OWASP Contracts

Open Web Application Security Project (OWASP)
UK

The following table provides summary statistics for contract job vacancies with a requirement for OWASP skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited OWASP over the 6 months to 13 May 2024 with a comparison to the same period in the previous 2 years.

6 months to
13 May 2024		 Same period 2023 Same period 2022
Rank 495 555 532
Rank change year-on-year +60 -23 -78
Contract jobs citing OWASP 88 141 329
As % of all contract jobs advertised in the UK 0.21% 0.24% 0.37%
As % of the Processes & Methodologies category 0.24% 0.27% 0.41%
Number of daily rates quoted 52 85 206
10th Percentile £463 £435 £434
25th Percentile £518 £500 £513
Median daily rate (50th Percentile) £585 £575 £575
Median % change year-on-year +1.65% - +15.00%
75th Percentile £647 £688 £650
90th Percentile £700 £750 £750
UK excluding London median daily rate £575 £550 £550
% change year-on-year +4.55% - +6.85%
Number of hourly rates quoted 0 2 2
10th Percentile - - £46.00
25th Percentile - - £55.00
Median hourly rate - £70.00 £70.00
75th Percentile - - £85.00
90th Percentile - - £94.00
UK excluding London median hourly rate - £70.00 -

All Process and Methodology Skills
UK

OWASP is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for process or methodology skills.

Contract vacancies with a requirement for process or methodology skills 36,868 52,242 79,883
As % of all contract IT jobs advertised in the UK 86.23% 89.82% 90.61%
Number of daily rates quoted 23,721 36,208 56,080
10th Percentile £300 £325 £343
25th Percentile £413 £438 £428
Median daily rate (50th Percentile) £525 £550 £530
Median % change year-on-year -4.55% +3.77% +8.16%
75th Percentile £638 £650 £638
90th Percentile £750 £750 £738
UK excluding London median daily rate £500 £500 £475
% change year-on-year - +5.26% +8.57%
Number of hourly rates quoted 2,429 1,718 1,919
10th Percentile £12.75 £11.00 £12.50
25th Percentile £16.00 £16.22 £15.52
Median hourly rate £36.50 £36.00 £25.68
Median % change year-on-year +1.39% +40.19% +4.82%
75th Percentile £60.00 £65.00 £49.50
90th Percentile £72.50 £75.00 £65.00
UK excluding London median hourly rate £38.12 £35.00 £20.00
% change year-on-year +8.91% +75.00% -6.98%

OWASP
Job Vacancy Trend

Job postings citing OWASP as a proportion of all IT jobs advertised.

Job vacancy trend for OWASP in the UK

OWASP
Contractor Daily Rate Trend

3-month moving average daily rate quoted in jobs citing OWASP.

Daily rate trend for OWASP in the UK

OWASP
Daily Rate Histogram

Daily rate distribution for jobs citing OWASP over the 6 months to 13 May 2024.

Daily rate histogram for OWASP in the UK

OWASP
Contractor Hourly Rate Trend

3-month moving average hourly rates quoted in jobs citing OWASP.

Hourly rate trend for OWASP in the UK

OWASP
Top 13 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing OWASP within the UK over the 6 months to 13 May 2024. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Contract
IT Job Ads		 Median
Daily Rate
Past 6 Months		 Median Daily Rate
% Change
on Same Period
Last Year		 Live
Jobs
England +60 71 £575 +4.55% 61
UK excluding London +43 42 £575 +4.55% 35
London +83 37 £625 +4.17% 24
Work from Home +71 33 £550 -4.35% 40
North of England +9 17 £569 +3.41% 7
South East +22 14 £550 +10.00% 16
Yorkshire +11 11 £565 +7.62% 1
Scotland +52 7 £623 -4.23%
North West +22 6 £575 -4.17% 5
Wales +22 2 £666 +2.50% 2
South West +13 1 - - 5
Midlands +13 1 - - 2
West Midlands +6 1 - - 1

OWASP
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 4 (4.55%) Confluence
2 2 (2.27%) Jupyter
2 2 (2.27%) nginx
3 1 (1.14%) Apache
3 1 (1.14%) JBoss
3 1 (1.14%) Microsoft Exchange
3 1 (1.14%) SAS
3 1 (1.14%) Tomcat
3 1 (1.14%) WildFly
Cloud Services
1 36 (40.91%) Azure
2 31 (35.23%) AWS
3 17 (19.32%) GitHub
4 12 (13.64%) Azure DevOps
5 8 (9.09%) GCP
5 8 (9.09%) Serverless
6 7 (7.95%) Akamai
6 7 (7.95%) Azure Functions
6 7 (7.95%) GitHub Actions
6 7 (7.95%) Power Platform
7 6 (6.82%) Amazon EKS
7 6 (6.82%) Azure API Management
7 6 (6.82%) Azure Batch
7 6 (6.82%) Azure Key Vault
7 6 (6.82%) Azure Logic Apps
7 6 (6.82%) Azure Service Bus
7 6 (6.82%) Azure Storage
7 6 (6.82%) OpenShift
7 6 (6.82%) Power Automate
7 6 (6.82%) PowerApps
Communications & Networking
1 21 (23.86%) Firewall
2 13 (14.77%) Network Security
3 7 (7.95%) DNS
4 6 (6.82%) HTTP
5 5 (5.68%) Internet
6 4 (4.55%) Wireless
7 3 (3.41%) SSL
7 3 (3.41%) VPN
7 3 (3.41%) Wireshark
8 1 (1.14%) DHCP
8 1 (1.14%) Intrusion Detection
8 1 (1.14%) TCP/IP
8 1 (1.14%) VLAN
Database & Business Intelligence
1 14 (15.91%) SQL Server
2 8 (9.09%) Big Data
2 8 (9.09%) MySQL
2 8 (9.09%) Relational Database
3 7 (7.95%) Data Lake
4 6 (6.82%) Azure SQL Database
4 6 (6.82%) Data Warehouse
4 6 (6.82%) OLTP
5 3 (3.41%) RDBMS
6 2 (2.27%) Amazon Athena
6 2 (2.27%) NoSQL
7 1 (1.14%) Azure SQL Data Warehouse
7 1 (1.14%) CouchDB
7 1 (1.14%) Elasticsearch
7 1 (1.14%) Hazelcast
7 1 (1.14%) MongoDB
7 1 (1.14%) Oracle Database
7 1 (1.14%) Oracle Database 11g
7 1 (1.14%) PostgreSQL
7 1 (1.14%) Redis
Development Applications
1 19 (21.59%) Git
2 16 (18.18%) Jenkins
3 12 (13.64%) Burp Suite
4 10 (11.36%) GitLab
5 8 (9.09%) Maven
6 7 (7.95%) Gradle
6 7 (7.95%) SonarQube
7 6 (6.82%) AppScan
7 6 (6.82%) JIRA
7 6 (6.82%) Postman
7 6 (6.82%) Visual Studio Team System
8 3 (3.41%) CircleCI
8 3 (3.41%) Subversion
9 2 (2.27%) Cypress.io
9 2 (2.27%) RStudio
10 1 (1.14%) JUnit
10 1 (1.14%) Mercurial
10 1 (1.14%) Mockito
10 1 (1.14%) Selenium
10 1 (1.14%) SoapUI
General
1 8 (9.09%) Analytical Skills
1 8 (9.09%) Public Sector
2 7 (7.95%) Retail
2 7 (7.95%) Social Skills
3 6 (6.82%) Telecoms
4 5 (5.68%) Banking
4 5 (5.68%) Finance
5 2 (2.27%) Manufacturing
5 2 (2.27%) Multimedia
6 1 (1.14%) Automotive
6 1 (1.14%) Influencing Skills
Job Titles
1 25 (28.41%) Consultant
2 17 (19.32%) Security Consultant
3 11 (12.50%) Cybersecurity Consultant
4 9 (10.23%) Architect
4 9 (10.23%) Security Architect
4 9 (10.23%) Security Engineer
5 8 (9.09%) Developer
5 8 (9.09%) Senior
6 7 (7.95%) DevOps Engineer
6 7 (7.95%) Site Reliability Engineer
7 6 (6.82%) Site Engineer
8 5 (5.68%) Cybersecurity Architect
8 5 (5.68%) Lead
8 5 (5.68%) Site Manager
8 5 (5.68%) Site Reliability Manager
8 5 (5.68%) Software Engineer
9 3 (3.41%) AWS Engineer
9 3 (3.41%) Java Engineer
9 3 (3.41%) Java Software Engineer
9 3 (3.41%) Tester
Libraries, Frameworks & Software Standards
1 8 (9.09%) .NET
1 8 (9.09%) Elastic Stack
2 7 (7.95%) AngularJS
2 7 (7.95%) XML
3 6 (6.82%) ARM Templates
3 6 (6.82%) JSON
3 6 (6.82%) Web Services
4 4 (4.55%) Kafka
5 3 (3.41%) gRPC
5 3 (3.41%) WebSockets
6 2 (2.27%) REST
6 2 (2.27%) Spring
6 2 (2.27%) Symfony
7 1 (1.14%) .NET Framework
7 1 (1.14%) Java EE
7 1 (1.14%) JPA
7 1 (1.14%) OAuth
7 1 (1.14%) RabbitMQ
7 1 (1.14%) RESTful
7 1 (1.14%) XSLT
Miscellaneous
1 9 (10.23%) Data Centre
1 9 (10.23%) IoT
2 8 (9.09%) Mobile App
3 7 (7.95%) Distributed Denial-of-Service
3 7 (7.95%) Public Cloud
3 7 (7.95%) Security Posture
4 5 (5.68%) Cloud Native
5 4 (4.55%) Management Information System
5 4 (4.55%) Onboarding
6 3 (3.41%) Cyber Threat
7 2 (2.27%) Algorithms
7 2 (2.27%) Cyberattack
7 2 (2.27%) PKI
8 1 (1.14%) CBDC
8 1 (1.14%) Credit Risk
8 1 (1.14%) Data Protection Act
8 1 (1.14%) Digital Currency
8 1 (1.14%) Distributed Systems
8 1 (1.14%) Product Ownership
8 1 (1.14%) Team-Oriented Environment
Operating Systems
1 28 (31.82%) Linux
2 15 (17.05%) Windows
3 10 (11.36%) Unix
4 3 (3.41%) Windows Server
5 1 (1.14%) AIX
Processes & Methodologies
1 43 (48.86%) DevOps
2 35 (39.77%) Cybersecurity
3 29 (32.95%) Application Security
4 27 (30.68%) Agile
5 23 (26.14%) Information Security
6 20 (22.73%) CI/CD
7 18 (20.45%) Test Automation
8 17 (19.32%) DevSecOps
9 16 (18.18%) Security Testing
10 15 (17.05%) Penetration Testing
10 15 (17.05%) Problem-Solving
10 15 (17.05%) Vulnerability Management
11 14 (15.91%) Continuous Integration
12 12 (13.64%) Deployment Automation
12 12 (13.64%) Infrastructure as Code
12 12 (13.64%) Microservices
12 12 (13.64%) Site Reliability Engineering
13 11 (12.50%) Secure Coding
13 11 (12.50%) Software Engineering
14 10 (11.36%) Stakeholder Management
Programming Languages
1 28 (31.82%) Python
2 17 (19.32%) Bash
2 17 (19.32%) PowerShell
3 15 (17.05%) C#
3 15 (17.05%) Java
4 9 (10.23%) Ruby
5 8 (9.09%) Shell Script
6 6 (6.82%) Go
6 6 (6.82%) Groovy
6 6 (6.82%) JavaScript
7 5 (5.68%) SQL
8 3 (3.41%) C
8 3 (3.41%) C++
8 3 (3.41%) PHP
9 2 (2.27%) Perl
9 2 (2.27%) R
10 1 (1.14%) Rust
Qualifications
1 8 (9.09%) CREST Certified
2 7 (7.95%) ISACA
2 7 (7.95%) Security Cleared
3 6 (6.82%) OSCP
3 6 (6.82%) SC Cleared
4 5 (5.68%) CISSP
4 5 (5.68%) Degree
5 4 (4.55%) CHECK Team Leader
5 4 (4.55%) GIAC
5 4 (4.55%) SANS
6 3 (3.41%) CEH
6 3 (3.41%) Cisco Certification
6 3 (3.41%) CISM
6 3 (3.41%) CSSLP
7 2 (2.27%) CCNP
7 2 (2.27%) Computer Science Degree
7 2 (2.27%) Master's Degree
8 1 (1.14%) Azure Certification
8 1 (1.14%) CCNA
8 1 (1.14%) ISEB
Quality Assurance & Compliance
1 33 (37.50%) NIST
2 16 (18.18%) ISO/IEC 27001
3 11 (12.50%) COBIT
4 10 (11.36%) GDPR
5 9 (10.23%) PCI DSS
6 8 (9.09%) QA
7 4 (4.55%) NCSC
8 3 (3.41%) GRC
9 2 (2.27%) ISO 22301
10 1 (1.14%) Accessibility
10 1 (1.14%) Actionable Recommendations
10 1 (1.14%) Cyber Essentials
10 1 (1.14%) Cyber Essentials PLUS
10 1 (1.14%) Disclosure Scotland
10 1 (1.14%) HIPAA
10 1 (1.14%) ISO 20022
10 1 (1.14%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
System Software
1 19 (21.59%) Docker
Systems Management
1 28 (31.82%) Terraform
2 21 (23.86%) Kubernetes
3 18 (20.45%) Ansible
4 8 (9.09%) Grafana
4 8 (9.09%) Nessus
4 8 (9.09%) Progress Chef
4 8 (9.09%) Prometheus
5 7 (7.95%) Graylog
5 7 (7.95%) HP Fortify
5 7 (7.95%) Puppet
6 6 (6.82%) WebInspect
7 3 (3.41%) Nagios
8 1 (1.14%) Kibana
8 1 (1.14%) logstash
8 1 (1.14%) Nmap
8 1 (1.14%) Single Sign-On
Vendors
1 13 (14.77%) Microsoft
2 9 (10.23%) Splunk
3 8 (9.09%) F5
4 7 (7.95%) Checkmarx
5 6 (6.82%) Veracode
6 4 (4.55%) Imperva
7 3 (3.41%) Oracle
7 3 (3.41%) Qualys
8 2 (2.27%) Cadence
8 2 (2.27%) Darktrace
9 1 (1.14%) Barracuda Networks
9 1 (1.14%) CrowdStrike
9 1 (1.14%) CyberArk
9 1 (1.14%) Google
9 1 (1.14%) Okta
9 1 (1.14%) Rapid7
9 1 (1.14%) VMware
75 OWASP jobs Nationwide