OWASP Contracts, Co-occurring Skills & Contractor Rates

Open Web Application Security Project (OWASP)
UK

The table below provides summary statistics for contract job vacancies requiring OWASP skills. It includes a benchmarking guide to the contractor rates offered in vacancies that cited OWASP over the 6 months leading up to 17 May 2025, comparing them to the same period in the previous two years.

Location	6 months to 17 May 2025	Same period 2024	Same period 2023
Rank	395	482	546
Rank change year-on-year	+87	+64	-7
Contract jobs citing OWASP	130	94	138
As % of all contract jobs advertised in the UK	0.44%	0.22%	0.24%
As % of the Processes & Methodologies category	0.49%	0.26%	0.27%
Number of daily rates quoted	74	58	83
10^th Percentile	£348	£463	£430
25^th Percentile	£500	£520	£500
Median daily rate (50^th Percentile)	£600	£600	£575
Median % change year-on-year	-	+4.35%	-
75^th Percentile	£680	£678	£681
90^th Percentile	£750	£841	£748
UK excluding London median daily rate	£588	£575	£550
% change year-on-year	+2.17%	+4.55%	-
Number of hourly rates quoted	0	0	2
Median hourly rate	-	-	£70.00
UK excluding London median hourly rate	-	-	£70.00

All Process and Methodology Skills
UK

OWASP falls under the Processes and Methodologies category. For comparison with the information above, the following table provides summary statistics for all contract job vacancies requiring process or methodology skills.

Contract vacancies with a requirement for process or methodology skills	26,772	36,679	51,168
As % of all contract IT jobs advertised in the UK	90.96%	86.19%	89.82%
Number of daily rates quoted	17,185	23,608	35,479
10^th Percentile	£305	£300	£325
25^th Percentile	£410	£413	£438
Median daily rate (50^th Percentile)	£515	£525	£550
Median % change year-on-year	-1.90%	-4.55%	+3.77%
75^th Percentile	£625	£638	£650
90^th Percentile	£738	£750	£750
UK excluding London median daily rate	£475	£500	£500
% change year-on-year	-5.00%	-	+4.38%
Number of hourly rates quoted	1,093	2,436	1,692
10^th Percentile	£14.20	£12.75	£10.64
25^th Percentile	£18.13	£15.94	£16.10
Median hourly rate	£28.00	£36.27	£35.65
Median % change year-on-year	-22.81%	+1.75%	+38.82%
75^th Percentile	£60.00	£60.00	£65.00
90^th Percentile	£75.00	£72.50	£75.00
UK excluding London median hourly rate	£25.15	£37.50	£35.00
% change year-on-year	-32.93%	+7.14%	+75.00%

OWASP
Job Vacancy Trend

Job postings citing OWASP as a proportion of all IT jobs advertised.

OWASP
Contractor Daily Rate Trend

3-month moving average daily rate quoted in jobs citing OWASP.

OWASP
Daily Rate Histogram

Daily rate distribution for jobs citing OWASP over the 6 months to 17 May 2025.

Daily rate histogram for OWASP in the UK

OWASP
Contractor Hourly Rate Trend

3-month moving average hourly rates quoted in jobs citing OWASP.

OWASP
Top 13 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing OWASP within the UK over the 6 months to 17 May 2025. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Contract IT Job Ads	Median Daily Rate Past 6 Months	Median Daily Rate % Change on Same Period Last Year	Live Jobs
England	+86	101	£638	+10.87%	197
UK excluding London	+61	56	£588	+2.17%	153
London	+52	55	£650	-1.52%	57
Work from Home	+60	50	£575	+4.55%	85
South East	+50	19	£575	+4.55%	31
North of England	+18	16	£550	-3.30%	40
Scotland	+12	11	£500	-19.68%	7
Yorkshire	+11	8	£275	-51.33%	20
South West	+49	7	£671	-	23
North West	+18	7	£675	+17.39%	18
Midlands	+21	4	£710	-	26
West Midlands	+10	4	£710	-	13
North East	-	1	£550	-	2

OWASP
Top 30 Co-occurring Skills and Capabilities

For the 6 months to 17 May 2025, contractor job vacancies citing OWASP also mentioned the following skills and capabilities in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all contract job ads with a requirement for OWASP.

1	58 (44.62%)	DevOps
2	52 (40.00%)	CI/CD
3	46 (35.38%)	Azure
4	40 (30.77%)	Cybersecurity
5	39 (30.00%)	NIST
5	39 (30.00%)	Agile
6	35 (26.92%)	Social Skills
7	33 (25.38%)	Microservices
7	33 (25.38%)	AWS
8	31 (23.85%)	SQL
9	30 (23.08%)	DevSecOps
10	28 (21.54%)	Application Security
10	28 (21.54%)	Public Sector
10	28 (21.54%)	RESTful
11	27 (20.77%)	Test Automation

11	27 (20.77%)	Bash
11	27 (20.77%)	BDD
11	27 (20.77%)	Python
11	27 (20.77%)	TDD
11	27 (20.77%)	Information Security
11	27 (20.77%)	Cloud Security
12	26 (20.00%)	Git
13	25 (19.23%)	Kubernetes
14	24 (18.46%)	Docker
14	24 (18.46%)	Azure DevOps
15	23 (17.69%)	Secure Coding
15	23 (17.69%)	Security Cleared
15	23 (17.69%)	.NET
15	23 (17.69%)	Java
16	22 (16.92%)	PowerShell

OWASP
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
Applications
Cloud Services
Communications & Networking
Database & Business Intelligence
Development Applications
General
Job Titles
Libraries, Frameworks & Software Standards
Miscellaneous
Operating Systems
Processes & Methodologies
Programming Languages
Qualifications
Quality Assurance & Compliance
System Software
Systems Management
Vendors

Application Platforms
1	12 (9.23%)	Confluence
2	2 (1.54%)	IIS
3	1 (0.77%)	Apache
3	1 (0.77%)	Apache Spark
3	1 (0.77%)	nginx
3	1 (0.77%)	Tomcat

Applications
1	2 (1.54%)	Chatbot

Cloud Services
1	46 (35.38%)	Azure
2	33 (25.38%)	AWS
3	24 (18.46%)	Azure DevOps
4	18 (13.85%)	GitHub
5	15 (11.54%)	Cloud Computing
6	12 (9.23%)	GCP
6	12 (9.23%)	Serverless
6	12 (9.23%)	Slack
7	6 (4.62%)	Azure Sentinel
7	6 (4.62%)	GitHub Actions
8	5 (3.85%)	Amazon Cognito
8	5 (3.85%)	AWS CodePipeline
8	5 (3.85%)	AWS Lambda
8	5 (3.85%)	IaaS
8	5 (3.85%)	PaaS
8	5 (3.85%)	SaaS
9	4 (3.08%)	Amazon S3
9	4 (3.08%)	AWS CloudFormation
9	4 (3.08%)	Azure Monitor
9	4 (3.08%)	SonarCloud

Communications & Networking
1	16 (12.31%)	Network Security
2	14 (10.77%)	Firewall
3	12 (9.23%)	HTTP
4	5 (3.85%)	DNS
5	4 (3.08%)	FTP
5	4 (3.08%)	Radio Access Network
5	4 (3.08%)	SMTP
5	4 (3.08%)	SSL
5	4 (3.08%)	TCP/IP
6	1 (0.77%)	DMZ

Database & Business Intelligence
1	21 (16.15%)	MySQL
2	16 (12.31%)	MongoDB
3	15 (11.54%)	Apache Cassandra
4	13 (10.00%)	PostgreSQL
5	8 (6.15%)	NoSQL
6	7 (5.38%)	Relational Database
7	6 (4.62%)	Amazon Aurora
8	4 (3.08%)	Redis
9	3 (2.31%)	Metadata
10	1 (0.77%)	Amazon RDS
10	1 (0.77%)	Big Data
10	1 (0.77%)	Delta Lake
10	1 (0.77%)	MariaDB

Development Applications
1	26 (20.00%)	Git
2	17 (13.08%)	JIRA
3	16 (12.31%)	Jenkins
4	14 (10.77%)	GitLab
5	13 (10.00%)	Cucumber
6	12 (9.23%)	Cypress.io
6	12 (9.23%)	Jasmine
6	12 (9.23%)	JUnit
7	10 (7.69%)	SonarQube
8	8 (6.15%)	Snyk
9	7 (5.38%)	Postman
10	6 (4.62%)	Selenium
11	5 (3.85%)	NUnit
11	5 (3.85%)	Storybook
12	4 (3.08%)	SoapUI
13	3 (2.31%)	Burp Suite
13	3 (2.31%)	JMeter
13	3 (2.31%)	Subversion
14	2 (1.54%)	Metasploit
14	2 (1.54%)	Moq

General
1	35 (26.92%)	Social Skills
2	28 (21.54%)	Public Sector
3	16 (12.31%)	Finance
4	9 (6.92%)	Telecoms
5	7 (5.38%)	Analytical Skills
5	7 (5.38%)	Banking
6	6 (4.62%)	Electronics
6	6 (4.62%)	Manufacturing
6	6 (4.62%)	Marketing
7	5 (3.85%)	Legal
8	2 (1.54%)	Documentation Skills
8	2 (1.54%)	Presentation Skills
9	1 (0.77%)	Financial Institution
9	1 (0.77%)	Inclusion and Diversity
9	1 (0.77%)	Organisational Skills
9	1 (0.77%)	Retail

Job Titles
1	37 (28.46%)	Developer
2	30 (23.08%)	Architect
2	30 (23.08%)	Lead
3	27 (20.77%)	Security Architect
4	18 (13.85%)	Senior
5	14 (10.77%)	Senior Developer
6	13 (10.00%)	Consultant
6	13 (10.00%)	Lead Developer
7	12 (9.23%)	.NET Developer
7	12 (9.23%)	Java Developer
7	12 (9.23%)	Security Consultant
8	11 (8.46%)	Tester
9	8 (6.15%)	Lead .NET Developer
10	6 (4.62%)	Azure Developer
10	6 (4.62%)	C# .NET Developer
10	6 (4.62%)	C# Developer
10	6 (4.62%)	Senior .NET Developer
10	6 (4.62%)	Senior C# .NET Developer
10	6 (4.62%)	Senior C# Developer
10	6 (4.62%)	Senior Java Developer

Libraries, Frameworks & Software Standards
1	28 (21.54%)	RESTful
2	23 (17.69%)	.NET
3	17 (13.08%)	Spring Boot
4	16 (12.31%)	Spring
5	15 (11.54%)	.NET Core
5	15 (11.54%)	Spring Security
6	14 (10.77%)	CSS
6	14 (10.77%)	React
7	13 (10.00%)	Swagger
8	12 (9.23%)	OpenAPI
8	12 (9.23%)	Spring Batch
9	11 (8.46%)	OAuth
10	10 (7.69%)	HTML
11	7 (5.38%)	JSON
11	7 (5.38%)	OpenID
12	6 (4.62%)	ASP.NET
12	6 (4.62%)	RabbitMQ
13	5 (3.85%)	ActiveMQ
13	5 (3.85%)	ARM Templates
13	5 (3.85%)	Web Services

Miscellaneous
1	14 (10.77%)	Distributed Denial-of-Service
2	10 (7.69%)	Product Ownership
2	10 (7.69%)	Security Posture
3	8 (6.15%)	Cloud Native
4	7 (5.38%)	Management Information System
5	5 (3.85%)	PKI
5	5 (3.85%)	Private Cloud
6	4 (3.08%)	Distributed Systems
6	4 (3.08%)	Enterprise Software
6	4 (3.08%)	Hybrid Cloud
7	3 (2.31%)	Cyber Defence
7	3 (2.31%)	Cyber Kill Chain
7	3 (2.31%)	Data Centre
7	3 (2.31%)	Mobile App
8	2 (1.54%)	Cyber Threat
8	2 (1.54%)	Cyberattack
8	2 (1.54%)	Data Protection Act
8	2 (1.54%)	Operational Technology
8	2 (1.54%)	SCADA
8	2 (1.54%)	Security Operations Centre

Operating Systems
1	16 (12.31%)	Linux
2	13 (10.00%)	Red Hat Enterprise Linux
3	3 (2.31%)	Apple iOS
4	2 (1.54%)	AIX
5	1 (0.77%)	Android
5	1 (0.77%)	CentOS
5	1 (0.77%)	Windows
5	1 (0.77%)	Windows Server

Processes & Methodologies
1	58 (44.62%)	DevOps
2	52 (40.00%)	CI/CD
3	40 (30.77%)	Cybersecurity
4	39 (30.00%)	Agile
5	33 (25.38%)	Microservices
6	30 (23.08%)	DevSecOps
7	28 (21.54%)	Application Security
8	27 (20.77%)	BDD
8	27 (20.77%)	Cloud Security
8	27 (20.77%)	Information Security
8	27 (20.77%)	TDD
8	27 (20.77%)	Test Automation
9	23 (17.69%)	Secure Coding
10	22 (16.92%)	Containerisation
11	21 (16.15%)	Continuous Delivery
12	19 (14.62%)	Problem-Solving
12	19 (14.62%)	Threat Modelling
13	18 (13.85%)	Mentoring
13	18 (13.85%)	Security Architecture
13	18 (13.85%)	Security Testing

Programming Languages
1	31 (23.85%)	SQL
2	27 (20.77%)	Bash
2	27 (20.77%)	Python
3	23 (17.69%)	Java
4	22 (16.92%)	PowerShell
5	18 (13.85%)	C#
6	16 (12.31%)	JavaScript
7	10 (7.69%)	TypeScript
8	9 (6.92%)	PHP
9	5 (3.85%)	Ruby
10	3 (2.31%)	Kotlin
10	3 (2.31%)	Perl
10	3 (2.31%)	Swift
11	2 (1.54%)	C
11	2 (1.54%)	C++
11	2 (1.54%)	Kusto Query Language
11	2 (1.54%)	Objective-C
11	2 (1.54%)	PL/SQL
12	1 (0.77%)	VB
12	1 (0.77%)	VB6

Qualifications
1	23 (17.69%)	Security Cleared
2	20 (15.38%)	SC Cleared
3	18 (13.85%)	CISSP
4	16 (12.31%)	CEH
5	13 (10.00%)	Degree
6	11 (8.46%)	CISM
6	11 (8.46%)	OSCP
7	9 (6.92%)	Computer Science Degree
8	7 (5.38%)	SANS
9	6 (4.62%)	(ISC)2 CCSP
9	6 (4.62%)	Cisco Certification
10	5 (3.85%)	GIAC
10	5 (3.85%)	GPEN
10	5 (3.85%)	GWAPT
11	4 (3.08%)	AWS Certification
11	4 (3.08%)	CCSP
11	4 (3.08%)	CREST Certified
12	3 (2.31%)	CCSAS
12	3 (2.31%)	CRISC
12	3 (2.31%)	Microsoft Certification

Quality Assurance & Compliance
1	39 (30.00%)	NIST
2	17 (13.08%)	ISO/IEC 27001
3	14 (10.77%)	PCI DSS
4	12 (9.23%)	Accessibility
4	12 (9.23%)	GDPR
5	11 (8.46%)	QA
6	10 (7.69%)	COBIT
7	8 (6.15%)	NCSC
8	4 (3.08%)	HIPAA
9	3 (2.31%)	GRC
10	2 (1.54%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
10	2 (1.54%)	ISO/IEC 27005
10	2 (1.54%)	SOC 2
11	1 (0.77%)	Cyber Essentials
11	1 (0.77%)	EU AI Act
11	1 (0.77%)	HL7
11	1 (0.77%)	Software Quality Assurance

System Software
1	24 (18.46%)	Docker
2	1 (0.77%)	Active Directory
2	1 (0.77%)	VMware Infrastructure

Systems Management
1	25 (19.23%)	Kubernetes
2	17 (13.08%)	Terraform
3	5 (3.85%)	Single Sign-On
4	2 (1.54%)	Ansible
4	2 (1.54%)	Grafana
4	2 (1.54%)	Prometheus
5	1 (0.77%)	Argo
5	1 (0.77%)	Docker Swarm
5	1 (0.77%)	Packer
5	1 (0.77%)	Puppet

Vendors
1	21 (16.15%)	Microsoft
2	8 (6.15%)	SAP
3	6 (4.62%)	Veracode
4	5 (3.85%)	Coverity
4	5 (3.85%)	Oracle
5	4 (3.08%)	Zend
6	3 (2.31%)	Google
7	2 (1.54%)	F5
7	2 (1.54%)	Imperva
7	2 (1.54%)	Salesforce
7	2 (1.54%)	VMware
8	1 (0.77%)	Checkmarx
8	1 (0.77%)	Databricks
8	1 (0.77%)	Dynatrace
8	1 (0.77%)	Red Hat
8	1 (0.77%)	Splunk

Open Web Application Security Project (OWASP)UK

All Process and Methodology SkillsUK

OWASPJob Vacancy Trend

OWASPContractor Daily Rate Trend

OWASPDaily Rate Histogram

OWASPContractor Hourly Rate Trend

OWASPTop 13 Contract Locations

OWASPTop 30 Co-occurring Skills and Capabilities

OWASPCo-occurring Skills and Capabilities by Category