Period
to 18 November 2017

The following table provides summary statistics for contract job vacancies advertised in England with a requirement for Penetration Testing skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited Penetration Testing over the 6 months to 18 November 2017 with a comparison to the same period in the previous 2 years.

Note that daily and hourly rates are treated separately in these statistics. When calculating contractor rate percentiles, daily rates are never derived from quoted hourly rates or vice versa.

Penetration Testing
UK > England
6 months to
18 Nov 2017
Same period 2016 Same period 2015
Rank 470 452 560
Rank change year-on-year -18 +108 +17
Contract jobs citing Penetration Testing 402 489 317
As % of all contract IT jobs advertised in England 0.43% 0.50% 0.30%
As % of the Processes & Methodologies category 0.51% 0.59% 0.37%
Number of daily rates quoted 243 327 224
England median daily rate £490 £450 £443
Median daily rate % change year-on-year +8.89% +1.69% -1.67%
10th Percentile £350 £350 £300
90th Percentile £623 £625 £579
UK median daily rate £490 £460 £450
% change year-on-year +6.52% +2.22% -
Number of hourly rates quoted 3 1 0
England median hourly rate £60.87 £35.00 -
Median hourly rate % change year-on-year +73.91% - -
UK median hourly rate £60.87 £35.00 £45.00
% change year-on-year +73.91% -22.22% -25.00%

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies advertised in England with a requirement for process or methodology skills.

All Process and Methodology Skills
England
Contract vacancies with a requirement for process or methodology skills 79501 82625 86049
As % of all contract IT jobs advertised in England 84.69% 84.18% 81.94%
Number of daily rates quoted 53476 55123 56736
England median daily rate £450 £425 £420
Median daily rate % change year-on-year +5.88% +1.19% +5.00%
10th Percentile £288 £265 £263
90th Percentile £638 £613 £600
UK median daily rate £450 £425 £413
% change year-on-year +5.88% +3.03% +3.13%
Number of hourly rates quoted 1856 2135 2506
England median hourly rate £24.00 £24.41 £22.50
Median hourly rate % change year-on-year -1.68% +8.49% +18.42%
10th Percentile £11.38 £11.50 £11.50
90th Percentile £50.00 £48.75 £47.50
UK median hourly rate £23.63 £24.00 £22.50
% change year-on-year -1.56% +6.67% +18.42%

Penetration Testing
Job Vacancy Trend in England

Job postings citing Penetration Testing as a percentage of all IT jobs advertised in England.

Job vacancy trend for Penetration Testing in England

Penetration Testing
Contractor Daily Rate Trend in England

This chart provides the 3-month moving average for daily rates quoted in contract jobs citing Penetration Testing in England.

Contractor daily rate trend for Penetration Testing in England

Penetration Testing
Contractor Daily Rate Histogram in England

The daily rate distribution of IT jobs citing Penetration Testing in England over the 6 months to 18 November 2017.

Contractor daily rate histogram for Penetration Testing in England

Penetration Testing
Contractor Hourly Rate Trend in England

This chart provides the 3-month moving average for contractor hourly rates quoted in IT jobs citing Penetration Testing in England.

Contractor hourly rate trend for Penetration Testing in England

Penetration Testing
Contract Job Locations in England

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Testing within the England region over the 6 months to 18 November 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Past 6 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Job
Vacancies
London -20 219 £500 +11.11% 22
South East -48 54 £500 - 12
North of England +57 41 £400 +6.67% 10
East of England -18 33 £524 +23.35% 2
Midlands +25 28 £475 +18.75% 2
West Midlands +39 26 £475 +18.75% 1
North West +25 24 £400 -8.05% 2
South West +11 19 £350 - 4
Yorkshire +15 11 £400 +14.29% 7
North East +62 6 £320 -1.54% 1
East Midlands +2 2 £450 +10.43% 1
Penetration Testing
UK

For the 6 months to 18 November 2017, IT contractor jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all contract ads across the England region with a requirement for Penetration Testing.

1 140 (34.83%) Information Security
2 119 (29.60%) Cybersecurity
3 99 (24.63%) CISSP
4 90 (22.39%) Firewall
5 85 (21.14%) Agile Software Development
5 85 (21.14%) Linux
6 83 (20.65%) SIEM
7 80 (19.90%) ISO/IEC 27001
8 79 (19.65%) Vulnerability Management
9 72 (17.91%) OWASP
9 72 (17.91%) Windows
10 71 (17.66%) Finance
11 63 (15.67%) Security Testing
12 57 (14.18%) CISM
13 56 (13.93%) Cyberthreat
14 52 (12.94%) Security Operations
15 49 (12.19%) Risk Management
15 49 (12.19%) Ethical Hacking
15 49 (12.19%) Network Security
16 47 (11.69%) Java
17 45 (11.19%) Incident Management
18 44 (10.95%) Degree
18 44 (10.95%) ITIL
19 43 (10.70%) Analytics
20 42 (10.45%) Unix
21 41 (10.20%) Test Automation
22 40 (9.95%) Management Information System
23 38 (9.45%) Vulnerability Assessment
23 38 (9.45%) Vulnerability Scanning
24 37 (9.20%) PCI DSS

Penetration Testing
Co-occurring IT Skills in England by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 10 (2.49%) nginx
2 8 (1.99%) IIS
3 7 (1.74%) Liferay
4 4 (1.00%) CMS
4 4 (1.00%) SharePoint
4 4 (1.00%) TYPO3
4 4 (1.00%) Umbraco
4 4 (1.00%) WordPress
5 3 (0.75%) OpenStack
5 3 (0.75%) Tomcat
6 1 (0.25%) Confluence
Applications
1 5 (1.24%) Microsoft Excel
2 4 (1.00%) Microsoft Office
2 4 (1.00%) MS Visio
3 2 (0.50%) Microsoft PowerPoint
4 1 (0.25%) Microsoft Project
Business Applications
1 10 (2.49%) Oracle Utilities
2 1 (0.25%) Oracle Financials
Cloud Services
1 32 (7.96%) Amazon AWS
2 15 (3.73%) IaaS
3 13 (3.23%) Microsoft Azure
4 6 (1.49%) GitHub
4 6 (1.49%) PaaS
5 5 (1.24%) Cloud Computing
5 5 (1.24%) IBM Cloud
6 4 (1.00%) AWS CloudFormation
6 4 (1.00%) SaaS
7 3 (0.75%) Amazon ELB
7 3 (0.75%) Amazon S3
7 3 (0.75%) Mimecast
7 3 (0.75%) Route 53
8 2 (0.50%) Office 365
8 2 (0.50%) Virtual Private Cloud
9 1 (0.25%) G Suite
Communications & Networking
1 90 (22.39%) Firewall
2 49 (12.19%) Network Security
3 27 (6.72%) TCP/IP
4 23 (5.72%) Intrusion Detection
5 21 (5.22%) Internet
6 19 (4.73%) LAN
6 19 (4.73%) WAN
7 17 (4.23%) VPN
8 16 (3.98%) VLAN
9 12 (2.99%) DHCP
9 12 (2.99%) SAN
10 11 (2.74%) MPLS
10 11 (2.74%) NAS
10 11 (2.74%) Wi-Fi
11 9 (2.24%) DNS
11 9 (2.24%) IPsec
11 9 (2.24%) Reverse Proxy
11 9 (2.24%) SSL
12 8 (1.99%) LDAP
12 8 (1.99%) VoIP
Database & Business Intelligence
1 19 (4.73%) MongoDB
2 8 (1.99%) PostgreSQL
3 4 (1.00%) Maltego
4 3 (0.75%) Big Data
4 3 (0.75%) SQL Server
5 2 (0.50%) Data Warehouse
5 2 (0.50%) DB2
5 2 (0.50%) RDBMS
5 2 (0.50%) Relational Database
6 1 (0.25%) Amazon DynamoDB
6 1 (0.25%) MySQL
Development Applications
1 34 (8.46%) Jenkins
2 17 (4.23%) Selenium
3 14 (3.48%) Cucumber
4 11 (2.74%) AppScan
4 11 (2.74%) Burp Suite
4 11 (2.74%) Git (software)
5 10 (2.49%) JIRA
6 8 (1.99%) WebDriver
7 7 (1.74%) CircleCI
7 7 (1.74%) JMeter
7 7 (1.74%) JUnit
7 7 (1.74%) Metasploit
7 7 (1.74%) RSpec
7 7 (1.74%) Travis CI
8 6 (1.49%) Visual Studio
9 5 (1.24%) LoadRunner
10 4 (1.00%) Subversion
11 3 (0.75%) Gatling
11 3 (0.75%) Maven
11 3 (0.75%) SoapUI
General
1 71 (17.66%) Finance
2 24 (5.97%) Banking
3 21 (5.22%) Telecoms
4 20 (4.98%) Retail
5 19 (4.73%) Legal
6 10 (2.49%) Law
7 7 (1.74%) Games
8 6 (1.49%) Billing
9 4 (1.00%) Electronics
10 3 (0.75%) Marketing
11 2 (0.50%) Financial Institution
11 2 (0.50%) Manufacturing
12 1 (0.25%) Automotive
12 1 (0.25%) Local Government
12 1 (0.25%) Pharmaceutical
Job Titles
1 108 (26.87%) Analyst
2 72 (17.91%) Security Analyst
3 66 (16.42%) Consultant
4 62 (15.42%) Security Consultant
5 46 (11.44%) Tester
6 37 (9.20%) Penetration Tester
7 32 (7.96%) Application Security Analyst
8 28 (6.97%) Security Engineer
9 25 (6.22%) Security Specialist
10 22 (5.47%) Architect
11 21 (5.22%) Information Security Consultant
12 20 (4.98%) IT Analyst
12 20 (4.98%) Security Architect
13 19 (4.73%) Business Analyst
13 19 (4.73%) Network Engineer
14 17 (4.23%) Security Manager
15 16 (3.98%) IT Security Analyst
16 14 (3.48%) Information Analyst
16 14 (3.48%) Information Security Analyst
16 14 (3.48%) Technical Analyst
Libraries, Frameworks & Software Standards
1 17 (4.23%) Web Services
2 15 (3.73%) .NET
3 6 (1.49%) ActiveMQ
4 5 (1.24%) HTML
4 5 (1.24%) SAML
5 4 (1.00%) CSS
6 3 (0.75%) Middleware
6 3 (0.75%) Spring
7 2 (0.50%) .NET Framework
7 2 (0.50%) ASP.NET
7 2 (0.50%) Java EE
7 2 (0.50%) Node.js
7 2 (0.50%) REST
8 1 (0.25%) 802.1X
8 1 (0.25%) CGI
8 1 (0.25%) JSON
8 1 (0.25%) Memcached
8 1 (0.25%) SOAP
8 1 (0.25%) Velocity
8 1 (0.25%) XML
Miscellaneous
1 56 (13.93%) Cyberthreat
2 40 (9.95%) Management Information System
3 29 (7.21%) Distributed Denial-of-Service
4 26 (6.47%) Analytical Skills
4 26 (6.47%) PKI
5 22 (5.47%) Data Centre
6 12 (2.99%) Linux Command Line
7 10 (2.49%) Wiki
8 8 (1.99%) Mobile App
9 7 (1.74%) Cyber Attack
9 7 (1.74%) Security Operations Centre
10 6 (1.49%) Algorithms
10 6 (1.49%) Computer Science
11 4 (1.00%) Cyber Defence
11 4 (1.00%) Data Protection Act
11 4 (1.00%) FMCG
11 4 (1.00%) Online Banking
11 4 (1.00%) Public Cloud
11 4 (1.00%) User Experience
12 3 (0.75%) Virtual Team
Operating Systems
1 85 (21.14%) Linux
2 72 (17.91%) Windows
3 42 (10.45%) Unix
4 12 (2.99%) Windows Server
5 10 (2.49%) AIX
6 8 (1.99%) Kali Linux
7 6 (1.49%) Red Hat Enterprise Linux
8 4 (1.00%) Android
8 4 (1.00%) Apple iOS
8 4 (1.00%) Mac OS X
9 3 (0.75%) Ubuntu
9 3 (0.75%) Windows 10
10 2 (0.50%) CentOS
10 2 (0.50%) zOS
11 1 (0.25%) Solaris
11 1 (0.25%) Windows NT
Processes & Methodologies
1 140 (34.83%) Information Security
2 119 (29.60%) Cybersecurity
3 85 (21.14%) Agile Software Development
4 83 (20.65%) SIEM
5 79 (19.65%) Vulnerability Management
6 72 (17.91%) OWASP
7 63 (15.67%) Security Testing
8 52 (12.94%) Security Operations
9 49 (12.19%) Ethical Hacking
9 49 (12.19%) Risk Management
10 45 (11.19%) Incident Management
11 44 (10.95%) ITIL
12 43 (10.70%) Analytics
13 41 (10.20%) Test Automation
14 38 (9.45%) Vulnerability Assessment
14 38 (9.45%) Vulnerability Scanning
15 35 (8.71%) SDLC
16 31 (7.71%) BDD
17 29 (7.21%) Security Architecture
18 26 (6.47%) Continuous Improvement
Programming Languages
1 47 (11.69%) Java
2 35 (8.71%) Python
3 23 (5.72%) Ruby
3 23 (5.72%) SQL
4 18 (4.48%) PHP
5 14 (3.48%) C#
6 13 (3.23%) JavaScript
7 12 (2.99%) Bash Shell
8 10 (2.49%) C
9 9 (2.24%) C++
10 8 (1.99%) Perl
11 7 (1.74%) Scala
12 4 (1.00%) C-shell
12 4 (1.00%) Korn
12 4 (1.00%) Shell Script
13 3 (0.75%) COBOL
13 3 (0.75%) Groovy
14 2 (0.50%) VB.NET
15 1 (0.25%) Assembly Language
15 1 (0.25%) Go
Qualifications
1 99 (24.63%) CISSP
2 57 (14.18%) CISM
3 44 (10.95%) Degree
4 32 (7.96%) CEH
5 31 (7.71%) CREST Certified
6 27 (6.72%) Security Cleared
7 25 (6.22%) CRISC
8 23 (5.72%) CISA
9 17 (4.23%) SC Cleared
10 15 (3.73%) CompTIA Security+
10 15 (3.73%) MCSE
10 15 (3.73%) Microsoft Certification
10 15 (3.73%) Security+ Certification
11 14 (3.48%) CHECK Team Member
12 13 (3.23%) Cisco Certification
13 11 (2.74%) SANS
14 10 (2.49%) CASP
14 10 (2.49%) SSCP
15 8 (1.99%) CGEIT
15 8 (1.99%) GIAC
Quality Assurance & Compliance
1 80 (19.90%) ISO/IEC 27001
2 37 (9.20%) PCI DSS
3 21 (5.22%) GDPR
4 20 (4.98%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
5 17 (4.23%) COBIT
6 12 (2.99%) QA
7 10 (2.49%) WCAG
8 7 (1.74%) Cyber Essentials
8 7 (1.74%) NIST 800
9 6 (1.49%) Sarbanes-Oxley
10 3 (0.75%) Data Quality
10 3 (0.75%) RMADS
10 3 (0.75%) WAI
11 2 (0.50%) Cyber Essentials PLUS
11 2 (0.50%) HMG Security Policy Framework
12 1 (0.25%) CESG Infosec
12 1 (0.25%) GAAP
12 1 (0.25%) ISAE 3402
12 1 (0.25%) JSP 440
12 1 (0.25%) PMO
System Software
1 21 (5.22%) Active Directory
2 18 (4.48%) VMware Infrastructure
3 8 (1.99%) ProxySG
4 6 (1.49%) Docker
5 5 (1.24%) Virtual Machines
5 5 (1.24%) VMware ESXi
5 5 (1.24%) VMware NSX
6 4 (1.00%) Virtual Servers
7 3 (0.75%) XenApp
7 3 (0.75%) XenDesktop
8 2 (0.50%) RACF
9 1 (0.25%) BitLocker
9 1 (0.25%) vSphere
Systems Management
1 22 (5.47%) Puppet
2 13 (3.23%) Nessus
3 12 (2.99%) HP Fortify
4 10 (2.49%) Opscode Chef
4 10 (2.49%) Terraform
5 7 (1.74%) Ansible
6 5 (1.24%) BMC PATROL
6 5 (1.24%) CA Single Sign-On
6 5 (1.24%) Nmap
6 5 (1.24%) QRadar
6 5 (1.24%) Systems Management Server (SMS)
7 3 (0.75%) Nexpose
7 3 (0.75%) Red Hat Satellite
8 2 (0.50%) AirWatch
8 2 (0.50%) Microsoft Clustering
8 2 (0.50%) zSecure
9 1 (0.25%) CSIRT
9 1 (0.25%) Kibana
9 1 (0.25%) Kubernetes
9 1 (0.25%) Mesos
Vendors
1 35 (8.71%) Microsoft
2 27 (6.72%) Oracle
3 23 (5.72%) Cisco
4 22 (5.47%) Splunk
5 21 (5.22%) VMware
6 19 (4.73%) Citrix
7 18 (4.48%) HP
8 15 (3.73%) ArcSight
8 15 (3.73%) CheckPoint
8 15 (3.73%) Juniper
8 15 (3.73%) Qualys
9 14 (3.48%) IBM
9 14 (3.48%) Palo Alto
10 8 (1.99%) Blue Coat
11 7 (1.74%) Black Duck
11 7 (1.74%) Red Hat
11 7 (1.74%) SolarWinds
12 6 (1.49%) BMC
12 6 (1.49%) CA
13 5 (1.24%) Nokia