Penetration Testing contracts, contractor rates and trends for Penetration Testing skills

The following table provides summary statistics for contract job vacancies with a requirement for Penetration Testing skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited Penetration Testing over the 6 months to 27 February 2020 with a comparison to the same period in the previous 2 years.

Note that daily and hourly rates are treated separately in these statistics. When calculating contractor rate percentiles, daily rates are never derived from quoted hourly rates or vice versa.

Penetration Testing UK
Location	6 months to 27 Feb 2020	Same period 2019	Same period 2018
Rank	473	485	529
Rank change year-on-year	+12	+44	-49
Contract jobs citing Penetration Testing	260	432	404
As % of all contract IT jobs advertised in the UK	0.38%	0.44%	0.40%
As % of the Processes & Methodologies category	0.45%	0.50%	0.46%
Number of daily rates quoted	164	240	246
UK median daily rate	£525	£525	£500
Median daily rate % change year-on-year	-	+5.00%	+11.11%
10th Percentile	£350	£400	£355
90th Percentile	£688	£675	£675
UK excluding London median daily rate	£450	£500	£500
% change year-on-year	-10.00%	-	+6.38%
Number of hourly rates quoted	4	4	0
UK median hourly rate	£35.00	£35.00	-
UK excluding London median hourly rate	£35.00	£35.00	-

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for process or methodology skills.

All Process and Methodology Skills UK
Contract vacancies with a requirement for process or methodology skills	57,665	86,503	87,773
As % of all contract IT jobs advertised in the UK	85.11%	87.34%	86.38%
Number of daily rates quoted	37,175	57,175	58,542
UK median daily rate	£475	£475	£450
Median daily rate % change year-on-year	-	+5.56%	+5.88%
10th Percentile	£282	£300	£281
90th Percentile	£650	£650	£638
UK excluding London median daily rate	£437	£425	£413
% change year-on-year	+2.78%	+3.03%	+3.13%
Number of hourly rates quoted	1,912	2,257	2,141
UK median hourly rate	£24.05	£24.08	£24.00
Median hourly rate % change year-on-year	-0.12%	+0.33%	-2.04%
10th Percentile	£12.44	£11.50	£11.25
90th Percentile	£53.70	£50.00	£50.25
UK excluding London median hourly rate	£21.32	£22.92	£24.00
% change year-on-year	-6.96%	-4.52%	+0.21%

Penetration Testing
Job Vacancy Trend

Job postings citing Penetration Testing as a percentage of all IT jobs advertised.

Job vacancy trend for Penetration Testing in the UK

Penetration Testing
Contractor Daily Rate Trend

This chart provides the 3-month moving average for daily rates quoted in contract jobs citing Penetration Testing.

Contractor daily rate trend for Penetration Testing in the UK

Penetration Testing
Contractor Daily Rate Histogram

The daily rate distribution of IT jobs citing Penetration Testing over the 6 months to 27 February 2020.

Contractor daily rate histogram for Penetration Testing in the UK

Penetration Testing
Contractor Hourly Rate Trend

This chart provides the 3-month moving average for contractor hourly rates quoted in IT jobs citing Penetration Testing.

Contractor hourly rate trend for Penetration Testing in the UK

Penetration Testing
Contractor Hourly Rate Histogram

The hourly rate distribution of IT jobs citing Penetration Testing over the 6 months to 27 February 2020.

Contractor hourly rate histogram for Penetration Testing in the UK

Penetration Testing
Top 14 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Testing within the UK over the 6 months to 27 February 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Contract IT Job Ads	Median Daily Rate Past 6 Months	Median Daily Rate % Change on Same Period Last Year	Live Job Vacancies
England	+24	234	£525	-	134
UK excluding London	+45	133	£450	-10.00%	90
London	+45	121	£575	+9.52%	48
South East	+50	47	£463	-7.50%	22
North of England	+38	26	£450	-12.20%	31
Midlands	+47	18	£363	-27.34%	21
Scotland	+42	18	£450	-25.00%	3
North West	+18	15	£450	-10.00%	15
South West	+18	12	£425	-4.49%	8
Yorkshire	+51	11	£450	-29.41%	15
East of England	+27	11	£500	+1.01%	4
West Midlands	+34	10	£351	-29.90%	13
East Midlands	+48	8	£450	-20.00%	8
Wales	+22	1	£550	+14.58%	1

Penetration Testing
Top 30 Co-occurring IT Skills

For the 6 months to 27 February 2020, IT contractor jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all contract job ads with a requirement for Penetration Testing.

1	84 (32.31%)	Cybersecurity
2	83 (31.92%)	Information Security
3	75 (28.85%)	Security Testing
4	63 (24.23%)	AWS
5	56 (21.54%)	Firewall
6	52 (20.00%)	Agile Software Development
7	48 (18.46%)	ISO/IEC 27001
8	47 (18.08%)	Linux
9	46 (17.69%)	Security Cleared
10	43 (16.54%)	Windows
11	41 (15.77%)	Finance
12	39 (15.00%)	Test Automation
13	38 (14.62%)	Security Architecture
13	38 (14.62%)	CISSP
14	36 (13.85%)	SC Cleared

15	35 (13.46%)	Azure
16	33 (12.69%)	Open Source
16	33 (12.69%)	Vulnerability Management
16	33 (12.69%)	GDPR
17	31 (11.92%)	DevOps
17	31 (11.92%)	Public Sector
18	29 (11.15%)	Vulnerability Scanning
18	29 (11.15%)	SIEM
19	28 (10.77%)	TCP/IP
19	28 (10.77%)	CREST Certified
20	27 (10.38%)	Python
20	27 (10.38%)	Risk Management
20	27 (10.38%)	Security Management
21	26 (10.00%)	Nessus
22	25 (9.62%)	Incident Management

Penetration Testing
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
Applications
Business Applications
Cloud Services
Communications & Networking
Database & Business Intelligence
Development Applications
General
Job Titles
Libraries, Frameworks & Software Standards
Miscellaneous
Operating Systems
Processes & Methodologies
Programming Languages
Qualifications
Quality Assurance & Compliance
System Software
Systems Management
Vendors

Application Platforms
1	19 (7.31%)	Confluence
2	9 (3.46%)	SharePoint
3	7 (2.69%)	IIS
3	7 (2.69%)	nginx
4	4 (1.54%)	Apache
5	3 (1.15%)	Elasticsearch
6	2 (0.77%)	Apache Spark
6	2 (0.77%)	CMS
6	2 (0.77%)	OpenStack
7	1 (0.38%)	Drupal
7	1 (0.38%)	GlassFish
7	1 (0.38%)	Kentico
7	1 (0.38%)	MS Exchange
7	1 (0.38%)	WebLogic

Applications
1	4 (1.54%)	Microsoft Office
2	1 (0.38%)	Microsoft Project

Business Applications
1	5 (1.92%)	Aligne
2	1 (0.38%)	Payment Gateway
2	1 (0.38%)	Remedy ITSM

Cloud Services
1	63 (24.23%)	AWS
2	35 (13.46%)	Azure
3	21 (8.08%)	GCP
4	6 (2.31%)	AWS CloudFormation
4	6 (2.31%)	BrowserStack
4	6 (2.31%)	Office 365
5	5 (1.92%)	Amazon S3
5	5 (1.92%)	Google Analytics
5	5 (1.92%)	Google Compute Engine
6	4 (1.54%)	CloudFront
6	4 (1.54%)	GitHub
6	4 (1.54%)	Route 53
6	4 (1.54%)	Virtual Private Cloud
7	3 (1.15%)	SaaS
8	2 (0.77%)	Amazon CloudWatch
8	2 (0.77%)	Amazon EC2
8	2 (0.77%)	Azure Active Directory
8	2 (0.77%)	Heroku
8	2 (0.77%)	OpenShift
8	2 (0.77%)	Slack

Communications & Networking
1	56 (21.54%)	Firewall
2	28 (10.77%)	TCP/IP
3	18 (6.92%)	Internet
4	16 (6.15%)	DNS
4	16 (6.15%)	Kerberos
5	15 (5.77%)	Intrusion Detection
6	12 (4.62%)	Network Security
7	9 (3.46%)	VPN
8	8 (3.08%)	DHCP
8	8 (3.08%)	WAN
9	7 (2.69%)	HTTP
9	7 (2.69%)	X.509
10	6 (2.31%)	DSL
10	6 (2.31%)	VoIP
11	5 (1.92%)	LAN
11	5 (1.92%)	Remote Desktop
11	5 (1.92%)	SMTP
11	5 (1.92%)	Wireless
12	4 (1.54%)	MPLS
12	4 (1.54%)	SSL

Database & Business Intelligence
1	11 (4.23%)	SQL Server
2	10 (3.85%)	PostgreSQL
3	9 (3.46%)	Big Data
3	9 (3.46%)	Blockchain
4	5 (1.92%)	MongoDB
4	5 (1.92%)	Oracle Database
5	3 (1.15%)	MySQL
5	3 (1.15%)	Oracle Reports
6	2 (0.77%)	Amazon RDS

Development Applications
1	23 (8.85%)	JIRA
2	15 (5.77%)	Burp Suite
2	15 (5.77%)	Jenkins
3	12 (4.62%)	Git (software)
4	10 (3.85%)	Selenium
5	9 (3.46%)	Metasploit
6	8 (3.08%)	Cucumber
7	6 (2.31%)	Gatling
7	6 (2.31%)	WebDriver
8	4 (1.54%)	Bitbucket
8	4 (1.54%)	GitLab
9	3 (1.15%)	Team Foundation Server
10	2 (0.77%)	AppScan
10	2 (0.77%)	Atlassian Bamboo
10	2 (0.77%)	CircleCI
10	2 (0.77%)	git-flow
10	2 (0.77%)	gulp
11	1 (0.38%)	SonarQube
11	1 (0.38%)	Sonatype Nexus
11	1 (0.38%)	Subversion

General
1	41 (15.77%)	Finance
2	31 (11.92%)	Public Sector
3	16 (6.15%)	Retail
4	11 (4.23%)	Legal
5	6 (2.31%)	Local Government
6	5 (1.92%)	Telecoms
7	4 (1.54%)	Financial Institution
8	3 (1.15%)	Banking
9	2 (0.77%)	Aerospace
9	2 (0.77%)	Billing
10	1 (0.38%)	German Language
10	1 (0.38%)	Law
10	1 (0.38%)	Police

Job Titles
1	49 (18.85%)	Architect
2	42 (16.15%)	Tester
3	34 (13.08%)	Security Architect
4	33 (12.69%)	Penetration Tester
5	32 (12.31%)	Consultant
6	31 (11.92%)	Analyst
7	30 (11.54%)	Security Consultant
8	25 (9.62%)	Security Engineer
9	16 (6.15%)	Security Analyst
10	15 (5.77%)	Cybersecurity Consultant
11	12 (4.62%)	Information Architect
11	12 (4.62%)	Security Tester
12	10 (3.85%)	Security Manager
13	9 (3.46%)	Network Engineer
14	8 (3.08%)	Information Assurance Architect
14	8 (3.08%)	IT Analyst
14	8 (3.08%)	Senior Tester
14	8 (3.08%)	Test Analyst
14	8 (3.08%)	Test Manager
15	7 (2.69%)	Information Officer

Libraries, Frameworks & Software Standards
1	17 (6.54%)	Web Services
2	16 (6.15%)	SAML
3	13 (5.00%)	Node.js
4	10 (3.85%)	.NET
5	9 (3.46%)	CSS
5	9 (3.46%)	OAuth
5	9 (3.46%)	OAuth2
6	7 (2.69%)	HTML
7	5 (1.92%)	Spring
8	4 (1.54%)	REST
9	3 (1.15%)	LAMP
9	3 (1.15%)	LEMP Stack
9	3 (1.15%)	RabbitMQ
10	2 (0.77%)	ASP.NET
10	2 (0.77%)	GraphQL
10	2 (0.77%)	OpenID
10	2 (0.77%)	Spring MVC
10	2 (0.77%)	SQLAlchemy
10	2 (0.77%)	Vue.js
10	2 (0.77%)	YAML

Miscellaneous
1	23 (8.85%)	Management Information System
2	15 (5.77%)	Mobile App
3	9 (3.46%)	PKI
4	8 (3.08%)	Greenfield Project
5	7 (2.69%)	Cyberthreat
6	6 (2.31%)	Analytical Skills
6	6 (2.31%)	Robotics
7	5 (1.92%)	Data Centre
7	5 (1.92%)	Public Cloud
8	4 (1.54%)	CESG
9	3 (1.15%)	Cyber Defence
9	3 (1.15%)	Foreign Exchange (FX)
10	2 (0.77%)	Analytical Mindset
10	2 (0.77%)	Cyberattack
10	2 (0.77%)	Driving Licence
10	2 (0.77%)	Security Operations Centre
11	1 (0.38%)	Cyber Kill Chain
11	1 (0.38%)	Self-Motivation
11	1 (0.38%)	Shadow IT
11	1 (0.38%)	Virtual Team

Operating Systems
1	47 (18.08%)	Linux
2	43 (16.54%)	Windows
3	7 (2.69%)	Kali Linux
3	7 (2.69%)	Unix
3	7 (2.69%)	Windows Server
4	6 (2.31%)	Android
5	5 (1.92%)	CentOS
6	4 (1.54%)	Apple iOS
6	4 (1.54%)	Red Hat Enterprise Linux
7	3 (1.15%)	Ubuntu
7	3 (1.15%)	Windows Server 2012
8	2 (0.77%)	Mac OS X
9	1 (0.38%)	VMS
9	1 (0.38%)	Windows 7

Processes & Methodologies
1	84 (32.31%)	Cybersecurity
2	83 (31.92%)	Information Security
3	75 (28.85%)	Security Testing
4	52 (20.00%)	Agile Software Development
5	39 (15.00%)	Test Automation
6	38 (14.62%)	Security Architecture
7	33 (12.69%)	Open Source
7	33 (12.69%)	Vulnerability Management
8	31 (11.92%)	DevOps
9	29 (11.15%)	SIEM
9	29 (11.15%)	Vulnerability Scanning
10	27 (10.38%)	Risk Management
10	27 (10.38%)	Security Management
11	25 (9.62%)	Incident Management
12	24 (9.23%)	Ethical Hacking
12	24 (9.23%)	OWASP
13	22 (8.46%)	Continuous Improvement
13	22 (8.46%)	Security Operations
14	18 (6.92%)	Performance Testing
14	18 (6.92%)	Vulnerability Assessment

Programming Languages
1	27 (10.38%)	Python
2	15 (5.77%)	Java
3	9 (3.46%)	PHP
4	8 (3.08%)	Bash Shell
4	8 (3.08%)	SQL
5	6 (2.31%)	C++
5	6 (2.31%)	Groovy
5	6 (2.31%)	PowerShell
5	6 (2.31%)	Scala
6	5 (1.92%)	C
6	5 (1.92%)	JavaScript
7	4 (1.54%)	Ruby
8	3 (1.15%)	C#
8	3 (1.15%)	Go
9	2 (0.77%)	Shell Script
10	1 (0.38%)	Perl
10	1 (0.38%)	VB.NET

Qualifications
1	46 (17.69%)	Security Cleared
2	38 (14.62%)	CISSP
3	36 (13.85%)	SC Cleared
4	28 (10.77%)	CREST Certified
5	22 (8.46%)	CISM
6	21 (8.08%)	Degree
6	21 (8.08%)	OSCP
7	16 (6.15%)	SANS
8	15 (5.77%)	CEH
8	15 (5.77%)	CLAS
9	14 (5.38%)	GIAC
10	12 (4.62%)	TOGAF Certification
11	10 (3.85%)	CompTIA Security+
11	10 (3.85%)	Computer Science Degree
11	10 (3.85%)	DV Cleared
12	9 (3.46%)	CISA
12	9 (3.46%)	Cisco Certification
13	8 (3.08%)	CESG Certified Professional
14	5 (1.92%)	CCNA
14	5 (1.92%)	SSCP

Quality Assurance & Compliance
1	48 (18.46%)	ISO/IEC 27001
2	33 (12.69%)	GDPR
3	25 (9.62%)	NIST
4	19 (7.31%)	QA
5	18 (6.92%)	PCI DSS
6	15 (5.77%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
7	13 (5.00%)	COBIT
8	11 (4.23%)	SLA
9	8 (3.08%)	Sarbanes-Oxley
10	5 (1.92%)	Cyber Essentials
10	5 (1.92%)	NCSC
11	4 (1.54%)	Cyber Essentials PLUS
11	4 (1.54%)	ISAE 3402
12	2 (0.77%)	HMG Security Policy Framework
12	2 (0.77%)	NIST 800
12	2 (0.77%)	PMO

System Software
1	10 (3.85%)	Docker
2	6 (2.31%)	Active Directory
3	4 (1.54%)	Hyper-V
4	3 (1.15%)	VMware Infrastructure
5	2 (0.77%)	Snort
5	2 (0.77%)	VMware NSX
6	1 (0.38%)	Firmware
6	1 (0.38%)	ProxySG
6	1 (0.38%)	Virtual Machines
6	1 (0.38%)	Virtual Servers

Systems Management
1	26 (10.00%)	Nessus
2	15 (5.77%)	Terraform
3	11 (4.23%)	Ansible
4	7 (2.69%)	Kubernetes
4	7 (2.69%)	Nmap
5	6 (2.31%)	QRadar
6	5 (1.92%)	HP Fortify
6	5 (1.92%)	RSA Archer
7	4 (1.54%)	Computer Emergency Response Teams
7	4 (1.54%)	Single Sign-On
7	4 (1.54%)	ThinApp
8	3 (1.15%)	Opscode Chef
8	3 (1.15%)	Prometheus
9	2 (0.77%)	HAProxy
9	2 (0.77%)	HP ALM
9	2 (0.77%)	WebInspect
10	1 (0.38%)	Kibana
10	1 (0.38%)	logstash
10	1 (0.38%)	Nagios
10	1 (0.38%)	Nexpose

Vendors
1	25 (9.62%)	Google
2	16 (6.15%)	Microsoft
3	13 (5.00%)	Cisco
4	12 (4.62%)	Qualys
5	11 (4.23%)	Splunk
6	10 (3.85%)	Oracle
7	9 (3.46%)	Rapid7
8	8 (3.08%)	McAfee
9	7 (2.69%)	ArcSight
9	7 (2.69%)	VMware
10	5 (1.92%)	CheckPoint
10	5 (1.92%)	Palo Alto
11	4 (1.54%)	AlienVault
11	4 (1.54%)	Fortinet
11	4 (1.54%)	Juniper
11	4 (1.54%)	Salesforce.com
12	3 (1.15%)	Red Hat
13	2 (0.77%)	HP
13	2 (0.77%)	Remedy
13	2 (0.77%)	Sophos

139 Penetration Testing job vacancies Nationwide

Penetration TestingJob Vacancy Trend

Penetration TestingContractor Daily Rate Trend

Penetration TestingContractor Daily Rate Histogram

Penetration TestingContractor Hourly Rate Trend

Penetration TestingContractor Hourly Rate Histogram

Penetration TestingTop 14 Contract Locations

Penetration TestingTop 30 Co-occurring IT Skills

Penetration TestingCo-occurring IT Skills by Category