Period
to 18 December 2018

The median contractor rate for a Penetration Tester was £500 per day in advertised job vacancies during the 6 months to 18 December 2018.

The first table below provides contractor rate benchmarking and summary statistics including a comparison to same period in the previous 2 years.

Note that daily and hourly rates are treated separately in these statistics. When calculating contractor rate percentiles, daily rates are never derived from quoted hourly rates or vice versa.

Penetration Tester
UK
6 months to
18 Dec 2018
Same period 2017 Same period 2016
Rank 848 846 788
Rank change year-on-year -2 -58 +80
Contract jobs requiring a Penetration Tester 56 52 102
As % of all contract IT jobs advertised in the UK 0.053% 0.050% 0.10%
As % of the Job Titles category 0.056% 0.053% 0.11%
Number of daily rates quoted 39 38 73
UK median daily rate £500 £538 £500
Median daily rate % change year-on-year -6.98% +7.50% -
10th Percentile £325 £409 £407
90th Percentile £650 £633 £600
UK excluding London median daily rate £500 £550 £513
% change year-on-year -9.09% +7.32% +2.50%
Number of hourly rates quoted 0 0 1
UK median hourly rate - - £35.00
UK excluding London median hourly rate - - £35.00

The following table is for comparison with the above and includes summary statistics for all contract IT job vacancies. Most job vacancies include a discernible job title that can be normalized. As such, the figures in the second row provide an indication of the number of contract jobs in our overall sample.

All Contract IT Job Vacancies
UK
Contract vacancies in the UK with a recognized job title 99,293 98,050 96,502
% of contract IT jobs with a recognized job title 94.70% 94.93% 94.76%
Number of daily rates quoted 65,685 65,027 62,959
UK median daily rate £450 £450 £425
Median daily rate % change year-on-year - +5.88% +3.66%
10th Percentile £270 £260 £250
90th Percentile £638 £625 £600
UK excluding London median daily rate £425 £400 £398
% change year-on-year +6.25% +0.63% +6.00%
Number of hourly rates quoted 3,050 2,868 3,272
UK median hourly rate £18.53 £18.70 £18.00
Median hourly rate % change year-on-year -0.91% +3.89% -
10th Percentile £11.00 £10.76 £10.50
90th Percentile £48.75 £47.83 £47.25
UK excluding London median hourly rate £17.50 £17.76 £17.50
% change year-on-year -1.44% +1.46% -

Penetration Tester
Job Vacancy Trend

Job postings that featured Penetration Tester in the job title as a percentage of all IT jobs advertised.

Job vacancy trend for Penetration Tester in the UK

Penetration Tester
Contractor Daily Rate Trend

This chart provides the 3-month moving average for daily rates quoted in contract jobs citing Penetration Tester.

Contractor daily rate trend for Penetration Tester in the UK

Penetration Tester
Contractor Daily Rate Histogram

The daily rate distribution of IT jobs citing Penetration Tester over the 6 months to 18 December 2018.

Contractor daily rate histogram for Penetration Tester in the UK

Penetration Tester
Contractor Hourly Rate Trend

This chart provides the 3-month moving average for contractor hourly rates quoted in IT jobs citing Penetration Tester.

Contractor hourly rate trend for Penetration Tester in the UK

Penetration Tester
Top 11 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Tester within the UK over the 6 months to 18 December 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Past 6 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +6 50 £500 -9.09% 38
London +16 28 £538 -2.27% 10
UK excluding London -18 24 £500 -9.09% 28
Midlands +4 15 £500 -4.76% 12
West Midlands -20 12 £500 -4.76% 10
South East -6 5 £525 -4.55% 9
North West -6 1 £350 - 1
North of England -11 1 £350 - 3
Wales -30 1 - -
Northern Ireland - 1 £550 -
South West - 1 £375 -

Penetration Tester Skill Set
Top 30 Co-occurring IT Skills

For the 6 months to 18 December 2018, Penetration Tester contract jobs required the following IT skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all contract job ads featuring Penetration Tester in the job title.

1 48 (85.71%) Penetration Testing
2 23 (41.07%) Java
3 20 (35.71%) C
3 20 (35.71%) Ruby
3 20 (35.71%) Cybersecurity
4 19 (33.93%) Python
4 19 (33.93%) Remediation Plan
5 18 (32.14%) CREST Certified
6 17 (30.36%) Linux
6 17 (30.36%) Nessus
6 17 (30.36%) Amazon AWS
6 17 (30.36%) Open Source
7 16 (28.57%) Metasploit
7 16 (28.57%) Agile Software Development
7 16 (28.57%) Wireless
7 16 (28.57%) Burp Suite
8 15 (26.79%) Vulnerability Scanning
8 15 (26.79%) Cyberthreat
8 15 (26.79%) Nmap
8 15 (26.79%) C#
8 15 (26.79%) Bash Shell
8 15 (26.79%) Security Architecture
8 15 (26.79%) Microsoft Azure
9 14 (25.00%) OpenStack
9 14 (25.00%) Waterfall
9 14 (25.00%) Social Engineering
9 14 (25.00%) Patch Management
9 14 (25.00%) PowerShell
9 14 (25.00%) Degree
9 14 (25.00%) Lua

Penetration Tester Skill Set
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 14 (25.00%) OpenStack
Cloud Services
1 17 (30.36%) Amazon AWS
2 15 (26.79%) Microsoft Azure
3 2 (3.57%) IaaS
Communications & Networking
1 16 (28.57%) Wireless
2 14 (25.00%) HTTP
3 13 (23.21%) 802.11
3 13 (23.21%) SNMP
3 13 (23.21%) VPN
4 11 (19.64%) VoIP
5 5 (8.93%) SAN
6 4 (7.14%) Firewall
7 3 (5.36%) SSL
8 2 (3.57%) DNS
8 2 (3.57%) Internet
8 2 (3.57%) Network Security
9 1 (1.79%) DHCP
9 1 (1.79%) FTP
9 1 (1.79%) Wireshark
Development Applications
1 16 (28.57%) Burp Suite
1 16 (28.57%) Metasploit
2 1 (1.79%) Xcode
General
1 4 (7.14%) Finance
2 3 (5.36%) Banking
2 3 (5.36%) Telecoms
3 2 (3.57%) Legal
4 1 (1.79%) Electronics
4 1 (1.79%) Financial Institution
4 1 (1.79%) Law
4 1 (1.79%) Manufacturing
4 1 (1.79%) Marketing
4 1 (1.79%) Pharmaceutical
Libraries, Frameworks & Software Standards
1 13 (23.21%) 802.1X
2 2 (3.57%) .NET
3 1 (1.79%) Middleware
3 1 (1.79%) Spring
Miscellaneous
1 15 (26.79%) Cyberthreat
2 13 (23.21%) Mobile App
2 13 (23.21%) SCADA
3 11 (19.64%) Wiki
4 2 (3.57%) Cyber Defence
4 2 (3.57%) Fintech
4 2 (3.57%) Public Cloud
5 1 (1.79%) Analytical Skills
5 1 (1.79%) CESG
5 1 (1.79%) Cyberattack
5 1 (1.79%) Data Centre
5 1 (1.79%) Embedded Systems
5 1 (1.79%) EMV
5 1 (1.79%) Management Information System
5 1 (1.79%) User Experience
Operating Systems
1 17 (30.36%) Linux
2 14 (25.00%) Kali Linux
3 4 (7.14%) Windows
4 3 (5.36%) Android
4 3 (5.36%) Apple iOS
5 2 (3.57%) Unix
6 1 (1.79%) Mac OS
6 1 (1.79%) Red Hat Enterprise Linux
Processes & Methodologies
1 48 (85.71%) Penetration Testing
2 20 (35.71%) Cybersecurity
3 19 (33.93%) Remediation Plan
4 17 (30.36%) Open Source
5 16 (28.57%) Agile Software Development
6 15 (26.79%) Security Architecture
6 15 (26.79%) Vulnerability Scanning
7 14 (25.00%) Cyber Intelligence
7 14 (25.00%) Cyber Threat Intelligence
7 14 (25.00%) Ethical Hacking
7 14 (25.00%) Patch Management
7 14 (25.00%) Social Engineering
7 14 (25.00%) Threat Intelligence
7 14 (25.00%) Waterfall
8 13 (23.21%) Computer Science
8 13 (23.21%) Mathematics
8 13 (23.21%) OSINT
8 13 (23.21%) Software Delivery
9 11 (19.64%) Security Operations
10 9 (16.07%) Security Testing
Programming Languages
1 23 (41.07%) Java
2 20 (35.71%) C
2 20 (35.71%) Ruby
3 19 (33.93%) Python
4 15 (26.79%) Bash Shell
4 15 (26.79%) C#
5 14 (25.00%) Lua
5 14 (25.00%) PowerShell
6 7 (12.50%) C++
7 3 (5.36%) Perl
8 1 (1.79%) Apple Swift
8 1 (1.79%) JavaScript
8 1 (1.79%) PHP
8 1 (1.79%) Shell Script
8 1 (1.79%) VB.NET
Qualifications
1 18 (32.14%) CREST Certified
2 14 (25.00%) Degree
3 13 (23.21%) OSCE
3 13 (23.21%) OSCP
4 9 (16.07%) SC Cleared
4 9 (16.07%) Security Cleared
4 9 (16.07%) Tigerscheme
5 8 (14.29%) SANS
6 7 (12.50%) CEH
7 6 (10.71%) GPEN
8 4 (7.14%) CISSP
8 4 (7.14%) DV Cleared
9 3 (5.36%) CHECK Team Leader
10 2 (3.57%) CHECK Team Member
11 1 (1.79%) CCSAM
11 1 (1.79%) CCSAS
11 1 (1.79%) CESG Certified Professional
11 1 (1.79%) CISA
11 1 (1.79%) GIAC
Quality Assurance & Compliance
1 4 (7.14%) ISO/IEC 27001
2 3 (5.36%) HIPAA
2 3 (5.36%) PCI DSS
2 3 (5.36%) Sarbanes-Oxley
3 2 (3.57%) Cyber Essentials
4 1 (1.79%) GDPR
System Software
1 1 (1.79%) Virtual Servers
Systems Management
1 17 (30.36%) Nessus
2 15 (26.79%) Nmap
3 1 (1.79%) Nexpose
3 1 (1.79%) Red Hat Satellite
3 1 (1.79%) WSUS
Vendors
1 1 (1.79%) BMC
1 1 (1.79%) HP
1 1 (1.79%) Red Hat
1 1 (1.79%) SAP
1 1 (1.79%) Tripwire