OWASP Contracts

Open Web Application Security Project (OWASP)
UK

The following table provides summary statistics for contract job vacancies with a requirement for OWASP skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited OWASP over the 6 months to 27 April 2024 with a comparison to the same period in the previous 2 years.

6 months to
27 Apr 2024		 Same period 2023 Same period 2022
Rank 458 564 538
Rank change year-on-year +106 -26 -95
Contract jobs citing OWASP 140 155 333
As % of all contract jobs advertised in the UK 0.32% 0.26% 0.37%
As % of the Processes & Methodologies category 0.37% 0.29% 0.41%
Number of daily rates quoted 58 94 209
10th Percentile £463 £425 £437
25th Percentile £541 £503 £500
Median daily rate (50th Percentile) £611 £556 £580
Median % change year-on-year +9.89% -4.09% +16.00%
75th Percentile £675 £650 £650
90th Percentile £724 £738 £750
UK excluding London median daily rate £585 £550 £550
% change year-on-year +6.27% - +10.00%
Number of hourly rates quoted 0 2 2
10th Percentile - - £46.00
25th Percentile - - £55.00
Median hourly rate - £70.00 £70.00
75th Percentile - - £85.00
90th Percentile - - £94.00
UK excluding London median hourly rate - £70.00 -

All Process and Methodology Skills
UK

OWASP is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for process or methodology skills.

Contract vacancies with a requirement for process or methodology skills 37,374 53,774 80,482
As % of all contract IT jobs advertised in the UK 86.31% 89.91% 90.60%
Number of daily rates quoted 24,095 37,304 56,474
10th Percentile £300 £325 £340
25th Percentile £413 £438 £425
Median daily rate (50th Percentile) £525 £550 £525
Median % change year-on-year -4.55% +4.76% +8.25%
75th Percentile £638 £650 £638
90th Percentile £750 £750 £738
UK excluding London median daily rate £500 £500 £475
% change year-on-year - +5.26% +9.20%
Number of hourly rates quoted 2,422 1,763 1,928
10th Percentile £12.75 £11.00 £12.50
25th Percentile £16.00 £16.25 £15.25
Median hourly rate £35.00 £37.34 £25.00
Median % change year-on-year -6.27% +49.36% -
75th Percentile £59.44 £65.00 £49.25
90th Percentile £72.50 £75.00 £63.75
UK excluding London median hourly rate £36.00 £36.00 £20.00
% change year-on-year - +80.00% -8.17%

OWASP
Job Vacancy Trend

Job postings citing OWASP as a proportion of all IT jobs advertised.

Job vacancy trend for OWASP in the UK

OWASP
Contractor Daily Rate Trend

3-month moving average daily rate quoted in jobs citing OWASP.

Daily rate trend for OWASP in the UK

OWASP
Daily Rate Histogram

Daily rate distribution for jobs citing OWASP over the 6 months to 27 April 2024.

Daily rate histogram for OWASP in the UK

OWASP
Contractor Hourly Rate Trend

3-month moving average hourly rates quoted in jobs citing OWASP.

Hourly rate trend for OWASP in the UK

OWASP
Top 13 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing OWASP within the UK over the 6 months to 27 April 2024. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Contract
IT Job Ads		 Median
Daily Rate
Past 6 Months		 Median Daily Rate
% Change
on Same Period
Last Year		 Live
Jobs
England +125 119 £575 +4.55% 61
UK excluding London +69 85 £585 +6.27% 31
Work from Home +125 77 £575 - 39
South East +70 54 £550 +7.32% 14
London +105 44 £648 +7.92% 26
North of England +14 17 £569 +3.41% 8
Yorkshire +11 12 £569 +8.33% 4
Scotland +37 10 £623 +14.22%
North West +8 5 £608 +10.45% 3
Wales +17 2 £666 +2.50%
South West +18 1 - - 3
West Midlands +13 1 - - 2
Midlands +1 1 - - 2

OWASP
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 4 (2.86%) Confluence
2 2 (1.43%) Jupyter
2 2 (1.43%) nginx
3 1 (0.71%) Apache
3 1 (0.71%) JBoss
3 1 (0.71%) Microsoft Exchange
3 1 (0.71%) SAS
3 1 (0.71%) Tomcat
3 1 (0.71%) WildFly
Cloud Services
1 39 (27.86%) Azure
1 39 (27.86%) IaaS
1 39 (27.86%) PaaS
1 39 (27.86%) SaaS
2 38 (27.14%) AWS
3 18 (12.86%) GitHub
4 12 (8.57%) Azure DevOps
5 11 (7.86%) Serverless
6 8 (5.71%) GCP
7 7 (5.00%) Akamai
7 7 (5.00%) Azure API Management
7 7 (5.00%) Azure Functions
7 7 (5.00%) Azure Key Vault
7 7 (5.00%) Azure Service Bus
7 7 (5.00%) Azure Storage
7 7 (5.00%) GitHub Actions
7 7 (5.00%) Power Platform
8 6 (4.29%) Azure Batch
8 6 (4.29%) Azure Logic Apps
8 6 (4.29%) PowerApps
Communications & Networking
1 39 (27.86%) 5G
1 39 (27.86%) Broadband
2 24 (17.14%) Firewall
3 14 (10.00%) Network Security
4 7 (5.00%) DNS
5 6 (4.29%) HTTP
5 6 (4.29%) Wireless
6 5 (3.57%) Internet
7 3 (2.14%) SSL
7 3 (2.14%) VPN
7 3 (2.14%) Wireshark
8 1 (0.71%) DHCP
8 1 (0.71%) Intrusion Detection
8 1 (0.71%) TCP/IP
8 1 (0.71%) VLAN
Database & Business Intelligence
1 15 (10.71%) SQL Server
2 8 (5.71%) Big Data
2 8 (5.71%) MySQL
2 8 (5.71%) Relational Database
3 7 (5.00%) Data Lake
4 6 (4.29%) Azure SQL Database
4 6 (4.29%) Data Warehouse
4 6 (4.29%) OLTP
5 5 (3.57%) Amazon Athena
6 3 (2.14%) RDBMS
7 2 (1.43%) NoSQL
8 1 (0.71%) Apache Cassandra
8 1 (0.71%) Azure SQL Data Warehouse
8 1 (0.71%) CouchDB
8 1 (0.71%) Hazelcast
8 1 (0.71%) MongoDB
8 1 (0.71%) Oracle Database
8 1 (0.71%) Oracle Database 11g
8 1 (0.71%) PostgreSQL
8 1 (0.71%) Redis
Development Applications
1 18 (12.86%) Git
2 16 (11.43%) Jenkins
3 12 (8.57%) GitLab
4 11 (7.86%) Burp Suite
5 8 (5.71%) Maven
6 7 (5.00%) Gradle
6 7 (5.00%) SonarQube
7 6 (4.29%) AppScan
7 6 (4.29%) JIRA
7 6 (4.29%) Postman
7 6 (4.29%) Visual Studio Team System
8 3 (2.14%) CircleCI
8 3 (2.14%) Subversion
9 2 (1.43%) RStudio
9 2 (1.43%) Selenium
9 2 (1.43%) SoapUI
10 1 (0.71%) Cypress.io
10 1 (0.71%) Mercurial
10 1 (0.71%) Moq
10 1 (0.71%) SpecFlow
General
1 40 (28.57%) Law
2 39 (27.86%) Organisational Skills
3 13 (9.29%) Public Sector
4 9 (6.43%) Analytical Skills
5 8 (5.71%) Social Skills
6 7 (5.00%) Retail
6 7 (5.00%) Telecoms
7 6 (4.29%) Banking
8 5 (3.57%) Finance
9 2 (1.43%) Manufacturing
9 2 (1.43%) Multimedia
10 1 (0.71%) Influencing Skills
10 1 (0.71%) Police
10 1 (0.71%) Retail Banking
Job Titles
1 44 (31.43%) Tester
2 43 (30.71%) Penetration Tester
3 41 (29.29%) Security Specialist
4 39 (27.86%) Security Penetration Tester
4 39 (27.86%) Security Tester
4 39 (27.86%) Testing Specialist
5 27 (19.29%) Consultant
6 19 (13.57%) Security Consultant
7 14 (10.00%) Architect
8 12 (8.57%) Cybersecurity Consultant
8 12 (8.57%) Developer
9 11 (7.86%) Senior
10 10 (7.14%) Security Architect
11 8 (5.71%) DevOps Engineer
11 8 (5.71%) Security Engineer
12 7 (5.00%) Site Reliability Engineer
13 6 (4.29%) Lead
13 6 (4.29%) Site Engineer
14 5 (3.57%) Cybersecurity Architect
14 5 (3.57%) Site Reliability Manager
Libraries, Frameworks & Software Standards
1 45 (32.14%) Web Services
2 8 (5.71%) .NET
2 8 (5.71%) Elastic Stack
3 7 (5.00%) XML
4 6 (4.29%) AngularJS
4 6 (4.29%) ARM Templates
4 6 (4.29%) JSON
5 4 (2.86%) Kafka
6 3 (2.14%) gRPC
6 3 (2.14%) Ruby on Rails
6 3 (2.14%) WebSockets
7 2 (1.43%) .NET Framework
7 2 (1.43%) OAuth
7 2 (1.43%) OAuth2
7 2 (1.43%) REST
7 2 (1.43%) Spring
7 2 (1.43%) Symfony
8 1 (0.71%) ASP.NET MVC
8 1 (0.71%) RESTful
8 1 (0.71%) XACML
Miscellaneous
1 50 (35.71%) Mobile App
2 13 (9.29%) Data Centre
3 11 (7.86%) Public Cloud
4 10 (7.14%) IoT
5 7 (5.00%) Distributed Denial-of-Service
6 6 (4.29%) Security Posture
7 5 (3.57%) Cloud Native
8 4 (2.86%) Management Information System
8 4 (2.86%) Onboarding
9 3 (2.14%) Cyber Threat
10 2 (1.43%) Algorithms
10 2 (1.43%) Cyberattack
11 1 (0.71%) CBDC
11 1 (0.71%) Credit Risk
11 1 (0.71%) Data Protection Act
11 1 (0.71%) Digital Currency
11 1 (0.71%) Distributed Systems
11 1 (0.71%) Product Ownership
11 1 (0.71%) Team-Oriented Environment
11 1 (0.71%) W3C
Operating Systems
1 34 (24.29%) Linux
2 20 (14.29%) Windows
3 13 (9.29%) Unix
4 3 (2.14%) Windows Server
5 1 (0.71%) AIX
Processes & Methodologies
1 78 (55.71%) Cybersecurity
2 73 (52.14%) Application Security
3 56 (40.00%) Penetration Testing
4 54 (38.57%) Security Testing
5 49 (35.00%) Stakeholder Management
6 48 (34.29%) DevOps
7 46 (32.86%) MITRE ATT&CK
8 32 (22.86%) Agile
9 26 (18.57%) CI/CD
10 24 (17.14%) Information Security
11 20 (14.29%) Continuous Integration
11 20 (14.29%) Test Automation
12 18 (12.86%) DevSecOps
13 16 (11.43%) Problem-Solving
13 16 (11.43%) Vulnerability Management
14 15 (10.71%) Infrastructure as Code
14 15 (10.71%) Microservices
15 12 (8.57%) Deployment Automation
15 12 (8.57%) Identity Access Management
15 12 (8.57%) Site Reliability Engineering
Programming Languages
1 30 (21.43%) Python
2 17 (12.14%) Bash
2 17 (12.14%) C#
2 17 (12.14%) PowerShell
3 15 (10.71%) Java
4 12 (8.57%) Ruby
5 8 (5.71%) Go
5 8 (5.71%) Shell Script
6 6 (4.29%) Groovy
6 6 (4.29%) JavaScript
7 5 (3.57%) SQL
8 3 (2.14%) C
8 3 (2.14%) C++
8 3 (2.14%) PHP
9 2 (1.43%) Perl
9 2 (1.43%) R
10 1 (0.71%) Rust
Qualifications
1 49 (35.00%) CREST Certified
2 48 (34.29%) Security Cleared
3 47 (33.57%) OSCP
4 45 (32.14%) GIAC
5 43 (30.71%) SANS
6 41 (29.29%) GPEN
7 8 (5.71%) ISACA
7 8 (5.71%) SC Cleared
8 6 (4.29%) CHECK Team Leader
8 6 (4.29%) CISSP
8 6 (4.29%) Degree
9 3 (2.14%) Azure Certification
9 3 (2.14%) CEH
9 3 (2.14%) Cisco Certification
9 3 (2.14%) CISM
9 3 (2.14%) CSSLP
10 2 (1.43%) CCNP
10 2 (1.43%) Computer Science Degree
10 2 (1.43%) DV Cleared
10 2 (1.43%) Master's Degree
Quality Assurance & Compliance
1 50 (35.71%) GDPR
2 48 (34.29%) PCI DSS
3 43 (30.71%) NCSC
4 36 (25.71%) NIST
5 17 (12.14%) ISO/IEC 27001
6 13 (9.29%) COBIT
7 8 (5.71%) QA
8 3 (2.14%) GRC
9 2 (1.43%) Accessibility
9 2 (1.43%) ISO 22301
10 1 (0.71%) Actionable Recommendations
10 1 (0.71%) Cyber Essentials
10 1 (0.71%) Cyber Essentials PLUS
10 1 (0.71%) Disclosure Scotland
10 1 (0.71%) HIPAA
10 1 (0.71%) ISO 20022
10 1 (0.71%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
10 1 (0.71%) WCAG
System Software
1 19 (13.57%) Docker
2 1 (0.71%) Active Directory
Systems Management
1 29 (20.71%) Terraform
2 24 (17.14%) Kubernetes
3 18 (12.86%) Ansible
4 8 (5.71%) Grafana
4 8 (5.71%) Nessus
4 8 (5.71%) Progress Chef
4 8 (5.71%) Prometheus
5 7 (5.00%) Graylog
5 7 (5.00%) Puppet
6 6 (4.29%) HP Fortify
6 6 (4.29%) WebInspect
7 3 (2.14%) Nagios
8 2 (1.43%) Single Sign-On
9 1 (0.71%) Kibana
9 1 (0.71%) logstash
Vendors
1 39 (27.86%) Virgin Media
2 14 (10.00%) Microsoft
3 11 (7.86%) F5
4 9 (6.43%) Splunk
5 7 (5.00%) Checkmarx
6 6 (4.29%) Veracode
7 4 (2.86%) Imperva
8 3 (2.14%) Oracle
8 3 (2.14%) Qualys
9 2 (1.43%) Cadence
9 2 (1.43%) Darktrace
10 1 (0.71%) Barracuda Networks
10 1 (0.71%) CrowdStrike
10 1 (0.71%) CyberArk
10 1 (0.71%) Google
10 1 (0.71%) Okta
10 1 (0.71%) Rapid7
10 1 (0.71%) Remedy
10 1 (0.71%) VMware
67 OWASP jobs Nationwide