The following table provides summary statistics for contract job vacancies with a requirement for Penetration Testing skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited Penetration Testing over the 3 months to 22 June 2017 with a comparison to the same period in the previous 2 years.

Note that daily and hourly rates are treated separately in these statistics. When calculating contractor rate percentiles, daily rates are never derived from quoted hourly rates or vice versa.

Penetration Testing
UK
3 months to
22 Jun 2017
Same period 2016 Same period 2015
Rank 421 408 502
Rank change year-on-year -13 +94  
Contract jobs citing Penetration Testing 197 246 142
As % of all contract IT jobs advertised in the UK 0.42% 0.46% 0.25%
As % of the Processes & Methodologies category 0.50% 0.55% 0.31%
Number of daily rates quoted 118 143 92
Median daily rate £500 £500 £448
Median daily rate % change year-on-year - +11.73%  
90% offered a daily rate of more than £350 £350 £300
10% offered a daily rate of more than £575 £600 £525
UK excluding London median daily rate £490 £475 £400
% change year-on-year +3.15% +18.75%  
Number of hourly rates quoted 3 1 1
Median hourly rate £60.00 £19.63 £45.00
Median hourly rate % change year-on-year +205.73% -56.38%  
UK excluding London median hourly rate £60.00 £19.63 £45.00
% change year-on-year +205.73% -56.38%  

Penetration Testing is in the process and methodology skills category. The next table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for process and methodology skills.

Contract Process & Methodology Skills
UK
Contract job vacancies with a requirement for process and methodology skills 39590 44959 45378
As % of all contract IT job vacancies advertised in the UK 84.46% 83.37% 80.72%
Number of daily rates quoted 25806 29818 29077
Median daily rate £450 £438 £413
Median daily rate % change year-on-year +2.85% +6.06%  
90% offered a daily rate of more than £313 £300 £285
10% offered a daily rate of more than £600 £600 £575
UK excluding London median daily rate £415 £400 £385
% change year-on-year +3.75% +3.89%  
Number of hourly rates quoted 1062 1087 1274
Median hourly rate £32.50 £27.50 £27.50
Median hourly rate % change year-on-year +18.18% -  
90% offered a hourly rate of more than £13.00 £12.58 £12.10
10% offered a hourly rate of more than £52.50 £47.80 £50.00
UK excluding London median hourly rate £33.50 £28.50 £30.00
% change year-on-year +17.54% -5.00%  

Penetration Testing
Job Vacancy Trend

The job posting trend of jobs advertised citing Penetration Testing as a proportion of all contract or permanent IT jobs with a match in the Processes & Methodologies category.

Job vacancy trend for Penetration Testing in the UK

Penetration Testing
Contractor Daily Rate Trend

This chart provides the 3-month moving average for daily rates quoted in contract jobs citing Penetration Testing.

Contractor daily rate trend for Penetration Testing in the UK

Penetration Testing
Contractor Daily Rate Histogram

The daily rate distribution of IT jobs citing Penetration Testing over the 3 months to 22 June 2017.

Contractor daily rate histogram for Penetration Testing in the UK

Penetration Testing
Contractor Hourly Rate Trend

This chart provides the 3-month moving average for contractor hourly rates quoted in IT jobs citing Penetration Testing.

Contractor hourly rate trend for Penetration Testing in the UK

Penetration Testing
Top 30 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Penetration Testing within the UK over the 3 months to 22 June 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 3 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Last 3 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +23 188 £500 - 72
London +24 101 £500 -4.76% 33
South East +4 25 £500 +5.26% 15
South West +26 18 £538 +59.25% 2
West Midlands +35 16 £466 -6.75% 9
East of England 0 15 £588 +38.23% 2
Bristol +7 14 £538 +53.57% 1
Hertfordshire +11 13 - -
Warwickshire +14 11 £475 -5.00% 1
City of London +8 10 £550 +14.28% 2
Warwick - 10 £475 -
Hampshire +8 9 £525 +16.66% 4
Scotland +39 7 - - 2
Berkshire +16 6 £488 +8.33%
Newcastle upon Tyne +79 5 £320 - 2
Tyne and Wear +78 5 £320 - 2
North East +68 5 £320 - 2
North West +1 5 £369 -13.23% 4
Manchester -9 5 £369 -9.23% 2
Milton Keynes -13 5 £475 -9.52% 2
Buckinghamshire -15 5 £475 -9.52% 3
Edinburgh +15 3 - -
Canary Wharf +3 3 £550 -8.33%
East Midlands -15 3 £450 -20.35%
Birmingham +11 2 £456 - 4
Wiltshire +6 2 £582 -
Southampton +3 2 £600 +71.42% 1
Kent -2 2 £500 +5.26%
Bournemouth - 2 - -
Coventry - 2 £475 - 1

For the 6 months to 22 June 2017, IT contractor jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all contract ads with a requirement for Penetration Testing.

1 141 (37.11%) Information Security
2 102 (26.84%) Agile Software Development
3 87 (22.89%) Linux
4 81 (21.32%) CISSP
4 81 (21.32%) Firewall
4 81 (21.32%) Security Cleared
5 76 (20.00%) Java
6 68 (17.89%) Network Security
7 67 (17.63%) Management Information System
8 64 (16.84%) ISO/IEC 27001
9 63 (16.58%) SC Cleared
10 56 (14.74%) Security Testing
11 55 (14.47%) Puppet
12 54 (14.21%) Windows
13 52 (13.68%) Microsoft
13 52 (13.68%) OWASP
13 52 (13.68%) Amazon AWS
14 50 (13.16%) Finance
15 49 (12.89%) Configuration Management
16 48 (12.63%) Intrusion Detection
17 47 (12.37%) PCI DSS
17 47 (12.37%) Cybersecurity
18 46 (12.11%) SIEM
19 45 (11.84%) Risk Management
20 42 (11.05%) TCP/IP
21 41 (10.79%) CISM
21 41 (10.79%) Security Monitoring
22 40 (10.53%) Risk Assessment
23 39 (10.26%) Internet
23 39 (10.26%) Jenkins

Penetration Testing
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 8 (2.11%) Liferay
2 7 (1.84%) JBoss
3 6 (1.58%) WebSphere
4 5 (1.32%) Apache
5 4 (1.05%) CMS
5 4 (1.05%) IIS
5 4 (1.05%) nginx
5 4 (1.05%) Tomcat
5 4 (1.05%) Umbraco
5 4 (1.05%) WebLogic
6 3 (0.79%) Adobe Experience Manager
6 3 (0.79%) Sitecore CMS
7 2 (0.53%) Blackberry Enterprise Server
7 2 (0.53%) Exchange Server 2003
7 2 (0.53%) Exchange Server 2010
7 2 (0.53%) Jetty
7 2 (0.53%) Mongrel
7 2 (0.53%) MS Exchange
7 2 (0.53%) SharePoint
8 1 (0.26%) Elasticsearch
Applications
1 17 (4.47%) Microsoft Office
2 2 (0.53%) Microsoft Excel
Business Applications
1 11 (2.89%) Oracle Utilities
2 2 (0.53%) Oracle EBS
2 2 (0.53%) Temenos T24
3 1 (0.26%) Dynamics CRM
3 1 (0.26%) Oracle EBS R12
3 1 (0.26%) Oracle ERP
3 1 (0.26%) Oracle Financials
3 1 (0.26%) SAP Oil and Gas
Cloud Services
1 52 (13.68%) Amazon AWS
2 27 (7.11%) IaaS
3 18 (4.74%) Microsoft Azure
4 13 (3.42%) PaaS
5 10 (2.63%) Cloud Computing
6 6 (1.58%) Amazon ELB
6 6 (1.58%) Amazon S3
6 6 (1.58%) AWS CloudFormation
7 5 (1.32%) Route 53
7 5 (1.32%) Virtual Private Cloud
8 4 (1.05%) SaaS
9 3 (0.79%) Office 365
9 3 (0.79%) OpenShift
10 2 (0.53%) Amazon EC2
10 2 (0.53%) Google App Engine
10 2 (0.53%) Google Cloud Platform
11 1 (0.26%) Amazon SQS
11 1 (0.26%) Dynamics 365
11 1 (0.26%) G Suite
Communications & Networking
1 81 (21.32%) Firewall
2 68 (17.89%) Network Security
3 48 (12.63%) Intrusion Detection
4 42 (11.05%) TCP/IP
5 39 (10.26%) Internet
6 33 (8.68%) HTTP
7 30 (7.89%) SSL
8 27 (7.11%) Wireless
9 20 (5.26%) DNS
9 20 (5.26%) VPN
10 16 (4.21%) IPsec
10 16 (4.21%) LAN
10 16 (4.21%) WAN
11 13 (3.42%) HTTPS
12 11 (2.89%) DHCP
13 9 (2.37%) Kerberos
14 8 (2.11%) LDAP
15 7 (1.84%) NetScaler
16 6 (1.58%) Cisco Nexus
16 6 (1.58%) SSH
Database & Business Intelligence
1 15 (3.95%) MongoDB
1 15 (3.95%) PostgreSQL
1 15 (3.95%) Relational Database
2 13 (3.42%) Redis
3 5 (1.32%) Amazon RDS
4 4 (1.05%) SQL Server
5 3 (0.79%) Data Warehouse
6 2 (0.53%) Big Data
6 2 (0.53%) RDBMS
7 1 (0.26%) Blockchain
7 1 (0.26%) Hadoop
7 1 (0.26%) MySQL
Development Applications
1 39 (10.26%) Jenkins
2 17 (4.47%) Git (software)
3 13 (3.42%) AppScan
4 8 (2.11%) Visual Studio
5 6 (1.58%) JIRA
5 6 (1.58%) Selenium
5 6 (1.58%) Vagrant
6 5 (1.32%) Cucumber
6 5 (1.32%) JUnit
6 5 (1.32%) RSpec
6 5 (1.32%) WebDriver
7 4 (1.05%) IDA Disassembler
8 3 (0.79%) Metasploit
8 3 (0.79%) OllyDbg
8 3 (0.79%) Travis CI
9 2 (0.53%) Pylint
9 2 (0.53%) SoapUI
10 1 (0.26%) Appium
10 1 (0.26%) Burp Suite
10 1 (0.26%) NeoLoad
General
1 50 (13.16%) Finance
2 24 (6.32%) Banking
3 20 (5.26%) Legal
4 18 (4.74%) Law
5 12 (3.16%) Retail
6 5 (1.32%) Games
7 4 (1.05%) Investment Banking
8 3 (0.79%) Financial Institution
8 3 (0.79%) Manufacturing
8 3 (0.79%) Telecoms
9 2 (0.53%) Spanish Language
10 1 (0.26%) Automotive
10 1 (0.26%) Electronics
10 1 (0.26%) French Language
10 1 (0.26%) Marketing
10 1 (0.26%) Military
10 1 (0.26%) Publishing
10 1 (0.26%) Retail Banking
Job Titles
1 83 (21.84%) Consultant
2 69 (18.16%) Analyst
3 63 (16.58%) Security Consultant
4 61 (16.05%) Security Analyst
5 35 (9.21%) Security Engineer
6 27 (7.11%) Architect
7 26 (6.84%) Security Manager
7 26 (6.84%) Tester
8 25 (6.58%) Penetration Tester
9 22 (5.79%) Information Security Consultant
10 21 (5.53%) Project Manager
11 20 (5.26%) Security Architect
12 19 (5.00%) DevOps Engineer
13 15 (3.95%) Applications Consultant
14 14 (3.68%) Security Project Manager
15 13 (3.42%) Technical Consultant
16 12 (3.16%) Information Analyst
16 12 (3.16%) Information Security Analyst
16 12 (3.16%) Information Security Manager
16 12 (3.16%) Technical Security Consultant
Libraries, Frameworks & Software Standards
1 16 (4.21%) .NET
1 16 (4.21%) Web Services
2 14 (3.68%) Node.js
3 9 (2.37%) SAML
4 6 (1.58%) J2EE
5 3 (0.79%) ASP.NET
5 3 (0.79%) Gherkin
5 3 (0.79%) Middleware
6 2 (0.53%) .NET Framework
6 2 (0.53%) Elastic Stack
6 2 (0.53%) Flash
6 2 (0.53%) Java EE
6 2 (0.53%) Servlets
6 2 (0.53%) SOAP
6 2 (0.53%) Spring
6 2 (0.53%) Spring Security
7 1 (0.26%) OAuth
Miscellaneous
1 67 (17.63%) Management Information System
2 36 (9.47%) Analytical Skills
3 21 (5.53%) Data Centre
4 20 (5.26%) Cyberthreat
5 16 (4.21%) Computer Science
6 12 (3.16%) Mobile App
6 12 (3.16%) PKI
7 9 (2.37%) Public Cloud
7 9 (2.37%) Wiki
8 7 (1.84%) CESG
9 5 (1.32%) Data Protection Act
9 5 (1.32%) Distributed Denial-of-Service
9 5 (1.32%) Security Operations Centre
10 4 (1.05%) BYOD
10 4 (1.05%) PMI
10 4 (1.05%) Smart Meter
11 3 (0.79%) Fintech
11 3 (0.79%) Greenfield Project
12 2 (0.53%) Cyber Attack
12 2 (0.53%) Cyber Defence
Operating Systems
1 87 (22.89%) Linux
2 54 (14.21%) Windows
3 18 (4.74%) Unix
4 14 (3.68%) Mac OS X
5 11 (2.89%) AIX
6 8 (2.11%) Red Hat Enterprise Linux
7 4 (1.05%) SUSE
7 4 (1.05%) VMS
7 4 (1.05%) Windows Server
8 3 (0.79%) Android
8 3 (0.79%) Kali Linux
9 2 (0.53%) Apple iOS
9 2 (0.53%) Solaris
9 2 (0.53%) Windows 10
9 2 (0.53%) Windows Server 2003
9 2 (0.53%) Windows Server 2008
10 1 (0.26%) CentOS
10 1 (0.26%) Windows 7
Processes & Methodologies
1 141 (37.11%) Information Security
2 102 (26.84%) Agile Software Development
3 56 (14.74%) Security Testing
4 52 (13.68%) OWASP
5 49 (12.89%) Configuration Management
6 47 (12.37%) Cybersecurity
7 46 (12.11%) SIEM
8 45 (11.84%) Risk Management
9 41 (10.79%) Security Monitoring
10 40 (10.53%) Risk Assessment
11 39 (10.26%) Vulnerability Assessment
12 38 (10.00%) User Acceptance Testing
13 36 (9.47%) DevOps
14 33 (8.68%) Cryptography
14 33 (8.68%) ITIL
15 31 (8.16%) Security Operations
16 30 (7.89%) Project Management
17 29 (7.63%) SDLC
18 27 (7.11%) Malware Analysis
19 26 (6.84%) Ethical Hacking
Programming Languages
1 76 (20.00%) Java
2 35 (9.21%) Python
3 28 (7.37%) Ruby
4 20 (5.26%) Bash Shell
5 15 (3.95%) C#
6 14 (3.68%) PowerShell
7 13 (3.42%) C-shell
7 13 (3.42%) Korn
8 10 (2.63%) SQL
9 9 (2.37%) C++
10 7 (1.84%) Perl
11 6 (1.58%) JavaScript
11 6 (1.58%) PHP
11 6 (1.58%) Scala
12 5 (1.32%) C
12 5 (1.32%) Shell Script
13 4 (1.05%) Assembly Language
14 2 (0.53%) COBOL
15 1 (0.26%) VBScript
Qualifications
1 81 (21.32%) CISSP
1 81 (21.32%) Security Cleared
2 63 (16.58%) SC Cleared
3 41 (10.79%) CISM
4 38 (10.00%) SANS
5 29 (7.63%) CREST Certified
6 26 (6.84%) CEH
7 24 (6.32%) Cisco Certification
7 24 (6.32%) Degree
8 20 (5.26%) CISA
9 18 (4.74%) GIAC
10 15 (3.95%) CCSP
11 14 (3.68%) (ISC)2 CCSP
11 14 (3.68%) Computer Science Degree
12 12 (3.16%) MAPM
12 12 (3.16%) OSCP
13 10 (2.63%) DV Cleared
14 6 (1.58%) CCNP
15 5 (1.32%) CISMP
15 5 (1.32%) RHCE
Quality Assurance & Compliance
1 64 (16.84%) ISO/IEC 27001
2 47 (12.37%) PCI DSS
3 14 (3.68%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
4 13 (3.42%) COBIT
5 12 (3.16%) NIST 800
6 11 (2.89%) QA
7 9 (2.37%) GDPR
8 8 (2.11%) ISO/IEC 27005
9 6 (1.58%) Cyber Essentials
10 5 (1.32%) ISO 22301
10 5 (1.32%) WCAG
11 4 (1.05%) RMADS
12 3 (0.79%) SLA
12 3 (0.79%) Web Application Security Consortium
13 2 (0.53%) ISAE 3402
13 2 (0.53%) PMO
13 2 (0.53%) SSAE 16
14 1 (0.26%) GPG13
14 1 (0.26%) HMG Security Policy Framework
14 1 (0.26%) ISO 31000
System Software
1 11 (2.89%) Active Directory
1 11 (2.89%) VMware Infrastructure
2 9 (2.37%) Docker
3 3 (0.79%) VirtualBox
4 2 (0.53%) Firmware
4 2 (0.53%) Xen
5 1 (0.26%) BitLocker
5 1 (0.26%) vCloud
5 1 (0.26%) vSphere
Systems Management
1 55 (14.47%) Puppet
2 35 (9.21%) Opscode Chef
3 18 (4.74%) Ansible
4 16 (4.21%) McAfee ePO
5 12 (3.16%) HP Fortify
6 9 (2.37%) CA Single Sign-On
7 8 (2.11%) EnCase
8 5 (1.32%) Nagios
8 5 (1.32%) Terraform
9 4 (1.05%) Cobbler
10 3 (0.79%) Computer Emergency Response Teams
10 3 (0.79%) Nessus
11 2 (0.53%) Microsoft Clustering
11 2 (0.53%) QRadar
12 1 (0.26%) Nexpose
12 1 (0.26%) Salt
12 1 (0.26%) Systems Management Server (SMS)
12 1 (0.26%) TrustSec
Vendors
1 52 (13.68%) Microsoft
2 20 (5.26%) Cisco
3 18 (4.74%) Oracle
4 17 (4.47%) CheckPoint
5 16 (4.21%) Dell
5 16 (4.21%) McAfee
6 15 (3.95%) Citrix
7 14 (3.68%) HP
8 13 (3.42%) Rapid7
8 13 (3.42%) VMware
9 12 (3.16%) IBM
9 12 (3.16%) LogRhythm
10 10 (2.63%) Black Duck
10 10 (2.63%) Juniper
11 9 (2.37%) CA
12 8 (2.11%) ArcSight
12 8 (2.11%) Splunk
13 7 (1.84%) Aruba
13 7 (1.84%) Red Hat
14 5 (1.32%) Symantec
Milton Keynes, Buckinghamshire
Rullion
Posted: 6 days ago
London
Global Technology Solutions Ltd
Rate: £27000 - £31000 per annum
Posted: 3 days ago
London
FRG Technology Consulting
Rate: £600 - £700 per annum
Posted: 2 days ago