Period
to 21 November 2018

The following table provides summary statistics for contract job vacancies advertised in England with a requirement for Penetration Testing skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited Penetration Testing over the 6 months to 21 November 2018 with a comparison to the same period in the previous 2 years.

Note that daily and hourly rates are treated separately in these statistics. When calculating contractor rate percentiles, daily rates are never derived from quoted hourly rates or vice versa.

Penetration Testing
UK > England
6 months to
21 Nov 2018
Same period 2017 Same period 2016
Rank 498 497 455
Rank change year-on-year -1 -42 +108
Contract jobs citing Penetration Testing 388 408 485
As % of all contract IT jobs advertised in England 0.41% 0.43% 0.50%
As % of the Processes & Methodologies category 0.47% 0.50% 0.58%
Number of daily rates quoted 243 244 323
England median daily rate £525 £490 £450
Median daily rate % change year-on-year +7.14% +8.89% -
10th Percentile £376 £350 £350
90th Percentile £711 £625 £625
UK median daily rate £525 £490 £460
% change year-on-year +7.14% +6.52% +2.22%
Number of hourly rates quoted 2 3 1
England median hourly rate £46.50 £60.87 £35.00
Median hourly rate % change year-on-year -23.61% +73.91% -
10th Percentile £43.45 £58.17 £32.50
90th Percentile £51.55 £63.50 £37.50
UK median hourly rate £46.50 £60.87 £35.00
% change year-on-year -23.61% +73.91% -22.22%

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies advertised in England with a requirement for process or methodology skills.

All Process and Methodology Skills
England
Contract vacancies with a requirement for process or methodology skills 82,226 81,485 83,137
As % of all contract IT jobs advertised in England 86.42% 85.89% 85.44%
Number of daily rates quoted 55,098 54,737 55,286
England median daily rate £475 £450 £425
Median daily rate % change year-on-year +5.56% +5.88% +1.19%
10th Percentile £300 £283 £263
90th Percentile £650 £638 £610
UK median daily rate £463 £450 £425
% change year-on-year +2.78% +5.88% +3.03%
Number of hourly rates quoted 2,099 1,937 2,236
England median hourly rate £22.20 £23.50 £23.00
Median hourly rate % change year-on-year -5.55% +2.17% +4.55%
10th Percentile £11.41 £11.25 £11.25
90th Percentile £51.00 £50.00 £47.83
UK median hourly rate £22.10 £23.08 £22.50
% change year-on-year -4.24% +2.56% +2.27%

Penetration Testing
Job Vacancy Trend in England

Job postings citing Penetration Testing as a percentage of all IT jobs advertised in England.

Job vacancy trend for Penetration Testing in England

Penetration Testing
Contractor Daily Rate Trend in England

This chart provides the 3-month moving average for daily rates quoted in contract jobs citing Penetration Testing in England.

Contractor daily rate trend for Penetration Testing in England

Penetration Testing
Contractor Daily Rate Histogram in England

The daily rate distribution of IT jobs citing Penetration Testing in England over the 6 months to 21 November 2018.

Contractor daily rate histogram for Penetration Testing in England

Penetration Testing
Contractor Hourly Rate Trend in England

This chart provides the 3-month moving average for contractor hourly rates quoted in IT jobs citing Penetration Testing in England.

Contractor hourly rate trend for Penetration Testing in England

Penetration Testing
Contract Job Locations in England

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Testing within the England region over the 6 months to 21 November 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Past 6 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Job
Vacancies
London -6 190 £550 +10.00% 74
South East +32 87 £550 +10.00% 24
North of England -14 37 £519 +29.69% 30
Midlands -9 30 £550 +15.79% 15
North West -23 25 £500 +25.00% 13
East of England -10 24 £525 +0.14% 16
West Midlands -24 21 £600 +26.32% 11
South West -19 18 £472 +4.89% 13
Yorkshire -12 12 £638 +57.70% 17
East Midlands +16 10 £600 +33.33% 4
Penetration Testing
UK

For the 6 months to 21 November 2018, IT contractor jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all contract job ads across the England region with a requirement for Penetration Testing.

1 135 (34.79%) Information Security
2 129 (33.25%) Cybersecurity
3 82 (21.13%) CISSP
4 81 (20.88%) Agile Software Development
5 78 (20.10%) Firewall
6 76 (19.59%) Security Architecture
7 71 (18.30%) Finance
8 65 (16.75%) Linux
9 61 (15.72%) Windows
10 58 (14.95%) Security Cleared
11 57 (14.69%) Amazon AWS
12 56 (14.43%) Risk Management
13 54 (13.92%) Microsoft
14 53 (13.66%) Security Testing
15 52 (13.40%) Degree
16 50 (12.89%) Java
17 48 (12.37%) ISO/IEC 27001
17 48 (12.37%) SIEM
18 47 (12.11%) Computer Science
18 47 (12.11%) Management Information System
19 46 (11.86%) Python
20 45 (11.60%) Vulnerability Management
20 45 (11.60%) PowerShell
21 42 (10.82%) SC Cleared
22 41 (10.57%) CISM
22 41 (10.57%) Security Operations
23 40 (10.31%) Microsoft Azure
24 38 (9.79%) Vulnerability Scanning
25 37 (9.54%) Network Security
26 36 (9.28%) Patch Management

Penetration Testing
Co-occurring IT Skills in England by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 14 (3.61%) OpenStack
2 13 (3.35%) IIS
3 9 (2.32%) Confluence
3 9 (2.32%) SharePoint
4 6 (1.55%) SharePoint 2013
5 4 (1.03%) Oracle SOA Suite
6 3 (0.77%) Apache
6 3 (0.77%) Apache Pig
6 3 (0.77%) nginx
7 2 (0.52%) MS Exchange
7 2 (0.52%) SAS
7 2 (0.52%) Tomcat
8 1 (0.26%) BizTalk Server
8 1 (0.26%) Elasticsearch
8 1 (0.26%) WebSphere
Applications
1 8 (2.06%) Microsoft Office
2 2 (0.52%) Microsoft Excel
2 2 (0.52%) Microsoft Project
2 2 (0.52%) MS Visio
3 1 (0.26%) Microsoft PowerPoint
Business Applications
1 11 (2.84%) Oracle EBS R12
1 11 (2.84%) Oracle FAH
Cloud Services
1 57 (14.69%) Amazon AWS
2 40 (10.31%) Microsoft Azure
3 16 (4.12%) Mimecast
4 12 (3.09%) IaaS
5 11 (2.84%) PaaS
6 9 (2.32%) Apigee
7 7 (1.80%) Google Cloud Platform
8 6 (1.55%) GitHub
8 6 (1.55%) Office 365
8 6 (1.55%) SaaS
9 3 (0.77%) Amazon EC2
9 3 (0.77%) Amazon S3
9 3 (0.77%) Route 53
9 3 (0.77%) Sumo Logic
9 3 (0.77%) Virtual Private Cloud
10 2 (0.52%) Akamai
10 2 (0.52%) BrowserStack
10 2 (0.52%) Cloud Computing
10 2 (0.52%) Cloudflare
10 2 (0.52%) OpenShift
Communications & Networking
1 78 (20.10%) Firewall
2 37 (9.54%) Network Security
3 33 (8.51%) VPN
4 32 (8.25%) HTTP
5 25 (6.44%) SSL
6 23 (5.93%) Internet
7 19 (4.90%) DNS
7 19 (4.90%) TCP/IP
8 17 (4.38%) IPsec
9 16 (4.12%) Intrusion Detection
10 15 (3.87%) Wireless
11 13 (3.35%) SAN
11 13 (3.35%) SNMP
12 12 (3.09%) 802.11
12 12 (3.09%) WAN
13 11 (2.84%) Cisco ASA
13 11 (2.84%) FTP
13 11 (2.84%) LAN
13 11 (2.84%) VoIP
14 10 (2.58%) Wireshark
Database & Business Intelligence
1 32 (8.25%) SQL Server
2 11 (2.84%) Essbase
2 11 (2.84%) Oracle BI EE
3 10 (2.58%) MySQL
4 7 (1.80%) Oracle Database
5 5 (1.29%) PostgreSQL
6 3 (0.77%) Amazon RDS
6 3 (0.77%) Apache Hive
6 3 (0.77%) Big Data
6 3 (0.77%) Hadoop
6 3 (0.77%) MongoDB
7 2 (0.52%) BigQuery
7 2 (0.52%) Blockchain
7 2 (0.52%) GIS
7 2 (0.52%) Redis
8 1 (0.26%) Apache Cassandra
8 1 (0.26%) Base SAS
8 1 (0.26%) Maltego
8 1 (0.26%) Neo4j
8 1 (0.26%) NonStop SQL
Development Applications
1 28 (7.22%) Metasploit
2 26 (6.70%) Burp Suite
3 13 (3.35%) JIRA
4 11 (2.84%) Jenkins
5 9 (2.32%) GitLab
6 8 (2.06%) Git (software)
7 7 (1.80%) Selenium
7 7 (1.80%) Team Foundation Server
8 6 (1.55%) Fiddler
8 6 (1.55%) Visual Studio
9 4 (1.03%) Android Studio
9 4 (1.03%) Appium
9 4 (1.03%) Atlassian Bamboo
9 4 (1.03%) Bitbucket
9 4 (1.03%) git-flow
9 4 (1.03%) Octopus Deploy
9 4 (1.03%) SonarQube
9 4 (1.03%) TeamCity
9 4 (1.03%) Xcode
10 3 (0.77%) CodeSonar
General
1 71 (18.30%) Finance
2 33 (8.51%) Banking
3 15 (3.87%) Legal
4 7 (1.80%) Financial Institution
4 7 (1.80%) Telecoms
5 6 (1.55%) Manufacturing
5 6 (1.55%) Retail
6 5 (1.29%) Aerospace
7 4 (1.03%) Marketing
8 3 (0.77%) Investment Banking
8 3 (0.77%) Law
9 2 (0.52%) Retail Banking
10 1 (0.26%) Automotive
10 1 (0.26%) Electronics
10 1 (0.26%) French Language
10 1 (0.26%) Italian Language
10 1 (0.26%) Military
10 1 (0.26%) Pharmaceutical
Job Titles
1 72 (18.56%) Analyst
2 58 (14.95%) Security Analyst
3 53 (13.66%) Consultant
4 50 (12.89%) Architect
4 50 (12.89%) Tester
5 46 (11.86%) Security Consultant
6 44 (11.34%) Security Architect
7 38 (9.79%) Penetration Tester
8 28 (7.22%) Security Manager
9 24 (6.19%) Cybersecurity Analyst
10 21 (5.41%) Security Engineer
11 18 (4.64%) Information Security Manager
12 17 (4.38%) Information Manager
13 16 (4.12%) Security Specialist
14 14 (3.61%) Information Analyst
14 14 (3.61%) Project Manager
15 12 (3.09%) Information Security Analyst
15 12 (3.09%) IT Analyst
16 11 (2.84%) IT Security Analyst
16 11 (2.84%) Test Analyst
Libraries, Frameworks & Software Standards
1 24 (6.19%) OAuth
2 22 (5.67%) OpenID
3 20 (5.15%) Web Services
4 17 (4.38%) SAML
5 15 (3.87%) JSON
6 14 (3.61%) SOAP
7 13 (3.35%) 802.1X
7 13 (3.35%) REST
8 11 (2.84%) Middleware
9 9 (2.32%) .NET
10 8 (2.06%) Node.js
11 7 (1.80%) Java EE
12 6 (1.55%) RESTful
13 5 (1.29%) Django
13 5 (1.29%) LAMP
13 5 (1.29%) OAuth2
14 4 (1.03%) .NET Framework
14 4 (1.03%) Dagger
15 3 (0.77%) Spring MVC
15 3 (0.77%) STL
Miscellaneous
1 47 (12.11%) Computer Science
1 47 (12.11%) Management Information System
2 28 (7.22%) Mobile App
3 27 (6.96%) PKI
4 26 (6.70%) Self-Motivation
5 22 (5.67%) Cyberthreat
6 19 (4.90%) Analytical Skills
7 17 (4.38%) Data Centre
8 16 (4.12%) SCADA
9 15 (3.87%) Public Cloud
10 14 (3.61%) Cyber Defence
11 10 (2.58%) Wiki
12 9 (2.32%) RSA SecurID
13 8 (2.06%) Clustering
14 7 (1.80%) Cyber Kill Chain
15 6 (1.55%) Cyberattack
15 6 (1.55%) Fintech
15 6 (1.55%) Hybrid Cloud
16 5 (1.29%) Client/Server
17 4 (1.03%) Enterprise Software
Operating Systems
1 65 (16.75%) Linux
2 61 (15.72%) Windows
3 17 (4.38%) Kali Linux
4 14 (3.61%) Unix
5 13 (3.35%) Android
5 13 (3.35%) Windows Server
6 12 (3.09%) Solaris
7 11 (2.84%) Apple iOS
8 6 (1.55%) Mac OS X
9 5 (1.29%) AIX
9 5 (1.29%) Windows 10
10 3 (0.77%) Embedded Linux
10 3 (0.77%) Red Hat Enterprise Linux
10 3 (0.77%) Windows Server 2012
11 2 (0.52%) Windows Server 2008
12 1 (0.26%) CentOS
12 1 (0.26%) Mac OS
12 1 (0.26%) zOS
Processes & Methodologies
1 135 (34.79%) Information Security
2 129 (33.25%) Cybersecurity
3 81 (20.88%) Agile Software Development
4 76 (19.59%) Security Architecture
5 56 (14.43%) Risk Management
6 53 (13.66%) Security Testing
7 48 (12.37%) SIEM
8 45 (11.60%) Vulnerability Management
9 41 (10.57%) Security Operations
10 38 (9.79%) Vulnerability Scanning
11 36 (9.28%) DevOps
11 36 (9.28%) Identity Access Management
11 36 (9.28%) Patch Management
12 35 (9.02%) OWASP
13 33 (8.51%) Ethical Hacking
14 31 (7.99%) Stakeholder Management
15 30 (7.73%) Threat Intelligence
16 29 (7.47%) Open Source
17 28 (7.22%) Vulnerability Assessment
18 27 (6.96%) SDLC
Programming Languages
1 50 (12.89%) Java
2 46 (11.86%) Python
3 45 (11.60%) PowerShell
4 32 (8.25%) C#
5 29 (7.47%) Bash Shell
6 27 (6.96%) C
6 27 (6.96%) Ruby
7 17 (4.38%) Perl
8 15 (3.87%) C++
9 14 (3.61%) Lua
10 11 (2.84%) PHP
11 7 (1.80%) SQL
12 6 (1.55%) JavaScript
13 3 (0.77%) Embedded C
13 3 (0.77%) Objective-C
14 2 (0.52%) Shell Script
15 1 (0.26%) VB.NET
Qualifications
1 82 (21.13%) CISSP
2 58 (14.95%) Security Cleared
3 52 (13.40%) Degree
4 42 (10.82%) SC Cleared
5 41 (10.57%) CISM
6 34 (8.76%) CEH
7 27 (6.96%) CISA
8 25 (6.44%) GIAC
9 22 (5.67%) Cisco Certification
9 22 (5.67%) Computer Science Degree
10 20 (5.15%) CompTIA Security+
10 20 (5.15%) DV Cleared
11 19 (4.90%) CREST Certified
11 19 (4.90%) SANS
12 15 (3.87%) OSCP
13 13 (3.35%) OSCE
14 8 (2.06%) Microsoft Certification
14 8 (2.06%) Tigerscheme
15 6 (1.55%) (ISC)2 CCSP
15 6 (1.55%) MCSE
Quality Assurance & Compliance
1 48 (12.37%) ISO/IEC 27001
2 27 (6.96%) PCI DSS
3 25 (6.44%) GDPR
4 17 (4.38%) QA
5 15 (3.87%) PSD2
6 11 (2.84%) COBIT
7 9 (2.32%) Cyber Essentials
8 7 (1.80%) Actionable Recommendations
8 7 (1.80%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
9 5 (1.29%) Sarbanes-Oxley
10 3 (0.77%) HIPAA
10 3 (0.77%) Web Application Security Consortium
11 2 (0.52%) COSO
11 2 (0.52%) NIST 800
11 2 (0.52%) PMO
11 2 (0.52%) SLA
12 1 (0.26%) HMG Security Policy Framework
System Software
1 35 (9.02%) Active Directory
2 18 (4.64%) VMware Infrastructure
3 16 (4.12%) Docker
4 9 (2.32%) OpenAM
5 6 (1.55%) Firmware
6 4 (1.03%) BitLocker
6 4 (1.03%) ProxySG
6 4 (1.03%) Virtual Desktop
6 4 (1.03%) vSphere
7 3 (0.77%) Snort
7 3 (0.77%) Virtual Machines
8 1 (0.26%) Hyper-V
8 1 (0.26%) Virtual Servers
8 1 (0.26%) XenDesktop
Systems Management
1 29 (7.47%) Nessus
2 21 (5.41%) Host Intrusion Detection System
2 21 (5.41%) Nmap
3 18 (4.64%) Network Intrusion Detection System
4 15 (3.87%) Single Sign-On
5 12 (3.09%) Computer Emergency Response Teams
5 12 (3.09%) QRadar
6 8 (2.06%) Kubernetes
6 8 (2.06%) SCCM
7 7 (1.80%) CSIRT
7 7 (1.80%) McAfee ePO
8 6 (1.55%) Microsoft Clustering
8 6 (1.55%) Puppet
9 5 (1.29%) Terraform
10 4 (1.03%) Ansible
10 4 (1.03%) HP Fortify
10 4 (1.03%) Opscode Chef
10 4 (1.03%) WebSphere Service Registry and Repository
11 3 (0.77%) EnCase
11 3 (0.77%) Salt
Vendors
1 54 (13.92%) Microsoft
2 34 (8.76%) Cisco
3 23 (5.93%) Oracle
3 23 (5.93%) VMware
4 17 (4.38%) IBM
5 16 (4.12%) McAfee
5 16 (4.12%) Proofpoint
6 15 (3.87%) Qualys
7 14 (3.61%) ArcSight
8 12 (3.09%) Google
9 11 (2.84%) CheckPoint
9 11 (2.84%) Hyperion
10 10 (2.58%) Juniper
11 9 (2.32%) ForgeRock
11 9 (2.32%) Splunk
12 8 (2.06%) Blue Coat
12 8 (2.06%) Citrix
12 8 (2.06%) F5
12 8 (2.06%) Palo Alto
13 6 (1.55%) Forcepoint