Period
to 17 July 2018

The following table provides summary statistics for contract job vacancies advertised in England with a requirement for Penetration Testing skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited Penetration Testing over the 6 months to 17 July 2018 with a comparison to the same period in the previous 2 years.

Note that daily and hourly rates are treated separately in these statistics. When calculating contractor rate percentiles, daily rates are never derived from quoted hourly rates or vice versa.

Penetration Testing
UK > England
6 months to
17 Jul 2018
Same period 2017 Same period 2016
Rank 534 478 483
Rank change year-on-year -56 +5 +143
Contract jobs citing Penetration Testing 339 374 444
As % of all contract IT jobs advertised in England 0.36% 0.43% 0.44%
As % of the Processes & Methodologies category 0.42% 0.50% 0.52%
Number of daily rates quoted 208 235 289
England median daily rate £500 £475 £490
Median daily rate % change year-on-year +5.26% -3.06% +9.19%
10th Percentile £359 £350 £363
90th Percentile £680 £600 £614
UK median daily rate £500 £475 £490
% change year-on-year +5.26% -3.06% +8.89%
Number of hourly rates quoted 8 4 1
England median hourly rate £41.00 £60.87 £50.00
Median hourly rate % change year-on-year -32.64% +21.74% +122.22%
UK median hourly rate £41.00 £60.87 £34.81
% change year-on-year -32.64% +74.85% +22.15%

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies advertised in England with a requirement for process or methodology skills.

All Process and Methodology Skills
England
Contract vacancies with a requirement for process or methodology skills 81,190 74,448 85,765
As % of all contract IT jobs advertised in England 85.87% 85.09% 84.35%
Number of daily rates quoted 53,959 49,037 57,163
England median daily rate £463 £450 £425
Median daily rate % change year-on-year +2.78% +5.88% +4.94%
10th Percentile £300 £280 £266
90th Percentile £638 £625 £613
UK median daily rate £450 £445 £425
% change year-on-year +1.12% +4.71% +6.25%
Number of hourly rates quoted 2,238 1,938 2,074
England median hourly rate £22.25 £25.00 £24.00
Median hourly rate % change year-on-year -11.01% +4.17% +11.63%
10th Percentile £11.25 £11.41 £11.73
90th Percentile £50.50 £51.50 £48.75
UK median hourly rate £21.50 £25.00 £24.75
% change year-on-year -14.00% +1.01% +15.12%

Penetration Testing
Job Vacancy Trend in England

Job postings citing Penetration Testing as a percentage of all IT jobs advertised in England.

Job vacancy trend for Penetration Testing in England

Penetration Testing
Contractor Daily Rate Trend in England

This chart provides the 3-month moving average for daily rates quoted in contract jobs citing Penetration Testing in England.

Contractor daily rate trend for Penetration Testing in England

Penetration Testing
Contractor Daily Rate Histogram in England

The daily rate distribution of IT jobs citing Penetration Testing in England over the 6 months to 17 July 2018.

Contractor daily rate histogram for Penetration Testing in England

Penetration Testing
Contractor Hourly Rate Trend in England

This chart provides the 3-month moving average for contractor hourly rates quoted in IT jobs citing Penetration Testing in England.

Contractor hourly rate trend for Penetration Testing in England

Penetration Testing
Contractor Hourly Rate Histogram in England

The hourly rate distribution of IT jobs citing Penetration Testing in England over the 6 months to 17 July 2018.

Contractor hourly rate histogram for Penetration Testing in England

Penetration Testing
Contract Job Locations in England

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Testing within the England region over the 6 months to 17 July 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Past 6 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Job
Vacancies
London -51 182 £525 +5.00% 72
South East -23 60 £510 +7.37% 21
East of England +16 34 £509 -10.55% 12
North of England -9 32 £413 +10.00% 23
North West -6 24 £400 -3.03% 12
South West -20 23 £413 -21.43% 4
Midlands -30 9 £481 +5.19% 18
East Midlands +7 8 £481 +6.94% 2
Yorkshire -13 6 £448 +11.88% 10
North East -10 2 £403 +25.98% 1
West Midlands -47 1 - - 16
Penetration Testing
UK

For the 6 months to 17 July 2018, IT contractor jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all contract job ads across the England region with a requirement for Penetration Testing.

1 126 (37.17%) Information Security
2 76 (22.42%) Firewall
2 76 (22.42%) Security Testing
3 70 (20.65%) Windows
4 68 (20.06%) Finance
5 67 (19.76%) Agile Software Development
6 65 (19.17%) SIEM
7 63 (18.58%) Amazon AWS
8 60 (17.70%) CISSP
9 54 (15.93%) Cybersecurity
10 51 (15.04%) Microsoft
11 50 (14.75%) Linux
11 50 (14.75%) Security Cleared
12 48 (14.16%) ISO/IEC 27001
12 48 (14.16%) Risk Management
13 46 (13.57%) Security Architecture
14 42 (12.39%) SC Cleared
14 42 (12.39%) Java
15 40 (11.80%) Vulnerability Scanning
16 39 (11.50%) Banking
16 39 (11.50%) PCI DSS
17 37 (10.91%) Ethical Hacking
18 36 (10.62%) DevOps
19 34 (10.03%) Active Directory
19 34 (10.03%) Network Security
20 33 (9.73%) Web Services
20 33 (9.73%) Stakeholder Management
21 32 (9.44%) Microsoft Azure
22 31 (9.14%) Risk Assessment
23 30 (8.85%) Management Information System

Penetration Testing
Co-occurring IT Skills in England by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 16 (4.72%) IIS
2 9 (2.65%) Apache
3 6 (1.77%) Apache Spark
3 6 (1.77%) SharePoint
4 5 (1.47%) MS Exchange
5 4 (1.18%) CMS
5 4 (1.18%) Confluence
6 3 (0.88%) Adobe Experience Manager
6 3 (0.88%) BizTalk Server
6 3 (0.88%) Oracle SOA Suite
6 3 (0.88%) Sitecore CMS
6 3 (0.88%) Umbraco
6 3 (0.88%) WebSphere
7 2 (0.59%) nginx
7 2 (0.59%) Tomcat
8 1 (0.29%) Drupal
8 1 (0.29%) Exchange Server 2007
8 1 (0.29%) Exchange Server 2010
8 1 (0.29%) Joomla!
8 1 (0.29%) OpenStack
Applications
1 9 (2.65%) Microsoft Office
2 4 (1.18%) Microsoft Project
2 4 (1.18%) MS Visio
3 3 (0.88%) Microsoft Excel
3 3 (0.88%) Microsoft PowerPoint
4 1 (0.29%) Spreadsheet
Business Applications
1 2 (0.59%) Magento
2 1 (0.29%) Dynamics CRM
Cloud Services
1 63 (18.58%) Amazon AWS
2 32 (9.44%) Microsoft Azure
3 13 (3.83%) IaaS
4 8 (2.36%) Office 365
5 6 (1.77%) PaaS
6 5 (1.47%) SaaS
7 4 (1.18%) Cloud Computing
8 2 (0.59%) Akamai
8 2 (0.59%) AWS Lambda
8 2 (0.59%) Cloudflare
8 2 (0.59%) Serverless
8 2 (0.59%) Sumo Logic
9 1 (0.29%) Amazon S3
9 1 (0.29%) Asana
9 1 (0.29%) AWS CloudTrail
9 1 (0.29%) BrowserStack
9 1 (0.29%) Google Cloud Platform
9 1 (0.29%) OpenShift
9 1 (0.29%) Sauce Labs
9 1 (0.29%) Virtual Private Cloud
Communications & Networking
1 76 (22.42%) Firewall
2 34 (10.03%) Network Security
3 24 (7.08%) Intrusion Detection
4 20 (5.90%) LAN
4 20 (5.90%) WAN
5 17 (5.01%) TCP/IP
6 16 (4.72%) IPsec
7 15 (4.42%) HTTP
7 15 (4.42%) Internet
8 14 (4.13%) SAN
8 14 (4.13%) VPN
9 11 (3.24%) DNS
9 11 (3.24%) NAS
10 8 (2.36%) SSL
11 7 (2.06%) Cisco ASA
11 7 (2.06%) MPLS
12 6 (1.77%) X.509
13 5 (1.47%) FTP
14 4 (1.18%) BGP
14 4 (1.18%) OSPF
Database & Business Intelligence
1 28 (8.26%) SQL Server
2 10 (2.95%) Hadoop
3 7 (2.06%) MySQL
4 6 (1.77%) Amazon Redshift
4 6 (1.77%) Apache Cassandra
5 4 (1.18%) Maltego
6 3 (0.88%) DB2
6 3 (0.88%) PostgreSQL
7 2 (0.59%) Amazon RDS
7 2 (0.59%) Big Data
7 2 (0.59%) Blockchain
7 2 (0.59%) MariaDB
7 2 (0.59%) MongoDB
8 1 (0.29%) NonStop SQL
8 1 (0.29%) NoSQL
8 1 (0.29%) Oracle Reports
8 1 (0.29%) Power BI
Development Applications
1 11 (3.24%) Burp Suite
2 9 (2.65%) Selenium
3 8 (2.36%) JIRA
3 8 (2.36%) Metasploit
4 6 (1.77%) Jenkins
5 5 (1.47%) WebDriver
6 4 (1.18%) Git (software)
6 4 (1.18%) GitLab
6 4 (1.18%) Team Foundation Server
7 3 (0.88%) Jasmine
8 2 (0.59%) JMeter
8 2 (0.59%) JUnit
8 2 (0.59%) LoadRunner
8 2 (0.59%) Octopus Deploy
8 2 (0.59%) Visual Studio Team System
8 2 (0.59%) Zephyr
9 1 (0.29%) sqlmap
9 1 (0.29%) Subversion
9 1 (0.29%) TestDirector
9 1 (0.29%) TestPartner
General
1 68 (20.06%) Finance
2 39 (11.50%) Banking
3 26 (7.67%) Legal
4 11 (3.24%) Telecoms
5 4 (1.18%) Billing
5 4 (1.18%) Financial Institution
6 2 (0.59%) Law
6 2 (0.59%) Manufacturing
6 2 (0.59%) Marketing
7 1 (0.29%) Aerospace
7 1 (0.29%) Automotive
7 1 (0.29%) French Language
7 1 (0.29%) Games
7 1 (0.29%) Investment Banking
7 1 (0.29%) Multimedia
7 1 (0.29%) Publishing
Job Titles
1 50 (14.75%) Architect
2 48 (14.16%) Analyst
3 46 (13.57%) Consultant
4 41 (12.09%) Security Architect
5 39 (11.50%) Security Consultant
5 39 (11.50%) Tester
6 37 (10.91%) Security Analyst
7 34 (10.03%) Penetration Tester
8 33 (9.73%) Security Manager
9 24 (7.08%) Security Engineer
10 22 (6.49%) Security Specialist
11 20 (5.90%) Project Manager
12 17 (5.01%) Information Manager
12 17 (5.01%) Information Security Manager
13 15 (4.42%) Test Manager
14 14 (4.13%) Information Security Consultant
15 12 (3.54%) Information Analyst
15 12 (3.54%) Security Penetration Tester
15 12 (3.54%) Security Tester
16 11 (3.24%) Information Security Analyst
Libraries, Frameworks & Software Standards
1 33 (9.73%) Web Services
2 19 (5.60%) OAuth
3 15 (4.42%) Middleware
4 13 (3.83%) JSON
4 13 (3.83%) OpenID
5 12 (3.54%) SOAP
6 11 (3.24%) REST
7 10 (2.95%) SAML
8 8 (2.36%) .NET
9 5 (1.47%) J2EE
10 4 (1.18%) LAMP
11 3 (0.88%) HTML
11 3 (0.88%) Java EE
11 3 (0.88%) OAuth2
11 3 (0.88%) pytest
11 3 (0.88%) XACML
12 2 (0.59%) 802.1X
12 2 (0.59%) ASP.NET Web API
12 2 (0.59%) jQuery
12 2 (0.59%) RESTful
Miscellaneous
1 30 (8.85%) Management Information System
2 23 (6.78%) Data Centre
3 21 (6.19%) Fintech
4 20 (5.90%) Mobile App
4 20 (5.90%) PKI
5 18 (5.31%) CESG
6 15 (4.42%) Analytical Skills
7 12 (3.54%) Public Cloud
8 11 (3.24%) Clustering
9 9 (2.65%) Computer Science
10 7 (2.06%) Security Operations Centre
10 7 (2.06%) Self-Motivation
11 6 (1.77%) Cyberthreat
12 5 (1.47%) Data Protection Act
12 5 (1.47%) RSA SecurID
13 4 (1.18%) Mainframe
13 4 (1.18%) Online Banking
13 4 (1.18%) PMI
13 4 (1.18%) SCADA
13 4 (1.18%) Smart Meter
Operating Systems
1 70 (20.65%) Windows
2 50 (14.75%) Linux
3 22 (6.49%) Windows Server
4 21 (6.19%) Unix
5 16 (4.72%) Android
5 16 (4.72%) Apple iOS
6 12 (3.54%) Solaris
7 9 (2.65%) Red Hat Enterprise Linux
7 9 (2.65%) Windows 10
8 5 (1.47%) AIX
9 4 (1.18%) Kali Linux
10 3 (0.88%) zOS
11 1 (0.29%) CentOS
11 1 (0.29%) FreeBSD
11 1 (0.29%) OpenBSD
11 1 (0.29%) Ubuntu
11 1 (0.29%) Windows 2000 Server
11 1 (0.29%) Windows 7
11 1 (0.29%) Windows Server 2003
11 1 (0.29%) Windows Server 2008
Processes & Methodologies
1 126 (37.17%) Information Security
2 76 (22.42%) Security Testing
3 67 (19.76%) Agile Software Development
4 65 (19.17%) SIEM
5 54 (15.93%) Cybersecurity
6 48 (14.16%) Risk Management
7 46 (13.57%) Security Architecture
8 40 (11.80%) Vulnerability Scanning
9 37 (10.91%) Ethical Hacking
10 36 (10.62%) DevOps
11 33 (9.73%) Stakeholder Management
12 31 (9.14%) Risk Assessment
13 30 (8.85%) Open Source
13 30 (8.85%) Security Operations
14 29 (8.55%) Vulnerability Management
15 28 (8.26%) Test Automation
16 27 (7.96%) Migration
17 24 (7.08%) Data Protection
18 23 (6.78%) Secure Coding
19 22 (6.49%) Vulnerability Assessment
Programming Languages
1 42 (12.39%) Java
2 24 (7.08%) Python
3 12 (3.54%) C
3 12 (3.54%) SQL
4 11 (3.24%) C#
4 11 (3.24%) Perl
5 10 (2.95%) JavaScript
6 9 (2.65%) Bash Shell
6 9 (2.65%) Ruby
7 7 (2.06%) C++
7 7 (2.06%) PHP
8 6 (1.77%) Groovy
9 3 (0.88%) PowerShell
9 3 (0.88%) Shell Script
10 1 (0.29%) Scala
10 1 (0.29%) VB.NET
Qualifications
1 60 (17.70%) CISSP
2 50 (14.75%) Security Cleared
3 42 (12.39%) SC Cleared
4 29 (8.55%) Cisco Certification
4 29 (8.55%) CISM
5 25 (7.37%) Degree
6 21 (6.19%) CISA
7 19 (5.60%) CEH
8 16 (4.72%) OSCP
9 12 (3.54%) GIAC
10 10 (2.95%) Computer Science Degree
11 9 (2.65%) DV Cleared
11 9 (2.65%) SANS
12 8 (2.36%) (ISC)2 CCSP
12 8 (2.36%) CHECK Team Member
12 8 (2.36%) CREST Certified
13 7 (2.06%) CCNP
14 6 (1.77%) CCIE
14 6 (1.77%) CLAS
14 6 (1.77%) CSSLP
Quality Assurance & Compliance
1 48 (14.16%) ISO/IEC 27001
2 39 (11.50%) PCI DSS
3 29 (8.55%) GDPR
4 17 (5.01%) QA
5 10 (2.95%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
6 9 (2.65%) PSD2
7 5 (1.47%) Actionable Recommendations
8 4 (1.18%) Cyber Essentials
8 4 (1.18%) PMO
9 3 (0.88%) COBIT
10 2 (0.59%) ISO/IEC 27005
10 2 (0.59%) NIST 800
10 2 (0.59%) SLA
10 2 (0.59%) WCAG
11 1 (0.29%) GCP
11 1 (0.29%) HMG Security Policy Framework
11 1 (0.29%) ISO 31000
11 1 (0.29%) ISO 9001
11 1 (0.29%) RMADS
11 1 (0.29%) Sarbanes-Oxley
System Software
1 34 (10.03%) Active Directory
2 22 (6.49%) VMware Infrastructure
3 13 (3.83%) Docker
4 7 (2.06%) OpenAM
5 4 (1.18%) BitLocker
5 4 (1.18%) Virtual Machines
6 3 (0.88%) Hyper-V
7 2 (0.59%) VMware NSX
7 2 (0.59%) XenApp
7 2 (0.59%) XenDesktop
8 1 (0.29%) KVM
8 1 (0.29%) ProxySG
8 1 (0.29%) QEMU
8 1 (0.29%) VirtualBox
Systems Management
1 19 (5.60%) Nessus
2 14 (4.13%) Single Sign-On
3 12 (3.54%) Kubernetes
4 11 (3.24%) Microsoft Clustering
5 6 (1.77%) CSIRT
5 6 (1.77%) Opscode Chef
6 5 (1.47%) Computer Emergency Response Teams
6 5 (1.47%) McAfee ePO
6 5 (1.47%) QRadar
6 5 (1.47%) SCCM
7 4 (1.18%) Systems Management Server (SMS)
8 3 (0.88%) EnCase
8 3 (0.88%) Host Intrusion Detection System
8 3 (0.88%) Puppet
8 3 (0.88%) WebSphere Service Registry and Repository
9 2 (0.59%) Ansible
9 2 (0.59%) HP Quality Center
9 2 (0.59%) Microsoft Intune
9 2 (0.59%) Network Intrusion Detection System
9 2 (0.59%) OSSEC
Vendors
1 51 (15.04%) Microsoft
2 26 (7.67%) Cisco
3 25 (7.37%) VMware
4 14 (4.13%) Citrix
5 13 (3.83%) IBM
6 11 (3.24%) McAfee
7 10 (2.95%) ArcSight
8 8 (2.36%) Google
8 8 (2.36%) Splunk
9 7 (2.06%) Oracle
9 7 (2.06%) Qualys
10 6 (1.77%) Apigee
10 6 (1.77%) ForgeRock
10 6 (1.77%) Palo Alto
11 5 (1.47%) CyberArk
11 5 (1.47%) HP
11 5 (1.47%) Red Hat
11 5 (1.47%) Sitecore
12 4 (1.18%) CheckPoint
12 4 (1.18%) Trustwave