provides a histogram of daily rates quoted in contract IT jobs citing OWASP within the UK over the 3 months to 10 December 2016.

OWASP Daily Rate Histogram in the UK

OWASP
Hourly Rate Trend

This chart provides the 3-month moving average for hourly rates quoted in IT contractor jobs citing OWASP within the UK.

OWASP Hourly Rate Trend in the UK

OWASP
Top 30 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing OWASP within the UK over the 3 months to 10 December 2016. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 3 month period last year.

Location
(Click see detailed
statistics and trends)
Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Last 3 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +82 129 £475 +12.42% 21
South East +31 37 £430 -8.26% 3
London +19 37 £525 +61.53% 10
Wales - 30 £500 -
South Wales - 26 £500 -
Newport - 18 £500 -
Hampshire - 15 £400 - 1
South West +15 13 £455 -13.33% 1
North East - 11 £425 -
Newcastle upon Tyne - 11 £425 -
Tyne and Wear - 11 £425 -
West Sussex +9 10 £463 +12.12% 1
Buckinghamshire +26 9 £525 -0.94%
Welwyn Garden City - 9 £700 -
East Midlands - 9 £275 - 1
East of England - 9 £700 - 2
Hertfordshire - 9 £700 -
Yorkshire +26 7 - -
Milton Keynes +17 7 £525 -0.94%
City of London -10 6 £500 +15.94% 1
West Yorkshire +22 5 - -
Leeds +20 5 - -
Winchester - 5 £375 -
Buxton - 5 £275 -
Derbyshire - 5 £275 -
Bristol - 5 £600 - 1
Wiltshire - 4 £450 -
Northamptonshire - 4 £550 -
Worthing - 4 £525 -
Salisbury - 4 £450 -

OWASP
Top 30 Related IT Skills

For the 6 months to 10 December 2016, IT contractor jobs citing OWASP also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all contract ads with a requirement for OWASP.

1 168 (46.41%) Agile Software Development
2 133 (36.74%) Java
3 129 (35.64%) Penetration Testing
4 113 (31.22%) Continuous Integration
5 106 (29.28%) Secure Coding
6 104 (28.73%) Scrum
7 101 (27.90%) Linux
8 89 (24.59%) Python
9 85 (23.48%) CSS
10 84 (23.20%) Open Source
11 83 (22.93%) HTML
12 82 (22.65%) C#
12 82 (22.65%) Amazon AWS
13 81 (22.38%) Jenkins
14 80 (22.10%) CISSP
15 78 (21.55%) Web Services
16 73 (20.17%) Ruby
16 73 (20.17%) Web Development
17 72 (19.89%) Automated Testing
18 66 (18.23%) JSON
18 66 (18.23%) Security Testing
19 65 (17.96%) REST
20 61 (16.85%) .NET
21 56 (15.47%) HTTP
22 55 (15.19%) SQL
22 55 (15.19%) MVC
22 55 (15.19%) Ajax
22 55 (15.19%) Spring
22 55 (15.19%) Relational Database
22 55 (15.19%) HTML5

OWASP
Top Related IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 38 (10.50%) IIS
2 33 (9.12%) Confluence
3 32 (8.84%) nginx
4 23 (6.35%) WebLogic
5 20 (5.52%) CMS
6 15 (4.14%) Apache
6 15 (4.14%) JBoss
6 15 (4.14%) Sitecore CMS
6 15 (4.14%) Tomcat
7 10 (2.76%) MS Exchange
8 6 (1.66%) Elasticsearch
9 5 (1.38%) Mule ESB
10 4 (1.10%) Drupal
10 4 (1.10%) OpenStack
11 3 (0.83%) WildFly
12 2 (0.55%) SharePoint
13 1 (0.28%) ATG Dynamo
13 1 (0.28%) Oracle HTTP Server
13 1 (0.28%) SAS
13 1 (0.28%) WordPress
Applications
1 11 (3.04%) MS Excel
2 3 (0.83%) MS Office
3 1 (0.28%) MS Visio
Business Applications
1 7 (1.93%) SAP Oil and Gas
2 1 (0.28%) Dynamics CRM
2 1 (0.28%) Dynamics NAV
Cloud Services
1 82 (22.65%) Amazon AWS
2 17 (4.70%) Microsoft Azure
3 13 (3.59%) PaaS
4 9 (2.49%) GitHub
5 7 (1.93%) Boomi
5 7 (1.93%) IaaS
6 6 (1.66%) Google Cloud Platform
7 5 (1.38%) Amazon EC2
7 5 (1.38%) SaaS
8 2 (0.55%) Azure Active Directory
9 1 (0.28%) Force.com
9 1 (0.28%) Heroku
9 1 (0.28%) Office 365
Communications & Networking
1 56 (15.47%) HTTP
2 30 (8.29%) Firewall
3 25 (6.91%) Internet
4 13 (3.59%) SSL
5 12 (3.31%) Network Security
5 12 (3.31%) SSH
6 11 (3.04%) FTP
6 11 (3.04%) IPsec
6 11 (3.04%) SMTP
6 11 (3.04%) VPN
7 10 (2.76%) Reverse Proxy
8 7 (1.93%) Kerberos
8 7 (1.93%) LDAP
8 7 (1.93%) Wireless
8 7 (1.93%) Wireshark
9 6 (1.66%) DMZ
10 2 (0.55%) TCP/IP
11 1 (0.28%) F5 BIG-IP GTM
11 1 (0.28%) F5 BIG-IP LTM
11 1 (0.28%) NetScaler
Database & Business Intelligence
1 55 (15.19%) Relational Database
2 54 (14.92%) SQL Server
3 43 (11.88%) PostgreSQL
4 41 (11.33%) MongoDB
5 24 (6.63%) MySQL
6 19 (5.25%) SQL Server 2008
7 16 (4.42%) NoSQL
8 14 (3.87%) SQL Server 2012
9 9 (2.49%) Redis
10 7 (1.93%) MS Access
10 7 (1.93%) SQL Server Integration Services
11 5 (1.38%) Oracle Database
12 4 (1.10%) Apache Cassandra
13 2 (0.55%) Azure SQL Database
14 1 (0.28%) CouchDB
14 1 (0.28%) QlikView
14 1 (0.28%) Riak
Development Applications
1 81 (22.38%) Jenkins
2 51 (14.09%) Git (software)
3 42 (11.60%) Subversion
4 38 (10.50%) JIRA
5 36 (9.94%) Team Foundation Server
6 34 (9.39%) JUnit
7 23 (6.35%) Travis CI
8 20 (5.52%) CircleCI
9 19 (5.25%) Burp Suite
10 18 (4.97%) JMeter
11 15 (4.14%) Selenium
12 11 (3.04%) SonarQube
13 10 (2.76%) Artifactory
13 10 (2.76%) Gerrit
14 9 (2.49%) Cucumber
14 9 (2.49%) Sonatype Nexus
15 8 (2.21%) Metasploit
16 7 (1.93%) Mercurial
17 6 (1.66%) Protractor
17 6 (1.66%) Visual Studio
General
1 52 (14.36%) Finance
2 10 (2.76%) Marketing
3 9 (2.49%) Publishing
4 8 (2.21%) Manufacturing
5 7 (1.93%) Electronics
5 7 (1.93%) Telecoms
6 6 (1.66%) Banking
7 5 (1.38%) Retail
8 3 (0.83%) Back Office
9 1 (0.28%) German Language
9 1 (0.28%) Italian Language
9 1 (0.28%) Welsh Language
Job Titles
1 145 (40.06%) Developer
2 49 (13.54%) Java Developer
3 44 (12.15%) Security Engineer
4 42 (11.60%) Consultant
5 40 (11.05%) .NET Developer
6 36 (9.94%) Security Consultant
7 34 (9.39%) Architect
8 30 (8.29%) Tester
9 21 (5.80%) Penetration Tester
10 20 (5.52%) Security Architect
11 16 (4.42%) Analyst
12 15 (4.14%) Front End Developer (Client-Side Developer)
13 13 (3.59%) Sitecore Developer
14 12 (3.31%) Applications Consultant
15 11 (3.04%) Access Developer
15 11 (3.04%) CMS Developer
15 11 (3.04%) Governance Consultant
15 11 (3.04%) Risk Consultant
15 11 (3.04%) Web Developer
16 10 (2.76%) Information Security Consultant
Libraries, Frameworks & Software Standards
1 85 (23.48%) CSS
2 83 (22.93%) HTML
3 78 (21.55%) Web Services
4 66 (18.23%) JSON
5 65 (17.96%) REST
6 61 (16.85%) .NET
7 55 (15.19%) Ajax
7 55 (15.19%) HTML5
7 55 (15.19%) Spring
8 46 (12.71%) XML
9 42 (11.60%) ASP.NET
10 41 (11.33%) RESTful
11 39 (10.77%) LINQ
12 37 (10.22%) Django
13 36 (9.94%) CSS3
14 34 (9.39%) LINQ to SQL
14 34 (9.39%) Play Framework
14 34 (9.39%) Ruby on Rails
15 33 (9.12%) ASP.NET Web Forms
15 33 (9.12%) WCF
Miscellaneous
1 33 (9.12%) N-Tier
2 27 (7.46%) User Experience
3 21 (5.80%) Cryptography
4 18 (4.97%) Data Centre
5 17 (4.70%) Algorithms
6 12 (3.31%) Client/Server
7 11 (3.04%) CESG
8 10 (2.76%) Management Information System
9 8 (2.21%) PKI
10 4 (1.10%) Analytical Skills
10 4 (1.10%) Enterprise Software
11 3 (0.83%) Computer Science
11 3 (0.83%) Cyberthreat
12 2 (0.55%) Cyber Attack
12 2 (0.55%) Fintech
12 2 (0.55%) Mobile App
12 2 (0.55%) W3C
12 2 (0.55%) Wiki
13 1 (0.28%) Data Protection Act
13 1 (0.28%) Thin Client
Operating Systems
1 101 (27.90%) Linux
2 40 (11.05%) Windows
3 21 (5.80%) Unix
4 10 (2.76%) Windows Vista
5 8 (2.21%) CentOS
5 8 (2.21%) Red Hat Enterprise Linux
6 6 (1.66%) Ubuntu
6 6 (1.66%) Windows Server
7 4 (1.10%) Android
8 3 (0.83%) Kali Linux
8 3 (0.83%) Mac OS
9 1 (0.28%) AIX
9 1 (0.28%) Mac OS X
9 1 (0.28%) Solaris
Processes & Methodologies
1 168 (46.41%) Agile Software Development
2 129 (35.64%) Penetration Testing
3 113 (31.22%) Continuous Integration
4 106 (29.28%) Secure Coding
5 104 (28.73%) Scrum
6 84 (23.20%) Open Source
7 73 (20.17%) Web Development
8 72 (19.89%) Automated Testing
9 66 (18.23%) Security Testing
10 55 (15.19%) MVC
11 50 (13.81%) Information Security
12 49 (13.54%) Kanban
12 49 (13.54%) TDD
13 48 (13.26%) Fuzz Testing
14 46 (12.71%) BDD
15 44 (12.15%) Ethical Hacking
16 41 (11.33%) Continuous Delivery
16 41 (11.33%) Security Architecture
17 38 (10.50%) Social Engineering
18 37 (10.22%) Static Program Analysis
Programming Languages
1 133 (36.74%) Java
2 89 (24.59%) Python
3 82 (22.65%) C#
4 73 (20.17%) Ruby
5 55 (15.19%) SQL
6 52 (14.36%) JavaScript
7 41 (11.33%) Scala
8 35 (9.67%) PHP
9 33 (9.12%) VB.NET
10 12 (3.31%) Bash Shell
10 12 (3.31%) Perl
11 7 (1.93%) VBA
12 6 (1.66%) Go
12 6 (1.66%) PowerShell
13 3 (0.83%) C
14 2 (0.55%) C++
14 2 (0.55%) Groovy
14 2 (0.55%) T-SQL
15 1 (0.28%) Apex Code
15 1 (0.28%) PL/SQL
Qualifications
1 80 (22.10%) CISSP
2 36 (9.94%) CEH
3 34 (9.39%) CREST Certified
4 33 (9.12%) Security Cleared
5 24 (6.63%) CHECK Team Member
6 21 (5.80%) CISM
7 18 (4.97%) CISA
7 18 (4.97%) SANS
7 18 (4.97%) SC Cleared
8 15 (4.14%) Degree
8 15 (4.14%) GIAC
9 14 (3.87%) CompTIA Security+
9 14 (3.87%) Security+ Certification
10 12 (3.31%) CESG Certified Professional
11 10 (2.76%) BPSS Clearance
12 6 (1.66%) CLAS
13 5 (1.38%) ISSAP
14 4 (1.10%) Cisco Certification
15 3 (0.83%) CCNA
15 3 (0.83%) CISMP
Quality Assurance & Compliance
1 25 (6.91%) ISO/IEC 27001
2 16 (4.42%) COBIT
2 16 (4.42%) PCI DSS
3 15 (4.14%) Disclosure Scotland
4 12 (3.31%) QA
5 7 (1.93%) RMADS
5 7 (1.93%) WAI
5 7 (1.93%) WCAG
6 3 (0.83%) SDET
7 1 (0.28%) Government Security Classifications
7 1 (0.28%) HIPAA
7 1 (0.28%) HMG Security Policy Framework
7 1 (0.28%) ISO 9000
7 1 (0.28%) Sarbanes-Oxley
System Software
1 26 (7.18%) Active Directory
2 12 (3.31%) Docker
3 11 (3.04%) Sendmail
4 10 (2.76%) Virtual Machines
5 8 (2.21%) vCloud
6 6 (1.66%) VMware Infrastructure
7 3 (0.83%) LXC
8 1 (0.28%) KVM
8 1 (0.28%) OpenSSH
8 1 (0.28%) Virtual Servers
Systems Management
1 13 (3.59%) Ansible
1 13 (3.59%) HP Fortify
2 10 (2.76%) logstash
2 10 (2.76%) Nmap
3 8 (2.21%) CA Single Sign-On
3 8 (2.21%) HAProxy
3 8 (2.21%) Kibana
4 7 (1.93%) Opscode Chef
4 7 (1.93%) Puppet
4 7 (1.93%) Rundeck
4 7 (1.93%) Salt
4 7 (1.93%) ZABBIX
5 6 (1.66%) OpenAM
5 6 (1.66%) OpenIDM
6 2 (0.55%) CFEngine
6 2 (0.55%) Nessus
6 2 (0.55%) WebInspect
7 1 (0.28%) Core Impact
7 1 (0.28%) McAfee ePO
7 1 (0.28%) Nagios
Vendors
1 39 (10.77%) Google
2 37 (10.22%) Microsoft
3 24 (6.63%) Oracle
4 15 (4.14%) Sitecore
5 14 (3.87%) VMware
6 13 (3.59%) Red Hat
7 12 (3.31%) Citrix
7 12 (3.31%) HP
8 9 (2.49%) Black Duck
8 9 (2.49%) Sonatype
8 9 (2.49%) Veracode
9 8 (2.21%) CA
9 8 (2.21%) SAP
10 7 (1.93%) Dell
10 7 (1.93%) ForgeRock
11 5 (1.38%) Mercator
12 4 (1.10%) Splunk
13 2 (0.55%) Acunetix
13 2 (0.55%) Qualys
14 1 (0.28%) Pega