The following table provides summary statistics for contract job vacancies with a requirement for OSSTMM skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited OSSTMM over the 3 months to 27 June 2017 with a comparison to the same period in the previous 2 years.

Note that daily and hourly rates are treated separately in these statistics. When calculating contractor rate percentiles, daily rates are never derived from quoted hourly rates or vice versa.

Open Source Security Testing Methodology Manual (OSSTMM)
UK
3 months to
27 Jun 2017
Same period 2016 Same period 2015
Rank - 651 -
Contract jobs citing OSSTMM 0 3 0
As % of all contract IT jobs advertised in the UK - 0.006% -
As % of the Processes & Methodologies category - 0.007% -
Number of daily rates quoted 0 2 0
Median daily rate - £514 -
UK excluding London median daily rate - £514 -
Number of hourly rates quoted 0 0 0
Median hourly rate - - -
UK excluding London median hourly rate - - -

OSSTMM is in the process and methodology skills category. The next table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for process and methodology skills.

Contract Process & Methodology Skills
UK
Contract job vacancies with a requirement for process and methodology skills 39792 44999 44543
As % of all contract IT job vacancies advertised in the UK 84.45% 83.35% 80.76%
Number of daily rates quoted 25913 29844 28605
Median daily rate £450 £438 £413
Median daily rate % change year-on-year +2.85% +6.06%  
90% offered a daily rate of more than £313 £300 £285
10% offered a daily rate of more than £600 £600 £575
UK excluding London median daily rate £415 £400 £385
% change year-on-year +3.75% +3.89%  
Number of hourly rates quoted 1055 1094 1232
Median hourly rate £32.50 £28.00 £27.50
Median hourly rate % change year-on-year +16.07% +1.81%  
90% offered a hourly rate of more than £13.00 £12.58 £12.35
10% offered a hourly rate of more than £54.00 £48.00 £50.00
UK excluding London median hourly rate £34.00 £28.50 £30.00
% change year-on-year +19.29% -5.00%  

OSSTMM
Job Vacancy Trend

The job posting trend of jobs advertised citing OSSTMM as a proportion of all contract or permanent IT jobs with a match in the Processes & Methodologies category.

Job vacancy trend for OSSTMM in the UK

OSSTMM
Contractor Daily Rate Trend

This chart provides the 3-month moving average for daily rates quoted in contract jobs citing OSSTMM.

Contractor daily rate trend for OSSTMM in the UK

For the 6 months to 27 June 2017, IT contractor jobs citing OSSTMM also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all contract ads with a requirement for OSSTMM.

1 3 (100.00%) Vulnerability Assessment
1 3 (100.00%) Penetration Testing
1 3 (100.00%) Security Testing
1 3 (100.00%) Network Security
1 3 (100.00%) OWASP
1 3 (100.00%) Security Architecture
1 3 (100.00%) OSCP
1 3 (100.00%) Threat Modelling
1 3 (100.00%) CREST Certified
1 3 (100.00%) SANS
1 3 (100.00%) Data Flow Diagram
1 3 (100.00%) Web Application Security Consortium
1 3 (100.00%) Computer Emergency Response Teams
2 2 (66.67%) Analytical Skills
2 2 (66.67%) DV Cleared
2 2 (66.67%) Security Cleared
3 1 (33.33%) OOD

OSSTMM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Communications & Networking
1 3 (100.00%) Network Security
Job Titles
1 3 (100.00%) Architect
1 3 (100.00%) Security Architect
2 1 (33.33%) Consultant
2 1 (33.33%) Security Consultant
Miscellaneous
1 2 (66.67%) Analytical Skills
Processes & Methodologies
1 3 (100.00%) Data Flow Diagram
1 3 (100.00%) OWASP
1 3 (100.00%) Penetration Testing
1 3 (100.00%) Security Architecture
1 3 (100.00%) Security Testing
1 3 (100.00%) Threat Modelling
1 3 (100.00%) Vulnerability Assessment
2 1 (33.33%) OOD
Qualifications
1 3 (100.00%) CREST Certified
1 3 (100.00%) OSCP
1 3 (100.00%) SANS
2 2 (66.67%) DV Cleared
2 2 (66.67%) Security Cleared
Quality Assurance & Compliance
1 3 (100.00%) Web Application Security Consortium
Systems Management
1 3 (100.00%) Computer Emergency Response Teams