The following table provides summary statistics for contract job vacancies with a requirement for OSSTMM skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited OSSTMM over the 3 months to 28 March 2017 with a comparison to the same period in the previous 2 years.

Note that daily and hourly rates are treated separately in these statistics. When calculating contractor rate percentiles, daily rates are never derived from quoted hourly rates or vice versa.

Open Source Security Testing Methodology Manual (OSSTMM)
UK
3 months to
28 Mar 2017
Same period 2016 Same period 2015
Rank 607 - 641
Rank change year-on-year - 0  
Contract jobs citing OSSTMM 1 0 1
As % of all contract IT jobs advertised in the UK 0.002% - 0.002%
As % of the Processes & Methodologies category 0.003% - 0.002%
Number of daily rates quoted 0 0 1
Median daily rate - - £525
UK excluding London median daily rate - - £525
Number of hourly rates quoted 0 0 0
Median hourly rate - - -
UK excluding London median hourly rate - - -

OSSTMM is in the process and methodology skills category. The next table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for process and methodology skills.

Contract Process & Methodology Skills
UK
Contract job vacancies with a requirement for process and methodology skills 37483 44400 43069
As % of all contract IT job vacancies advertised in the UK 83.14% 82.87% 79.71%
Number of daily rates quoted 24787 29149 26680
Median daily rate £450 £425 £419
Median daily rate % change year-on-year +5.88% +1.55%  
90% offered a daily rate of more than £300 £300 £275
10% offered a daily rate of more than £600 £600 £575
UK excluding London median daily rate £410 £400 £396
% change year-on-year +2.50% +1.01%  
Number of hourly rates quoted 946 1114 1248
Median hourly rate £35.75 £37.50 £28.69
Median hourly rate % change year-on-year -4.66% +30.70%  
90% offered a hourly rate of more than £13.00 £13.00 £12.10
10% offered a hourly rate of more than £53.00 £55.00 £49.50
UK excluding London median hourly rate £36.00 £38.50 £30.20
% change year-on-year -6.49% +27.48%  

OSSTMM
Job Vacancy Trend

The job posting trend of jobs advertised citing OSSTMM as a proportion of all contract or permanent IT jobs with a match in the Processes & Methodologies category.

Job vacancy trend for OSSTMM in the UK

OSSTMM
Contractor Daily Rate Trend

This chart provides the 3-month moving average for daily rates quoted in contract jobs citing OSSTMM.

Contractor daily rate trend for OSSTMM in the UK

OSSTMM
Top 2 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing OSSTMM within the UK over the 3 months to 28 March 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 3 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Last 3 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Job
Vacancies
London - 1 - -
England - 1 - -

OSSTMM
Top 30 Co-occurring IT Skills

For the 6 months to 28 March 2017, IT contractor jobs citing OSSTMM also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all contract ads with a requirement for OSSTMM.

1 5 (100.00%) Penetration Testing
1 5 (100.00%) OSCP
1 5 (100.00%) CREST Certified
1 5 (100.00%) SANS
2 3 (60.00%) Data Flow Diagram
2 3 (60.00%) Web Application Security Consortium
2 3 (60.00%) Computer Emergency Response Teams
2 3 (60.00%) Threat Modelling
2 3 (60.00%) OWASP
2 3 (60.00%) Security Architecture
2 3 (60.00%) Vulnerability Assessment
2 3 (60.00%) Security Testing
2 3 (60.00%) Network Security
3 2 (40.00%) DV Cleared
3 2 (40.00%) Security Cleared
3 2 (40.00%) IPv6
3 2 (40.00%) Nessus
3 2 (40.00%) CEH
3 2 (40.00%) Windows
3 2 (40.00%) Linux
3 2 (40.00%) GIAC
3 2 (40.00%) GPEN
3 2 (40.00%) QA
3 2 (40.00%) OSCE
3 2 (40.00%) Mentoring
3 2 (40.00%) Analytical Skills
3 2 (40.00%) Burp Suite
3 2 (40.00%) Kali Linux
3 2 (40.00%) CHECK Team Member
4 1 (20.00%) OOD

OSSTMM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Communications & Networking
1 3 (60.00%) Network Security
2 2 (40.00%) IPv6
Development Applications
1 2 (40.00%) Burp Suite
Job Titles
1 3 (60.00%) Architect
1 3 (60.00%) Security Architect
2 2 (40.00%) Infrastructure Tester
2 2 (40.00%) Penetration Tester
2 2 (40.00%) Tester
3 1 (20.00%) Consultant
3 1 (20.00%) Security Consultant
Miscellaneous
1 2 (40.00%) Analytical Skills
Operating Systems
1 2 (40.00%) Kali Linux
1 2 (40.00%) Linux
1 2 (40.00%) Windows
Processes & Methodologies
1 5 (100.00%) Penetration Testing
2 3 (60.00%) Data Flow Diagram
2 3 (60.00%) OWASP
2 3 (60.00%) Security Architecture
2 3 (60.00%) Security Testing
2 3 (60.00%) Threat Modelling
2 3 (60.00%) Vulnerability Assessment
3 2 (40.00%) Mentoring
4 1 (20.00%) OOD
Qualifications
1 5 (100.00%) CREST Certified
1 5 (100.00%) OSCP
1 5 (100.00%) SANS
2 2 (40.00%) CEH
2 2 (40.00%) CHECK Team Member
2 2 (40.00%) DV Cleared
2 2 (40.00%) GIAC
2 2 (40.00%) GPEN
2 2 (40.00%) OSCE
2 2 (40.00%) Security Cleared
Quality Assurance & Compliance
1 3 (60.00%) Web Application Security Consortium
2 2 (40.00%) QA
Systems Management
1 3 (60.00%) Computer Emergency Response Teams
2 2 (40.00%) Nessus