The table below looks at the statistics for OWASP skills in IT contracts advertised across the UK. Included is a guide to the contractor rates offered in IT contracts that have cited OWASP over the 3 months to 22 January 2017 with a comparison to the same period over the previous 2 years.

Note that daily contractor rates and hourly contractor rates are treated separately. When calculating average contractor rates, daily rates are not derived from quoted hourly rates or vice versa.

3 months to
22 Jan 2017
Same period 2016 Same period 2015
Open Web Application Security Project (OWASP)
UK
Rank 490 547 578
Rank change year-on-year
+57 +31
Contract jobs citing OWASP 91 71 38
As % of all contract IT jobs located in the UK 0.21% 0.14% 0.075%
As % of the Processes & Methodologies category 0.25% 0.17% 0.095%
Number of daily rates quoted 64 37 19
Median daily rate £488 £431 £410
Median daily rate % change year-on-year
+13.04% +5.18%
90% offered a daily rate of more than £400 £361 £306
10% offered a daily rate of more than £600 £550 £530
UK excluding London median daily rate £475 £425 £350
% change year-on-year
+11.76% +21.42%
Number of hourly rates quoted 0 0 0
Median hourly rate - - -
UK excluding London median hourly rate - - -

The following table is for comparison with the above and provides statistics for the entire Processes & Methodologies category in contract jobs advertised across the UK.

Processes & Methodologies Category
UK
Contract IT job ads with a match in the
Processes & Methodologies category
36193 41509 39855
As % of all contract IT jobs located in the UK 82.16% 81.76% 78.53%
Number of daily rates quoted 23989 26924 25716
Median daily rate £450 £425 £423
Median daily rate % change year-on-year
+5.88% +0.59%
90% offered a daily rate of more than £300 £290 £285
10% offered a daily rate of more than £600 £600 £575
UK excluding London median daily rate £405 £400 £393
% change year-on-year
+1.25% +1.91%
Number of hourly rates quoted 920 1213 1044
Median hourly rate £34.50 £38.25 £25.00
Median hourly rate % change year-on-year
-9.80% +53.00%
90% offered a hourly rate of more than £12.50 £13.16 £12.00
10% offered a hourly rate of more than £51.71 £55.00 £47.50
UK excluding London median hourly rate £35.00 £40.00 £26.00
% change year-on-year
-12.50% +53.84%

OWASP
Jobs Demand Trend

The demand trend of contract jobs citing OWASP as a proportion of all IT contracts with a match in the Processes & Methodologies category.

OWASP Jobs Demand Trend in the UK

OWASP
Daily Rate Trend

This chart provides the 3-month moving average for daily rates quoted in IT contract jobs citing OWASP within the UK.

OWASP Daily Rate Trend in the UK

OWASP
Daily Rate Histogram

This chart provides a histogram of daily rates quoted in contract IT jobs citing OWASP within the UK over the 3 months to 22 January 2017.

OWASP Daily Rate Histogram in the UK

OWASP
Hourly Rate Trend

This chart provides the 3-month moving average for hourly rates quoted in IT contractor jobs citing OWASP within the UK.

OWASP Hourly Rate Trend in the UK

OWASP
Top 30 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing OWASP within the UK over the 3 months to 22 January 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 3 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Last 3 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +50 79 £488 +14.70% 25
London +15 25 £525 +5.00% 10
South East +21 19 £474 +3.97% 4
South West +18 12 £480 -8.57% 5
Wales - 9 £550 -
South Wales - 9 £550 -
Newport - 8 £575 -
North West +19 6 £525 +32.07% 1
West Sussex +8 6 £468 +13.33%
Yorkshire +14 5 - - 1
Buckinghamshire +7 5 £475 -10.37%
Hampshire - 5 £400 - 1
Cheshire - 5 £525 -
Bristol - 5 £600 - 5
Warrington - 5 £525 -
West Yorkshire +17 4 - -
Milton Keynes +9 4 £498 -6.13%
Leeds +6 4 - -
Wiltshire +4 4 £450 -
Hertfordshire +3 4 £700 - 2
East of England +2 4 £700 - 3
Welwyn Garden City -9 4 £700 -
Salisbury - 4 £450 -
Worthing - 4 £525 -
North East -23 3 £403 -1.82%
Newcastle upon Tyne -25 3 £403 -1.82%
Tyne and Wear -27 3 £403 -1.82%
Farnborough - 3 £400 - 1
East Midlands - 3 £275 -
Surrey +18 2 £475 -5.00% 1

OWASP
Top 30 Related IT Skills

For the 6 months to 22 January 2017, IT contractor jobs citing OWASP also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all contract ads with a requirement for OWASP.

1 152 (49.51%) Agile Software Development
2 112 (36.48%) Java
3 99 (32.25%) Penetration Testing
4 98 (31.92%) Continuous Integration
5 97 (31.60%) Scrum
6 93 (30.29%) Linux
7 88 (28.66%) Secure Coding
8 82 (26.71%) Python
9 80 (26.06%) Jenkins
10 78 (25.41%) HTML
11 77 (25.08%) C#
11 77 (25.08%) CSS
12 71 (23.13%) Open Source
13 70 (22.80%) Ruby
14 68 (22.15%) Web Services
15 60 (19.54%) Automated Testing
15 60 (19.54%) JSON
16 58 (18.89%) Web Development
16 58 (18.89%) Security Testing
17 57 (18.57%) REST
18 56 (18.24%) Relational Database
18 56 (18.24%) Amazon AWS
18 56 (18.24%) .NET
18 56 (18.24%) MVC
19 55 (17.92%) Ajax
19 55 (17.92%) TDD
20 53 (17.26%) Git (software)
21 52 (16.94%) CISSP
21 52 (16.94%) JavaScript
22 51 (16.61%) HTTP

OWASP
Top Related IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 34 (11.07%) Confluence
2 33 (10.75%) IIS
3 29 (9.45%) nginx
4 17 (5.54%) CMS
5 12 (3.91%) Apache
6 9 (2.93%) JBoss
6 9 (2.93%) Sitecore CMS
6 9 (2.93%) Tomcat
7 8 (2.61%) WebLogic
8 7 (2.28%) Elasticsearch
9 6 (1.95%) MS Exchange
10 5 (1.63%) OpenStack
11 4 (1.30%) ATG Dynamo
11 4 (1.30%) Drupal
12 3 (0.98%) Mule ESB
13 1 (0.33%) SAS
13 1 (0.33%) SharePoint
13 1 (0.33%) Skype for Business
13 1 (0.33%) Umbraco
13 1 (0.33%) WordPress
Applications
1 9 (2.93%) MS Excel
2 3 (0.98%) MS Office
3 1 (0.33%) MS Visio
Business Applications
1 6 (1.95%) SAP Oil and Gas
2 1 (0.33%) Dynamics CRM
2 1 (0.33%) Dynamics NAV
Cloud Services
1 56 (18.24%) Amazon AWS
2 24 (7.82%) Microsoft Azure
3 10 (3.26%) PaaS
4 8 (2.61%) Boomi
5 7 (2.28%) GitHub
6 5 (1.63%) SaaS
7 4 (1.30%) Google Cloud Platform
7 4 (1.30%) IaaS
8 3 (0.98%) Amazon EC2
9 2 (0.65%) Azure Active Directory
10 1 (0.33%) Heroku
10 1 (0.33%) Office 365
Communications & Networking
1 51 (16.61%) HTTP
2 24 (7.82%) Firewall
3 20 (6.51%) Internet
4 11 (3.58%) Network Security
5 10 (3.26%) SSL
6 8 (2.61%) SSH
7 7 (2.28%) FTP
7 7 (2.28%) IPsec
7 7 (2.28%) Reverse Proxy
7 7 (2.28%) SMTP
7 7 (2.28%) VPN
7 7 (2.28%) Wireshark
8 6 (1.95%) Kerberos
9 5 (1.63%) Wireless
10 4 (1.30%) DMZ
11 2 (0.65%) TCP/IP
12 1 (0.33%) LDAP
12 1 (0.33%) Skype
12 1 (0.33%) WAN
Database & Business Intelligence
1 56 (18.24%) Relational Database
2 44 (14.33%) SQL Server
3 41 (13.36%) PostgreSQL
4 34 (11.07%) MongoDB
5 23 (7.49%) MySQL
6 20 (6.51%) SQL Server 2008
7 17 (5.54%) NoSQL
8 9 (2.93%) Redis
9 8 (2.61%) MS Access
9 8 (2.61%) SQL Server 2012
9 8 (2.61%) SQL Server Integration Services
10 6 (1.95%) Oracle Database
11 5 (1.63%) Apache Cassandra
12 1 (0.33%) Azure SQL Database
12 1 (0.33%) CouchDB
12 1 (0.33%) RDBMS
12 1 (0.33%) Riak
Development Applications
1 80 (26.06%) Jenkins
2 53 (17.26%) Git (software)
3 40 (13.03%) Subversion
4 37 (12.05%) JIRA
5 31 (10.10%) Team Foundation Server
6 29 (9.45%) JUnit
7 23 (7.49%) Travis CI
8 20 (6.51%) CircleCI
9 19 (6.19%) Burp Suite
9 19 (6.19%) Selenium
10 16 (5.21%) JMeter
11 9 (2.93%) Cucumber
12 8 (2.61%) SonarQube
13 7 (2.28%) Artifactory
13 7 (2.28%) Gerrit
13 7 (2.28%) Metasploit
14 6 (1.95%) Protractor
14 6 (1.95%) Sonatype Nexus
14 6 (1.95%) WebDriver
15 5 (1.63%) Mercurial
General
1 35 (11.40%) Finance
2 10 (3.26%) Marketing
3 7 (2.28%) Manufacturing
4 6 (1.95%) Electronics
4 6 (1.95%) Telecoms
5 5 (1.63%) Banking
5 5 (1.63%) Retail
6 4 (1.30%) Back Office
7 2 (0.65%) Publishing
8 1 (0.33%) German Language
8 1 (0.33%) Italian Language
8 1 (0.33%) Welsh Language
Job Titles
1 125 (40.72%) Developer
2 40 (13.03%) .NET Developer
2 40 (13.03%) Java Developer
3 37 (12.05%) Consultant
4 33 (10.75%) Architect
5 31 (10.10%) Security Consultant
6 29 (9.45%) Tester
7 28 (9.12%) Security Engineer
8 21 (6.84%) Security Architect
9 20 (6.51%) Penetration Tester
10 14 (4.56%) Analyst
11 12 (3.91%) Applications Consultant
11 12 (3.91%) DevOps Engineer
12 11 (3.58%) Front End Developer (Client-Side Developer)
13 10 (3.26%) Scala Developer
14 9 (2.93%) Access Developer
14 9 (2.93%) Microsoft Developer
15 8 (2.61%) Sitecore Developer
16 7 (2.28%) Cybersecurity Consultant
16 7 (2.28%) Security Management Consultant
Libraries, Frameworks & Software Standards
1 78 (25.41%) HTML
2 77 (25.08%) CSS
3 68 (22.15%) Web Services
4 60 (19.54%) JSON
5 57 (18.57%) REST
6 56 (18.24%) .NET
7 55 (17.92%) Ajax
8 49 (15.96%) Spring
9 48 (15.64%) HTML5
10 41 (13.36%) RESTful
11 37 (12.05%) ASP.NET
12 36 (11.73%) XML
13 34 (11.07%) Django
14 33 (10.75%) CSS3
14 33 (10.75%) LINQ
15 31 (10.10%) Play Framework
16 30 (9.77%) jQuery
16 30 (9.77%) Ruby on Rails
17 28 (9.12%) ASP.NET Web Forms
17 28 (9.12%) LINQ to SQL
Miscellaneous
1 28 (9.12%) N-Tier
2 22 (7.17%) User Experience
3 18 (5.86%) Data Centre
4 14 (4.56%) Cryptography
5 13 (4.23%) Algorithms
6 8 (2.61%) Client/Server
7 7 (2.28%) CESG
7 7 (2.28%) Management Information System
8 6 (1.95%) Analytical Skills
8 6 (1.95%) Cyber Defence
9 5 (1.63%) PKI
9 5 (1.63%) W3C
10 3 (0.98%) Computer Science
10 3 (0.98%) Cyberthreat
11 2 (0.65%) Cyber Attack
11 2 (0.65%) Enterprise Software
11 2 (0.65%) Fintech
11 2 (0.65%) Mobile App
12 1 (0.33%) Blog
12 1 (0.33%) Wiki
Operating Systems
1 93 (30.29%) Linux
2 36 (11.73%) Windows
3 17 (5.54%) Unix
4 6 (1.95%) CentOS
4 6 (1.95%) Red Hat Enterprise Linux
4 6 (1.95%) Windows Server
4 6 (1.95%) Windows Vista
5 4 (1.30%) Android
5 4 (1.30%) Ubuntu
6 3 (0.98%) Mac OS
7 2 (0.65%) Kali Linux
8 1 (0.33%) AIX
8 1 (0.33%) Mac OS X
8 1 (0.33%) Solaris
Processes & Methodologies
1 152 (49.51%) Agile Software Development
2 99 (32.25%) Penetration Testing
3 98 (31.92%) Continuous Integration
4 97 (31.60%) Scrum
5 88 (28.66%) Secure Coding
6 71 (23.13%) Open Source
7 60 (19.54%) Automated Testing
8 58 (18.89%) Security Testing
8 58 (18.89%) Web Development
9 56 (18.24%) MVC
10 55 (17.92%) TDD
11 49 (15.96%) BDD
12 43 (14.01%) Kanban
13 38 (12.38%) Continuous Delivery
14 34 (11.07%) Fuzz Testing
14 34 (11.07%) Responsive Web Design
15 32 (10.42%) Information Security
15 32 (10.42%) Static Code Analysis
16 31 (10.10%) Configuration Management
16 31 (10.10%) Web Design
Programming Languages
1 112 (36.48%) Java
2 82 (26.71%) Python
3 77 (25.08%) C#
4 70 (22.80%) Ruby
5 52 (16.94%) JavaScript
6 48 (15.64%) SQL
7 38 (12.38%) Scala
8 32 (10.42%) PHP
9 28 (9.12%) VB.NET
10 9 (2.93%) Bash Shell
11 8 (2.61%) Perl
11 8 (2.61%) VBA
12 6 (1.95%) Go
12 6 (1.95%) PowerShell
13 2 (0.65%) C
13 2 (0.65%) C++
14 1 (0.33%) Groovy
14 1 (0.33%) Shell Script
Qualifications
1 52 (16.94%) CISSP
2 30 (9.77%) Security Cleared
3 23 (7.49%) CREST Certified
4 22 (7.17%) CHECK Team Member
5 21 (6.84%) SANS
6 20 (6.51%) CEH
7 15 (4.89%) SC Cleared
8 14 (4.56%) GIAC
9 13 (4.23%) Degree
10 11 (3.58%) CISM
11 10 (3.26%) BPSS Clearance
12 8 (2.61%) CESG Certified Professional
12 8 (2.61%) CISA
13 6 (1.95%) CLAS
14 5 (1.63%) DV Cleared
14 5 (1.63%) ISEB
14 5 (1.63%) OSCP
15 4 (1.30%) Cisco Certification
15 4 (1.30%) ISSAP
15 4 (1.30%) Security+ Certification
Quality Assurance & Compliance
1 22 (7.17%) PCI DSS
2 15 (4.89%) QA
3 14 (4.56%) Disclosure Scotland
3 14 (4.56%) ISO/IEC 27001
4 7 (2.28%) WAI
4 7 (2.28%) WCAG
5 6 (1.95%) COBIT
6 5 (1.63%) Web Application Security Consortium
7 4 (1.30%) RMADS
8 3 (0.98%) SDET
9 1 (0.33%) Government Security Classifications
9 1 (0.33%) HIPAA
9 1 (0.33%) HMG Security Policy Framework
9 1 (0.33%) ISO 9000
9 1 (0.33%) Sarbanes-Oxley
System Software
1 15 (4.89%) Active Directory
2 14 (4.56%) Docker
3 7 (2.28%) Sendmail
3 7 (2.28%) Virtual Machines
4 6 (1.95%) VMware Infrastructure
5 5 (1.63%) vCloud
6 4 (1.30%) LXC
7 1 (0.33%) OpenSSH
7 1 (0.33%) Virtual Servers
Systems Management
1 14 (4.56%) Ansible
2 12 (3.91%) HP Fortify
3 9 (2.93%) Computer Emergency Response Teams
3 9 (2.93%) logstash
3 9 (2.93%) Nmap
3 9 (2.93%) Opscode Chef
4 7 (2.28%) Kibana
4 7 (2.28%) Puppet
5 6 (1.95%) CA Single Sign-On
5 6 (1.95%) HAProxy
6 5 (1.63%) Rundeck
6 5 (1.63%) Salt
6 5 (1.63%) ZABBIX
7 2 (0.65%) CFEngine
7 2 (0.65%) Nessus
8 1 (0.33%) Core Impact
8 1 (0.33%) McAfee ePO
8 1 (0.33%) Nagios
8 1 (0.33%) OpenIDM
8 1 (0.33%) WebInspect
Vendors
1 35 (11.40%) Google
2 27 (8.79%) Microsoft
3 21 (6.84%) Oracle
4 11 (3.58%) HP
4 11 (3.58%) VMware
5 9 (2.93%) Red Hat
5 9 (2.93%) SAP
5 9 (2.93%) Sitecore
6 8 (2.61%) Dell
7 7 (2.28%) Citrix
8 6 (1.95%) Black Duck
8 6 (1.95%) CA
8 6 (1.95%) Sonatype
8 6 (1.95%) Veracode
9 4 (1.30%) ATG
9 4 (1.30%) Splunk
10 2 (0.65%) Acunetix
10 2 (0.65%) EPiServer
10 2 (0.65%) ForgeRock
10 2 (0.65%) Qualys