Period
to 18 July 2019

The following table provides summary statistics for contract job vacancies advertised in the South East with a requirement for Penetration Testing skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited Penetration Testing over the 6 months to 18 July 2019 with a comparison to the same period in the previous 2 years.

Note that daily and hourly rates are treated separately in these statistics. When calculating contractor rate percentiles, daily rates are never derived from quoted hourly rates or vice versa.

Penetration Testing
England > South East
6 months to
18 Jul 2019
Same period 2018 Same period 2017
Rank 295 324 309
Rank change year-on-year +29 -15 -3
Contract jobs citing Penetration Testing 65 60 55
As % of all contract IT jobs advertised in the South East 0.44% 0.35% 0.34%
As % of the Processes & Methodologies category 0.50% 0.41% 0.41%
Number of daily rates quoted 46 25 32
South East median daily rate £475 £510 £475
Median daily rate % change year-on-year -6.86% +7.37% +1.06%
10th Percentile £350 £361 £350
90th Percentile £560 £640 £575
England median daily rate £514 £500 £475
% change year-on-year +2.75% +5.26% -3.06%
Number of hourly rates quoted 1 0 4
South East median hourly rate £60.44 - £60.87
10th Percentile £60.22 - £58.51
90th Percentile £60.65 - £62.01
England median hourly rate £35.00 £41.00 £60.87
% change year-on-year -14.63% -32.64% +21.74%

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies advertised in the South East with a requirement for process or methodology skills.

All Process and Methodology Skills
South East
Contract vacancies with a requirement for process or methodology skills 12,998 14,669 13,442
As % of all contract IT jobs advertised in the South East 87.33% 85.99% 84.06%
Number of daily rates quoted 7,751 8,722 7,815
South East median daily rate £450 £435 £415
Median daily rate % change year-on-year +3.45% +4.82% +3.75%
10th Percentile £275 £280 £261
90th Percentile £606 £588 £561
England median daily rate £475 £463 £450
% change year-on-year +2.70% +2.78% +5.88%
Number of hourly rates quoted 494 522 522
South East median hourly rate £30.00 £25.00 £19.95
Median hourly rate % change year-on-year +20.00% +25.31% -16.88%
10th Percentile £12.00 £11.17 £11.64
90th Percentile £59.96 £51.25 £50.25
England median hourly rate £25.00 £22.00 £25.00
% change year-on-year +13.64% -12.00% +5.26%

Penetration Testing
Job Vacancy Trend in the South East

Job postings citing Penetration Testing as a percentage of all IT jobs advertised in the South East.

Job vacancy trend for Penetration Testing in the South East

Penetration Testing
Contractor Daily Rate Trend in the South East

This chart provides the 3-month moving average for daily rates quoted in contract jobs citing Penetration Testing in the South East.

Contractor daily rate trend for Penetration Testing in the South East

Penetration Testing
Contractor Daily Rate Histogram in the South East

The daily rate distribution of IT jobs citing Penetration Testing in the South East over the 6 months to 18 July 2019.

Contractor daily rate histogram for Penetration Testing in the South East

Penetration Testing
Contractor Hourly Rate Trend in the South East

This chart provides the 3-month moving average for contractor hourly rates quoted in IT jobs citing Penetration Testing in the South East.

Contractor hourly rate trend for Penetration Testing in the South East

Penetration Testing
Contract Job Locations in the South East

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Testing within the South East region over the 6 months to 18 July 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Past 6 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Job
Vacancies
Thames Valley +21 28 £520 -9.57% 8
Hampshire +15 23 £458 +22.00% 1
Buckinghamshire +28 16 £520 -5.45% 3
Berkshire -22 10 £350 -39.13% 5
Surrey +32 6 £450 -21.74% 5
East Sussex - 4 £475 - 2
Oxfordshire +27 2 £363 -
West Sussex +15 2 £400 -20.79% 2
Penetration Testing
England

For the 6 months to 18 July 2019, IT contractor jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all contract job ads across the South East region with a requirement for Penetration Testing.

1 32 (49.23%) Information Security
2 25 (38.46%) ISO/IEC 27001
3 24 (36.92%) Firewall
4 23 (35.38%) CISSP
4 23 (35.38%) Cybersecurity
5 18 (27.69%) Security Testing
6 16 (24.62%) OWASP
6 16 (24.62%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
6 16 (24.62%) SANS
7 15 (23.08%) Vulnerability Management
8 14 (21.54%) Security Architecture
8 14 (21.54%) GIAC
8 14 (21.54%) Patch Management
9 13 (20.00%) Security Patching
9 13 (20.00%) Java
10 12 (18.46%) CLAS
11 11 (16.92%) React
11 11 (16.92%) GDPR
11 11 (16.92%) JavaScript
11 11 (16.92%) PHP
11 11 (16.92%) Windows
11 11 (16.92%) Microsoft
11 11 (16.92%) Apple iOS
11 11 (16.92%) AngularJS
11 11 (16.92%) Mobile App
11 11 (16.92%) Android
11 11 (16.92%) Spring
12 10 (15.38%) PCI DSS
12 10 (15.38%) jQuery
12 10 (15.38%) Python

Penetration Testing
Co-occurring IT Skills in the South East by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 3 (4.62%) SharePoint
1 3 (4.62%) WordPress
2 2 (3.08%) Apache Pig
2 2 (3.08%) GlassFish
2 2 (3.08%) WebLogic
3 1 (1.54%) Confluence
3 1 (1.54%) Exchange Server 2013
3 1 (1.54%) IIS
3 1 (1.54%) MS Exchange
3 1 (1.54%) SharePoint 2013
Applications
1 3 (4.62%) Microsoft Office
Cloud Services
1 7 (10.77%) Microsoft Azure
2 6 (9.23%) Amazon AWS
3 2 (3.08%) Google Cloud Platform
3 2 (3.08%) PaaS
4 1 (1.54%) Azure Functions
4 1 (1.54%) Cloud Computing
4 1 (1.54%) GitHub
4 1 (1.54%) SaaS
4 1 (1.54%) Serverless
4 1 (1.54%) ShareGate
Communications & Networking
1 24 (36.92%) Firewall
2 7 (10.77%) Network Security
3 4 (6.15%) Internet
3 4 (6.15%) WAN
4 3 (4.62%) Broadband
4 3 (4.62%) VPN
4 3 (4.62%) Wi-Fi
5 2 (3.08%) 2.5G
5 2 (3.08%) 2G
5 2 (3.08%) 3G
5 2 (3.08%) 4G
5 2 (3.08%) 5G
5 2 (3.08%) DNS
5 2 (3.08%) Wireless
6 1 (1.54%) DHCP
6 1 (1.54%) Intrusion Detection
6 1 (1.54%) SSL
6 1 (1.54%) VLAN
6 1 (1.54%) Wireless Security
6 1 (1.54%) Wireshark
Database & Business Intelligence
1 3 (4.62%) SQL Server
2 2 (3.08%) Apache Hive
2 2 (3.08%) Big Data
2 2 (3.08%) Hadoop
2 2 (3.08%) Oracle Database
2 2 (3.08%) Oracle Reports
3 1 (1.54%) Azure SQL Database
Development Applications
1 7 (10.77%) Burp Suite
2 3 (4.62%) sqlmap
3 2 (3.08%) Team Foundation Server
4 1 (1.54%) Fiddler
4 1 (1.54%) Jenkins
4 1 (1.54%) JIRA
4 1 (1.54%) LoadRunner
4 1 (1.54%) Metasploit
4 1 (1.54%) SonarQube
4 1 (1.54%) Visual Studio
4 1 (1.54%) Visual Studio Team System
General
1 8 (12.31%) Retail
2 7 (10.77%) Telecoms
3 4 (6.15%) Finance
4 1 (1.54%) Back Office
4 1 (1.54%) Banking
4 1 (1.54%) Games
4 1 (1.54%) Manufacturing
Job Titles
1 14 (21.54%) Architect
1 14 (21.54%) Security Architect
2 13 (20.00%) Security Engineer
3 10 (15.38%) Consultant
3 10 (15.38%) Security Consultant
4 9 (13.85%) Analyst
5 7 (10.77%) Penetration Tester
5 7 (10.77%) Security Analyst
5 7 (10.77%) Tester
6 6 (9.23%) Applications Engineer
7 5 (7.69%) CISSP Architect
7 5 (7.69%) CLAS Architect
8 4 (6.15%) Information Manager
8 4 (6.15%) Information Security Consultant
8 4 (6.15%) Information Security Manager
8 4 (6.15%) Project Manager
8 4 (6.15%) Security Manager
8 4 (6.15%) Security Specialist
9 3 (4.62%) Information Security Project Manager
9 3 (4.62%) Security Project Manager
Libraries, Frameworks & Software Standards
1 11 (16.92%) AngularJS
1 11 (16.92%) React
1 11 (16.92%) Spring
2 10 (15.38%) jQuery
3 9 (13.85%) .NET
4 6 (9.23%) OAuth
4 6 (9.23%) OpenID
5 5 (7.69%) SAML
6 2 (3.08%) HTML
6 2 (3.08%) Middleware
7 1 (1.54%) ASP.NET
7 1 (1.54%) CSS
7 1 (1.54%) Node.js
7 1 (1.54%) OAuth2
7 1 (1.54%) Spring Boot
7 1 (1.54%) STL
7 1 (1.54%) Web Services
Miscellaneous
1 11 (16.92%) Mobile App
2 6 (9.23%) Management Information System
3 4 (6.15%) Data Protection Act
4 3 (4.62%) Analytical Skills
4 3 (4.62%) Cyberattack
4 3 (4.62%) Cybercrime
4 3 (4.62%) Private Cloud
5 2 (3.08%) Mainframe
5 2 (3.08%) Security Operations Centre
6 1 (1.54%) CESG
6 1 (1.54%) Distributed Denial-of-Service
6 1 (1.54%) Self-Motivation
Operating Systems
1 11 (16.92%) Android
1 11 (16.92%) Apple iOS
1 11 (16.92%) Windows
2 9 (13.85%) Linux
3 3 (4.62%) Windows Server
4 2 (3.08%) Mac OS X
5 1 (1.54%) Kali Linux
5 1 (1.54%) Mac OS
5 1 (1.54%) Windows Server 2012
Processes & Methodologies
1 32 (49.23%) Information Security
2 23 (35.38%) Cybersecurity
3 18 (27.69%) Security Testing
4 16 (24.62%) OWASP
5 15 (23.08%) Vulnerability Management
6 14 (21.54%) Patch Management
6 14 (21.54%) Security Architecture
7 13 (20.00%) Security Patching
8 10 (15.38%) Threat Modelling
9 9 (13.85%) Security Management
10 8 (12.31%) Agile Software Development
10 8 (12.31%) Microservices
10 8 (12.31%) Risk Management
11 6 (9.23%) Data Protection
11 6 (9.23%) TOGAF
12 5 (7.69%) Business Continuity
12 5 (7.69%) Continuous Improvement
13 4 (6.15%) IT Governance
13 4 (6.15%) Project Management
13 4 (6.15%) Scrum
Programming Languages
1 13 (20.00%) Java
2 11 (16.92%) JavaScript
2 11 (16.92%) PHP
3 10 (15.38%) C#
3 10 (15.38%) Python
4 8 (12.31%) Objective-C
5 7 (10.77%) Apple Swift
5 7 (10.77%) C++
6 5 (7.69%) C
7 3 (4.62%) Perl
8 2 (3.08%) PowerShell
9 1 (1.54%) Java 8
Qualifications
1 23 (35.38%) CISSP
2 16 (24.62%) SANS
3 14 (21.54%) GIAC
4 12 (18.46%) CLAS
5 7 (10.77%) CISA
5 7 (10.77%) CISM
5 7 (10.77%) SC Cleared
5 7 (10.77%) Security Cleared
6 5 (7.69%) OSCP
7 4 (6.15%) CCNA
7 4 (6.15%) CEH
7 4 (6.15%) Cisco Certification
7 4 (6.15%) CompTIA Security+
7 4 (6.15%) CREST Certified
7 4 (6.15%) Degree
7 4 (6.15%) TOGAF Certification
8 3 (4.62%) CCNP
8 3 (4.62%) Microsoft Certification
9 2 (3.08%) CESG Certified Professional
9 2 (3.08%) DV Cleared
Quality Assurance & Compliance
1 25 (38.46%) ISO/IEC 27001
2 16 (24.62%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
3 11 (16.92%) GDPR
4 10 (15.38%) PCI DSS
5 6 (9.23%) NIST
6 3 (4.62%) QA
7 2 (3.08%) RMADS
7 2 (3.08%) SLA
8 1 (1.54%) FedRAMP
8 1 (1.54%) GLBA
System Software
1 4 (6.15%) Active Directory
2 3 (4.62%) Virtual Machines
3 1 (1.54%) VMware Infrastructure
Systems Management
1 5 (7.69%) Nessus
2 3 (4.62%) Single Sign-On
3 1 (1.54%) Kubernetes
Vendors
1 11 (16.92%) Microsoft
2 5 (7.69%) McAfee
2 5 (7.69%) Qualys
2 5 (7.69%) Rapid7
3 3 (4.62%) Cisco
3 3 (4.62%) Meraki
3 3 (4.62%) Sophos
4 2 (3.08%) Oracle
5 1 (1.54%) Atlassian
5 1 (1.54%) CheckPoint
5 1 (1.54%) Citrix
5 1 (1.54%) Google
5 1 (1.54%) Palo Alto
5 1 (1.54%) Sonatype
5 1 (1.54%) Splunk
5 1 (1.54%) Trend Micro
5 1 (1.54%) Tripwire
5 1 (1.54%) VMware