SANS Contract Job Trends, Contractor Rates & Co-Occurring Skills

SANS Institute
UK

The table below provides summary statistics for contract job vacancies with a requirement for SANS qualifications. It includes a benchmarking guide to the contractor rates offered over the 6 months leading up to 25 November 2025, comparing them to the same period in the previous two years.

	6 months to 25 Nov 2025	Same period 2024	Same period 2023
Rank	559	555	459
Rank change year-on-year	-4	-96	+300
Contract jobs citing SANS	32	17	163
As % of all contract jobs in the UK	0.089%	0.047%	0.35%
As % of the Qualifications category	0.27%	0.16%	1.21%
Number of daily rates quoted	19	7	50
10^th Percentile	£484	£225	£548
25^th Percentile	£511	£369	£580
Median daily rate (50^th Percentile)	£537	£600	£659
Median % change year-on-year	-10.50%	-8.92%	+12.13%
75^th Percentile	£684	£625	£722
90^th Percentile	£890	£685	£771
UK excluding London median daily rate	£537	£600	£629
% change year-on-year	-10.50%	-4.57%	+28.97%

All Academic and Professional Certifications
UK

SANS falls under the Academic Qualifications and Professional Certifications category. For comparison with the information above, the following table provides summary statistics for all contract job vacancies requiring academic qualifications or professional certifications.

Contract vacancies requiring academic qualifications or professional certifications	11,911	10,689	13,502
As % of all contract IT jobs advertised in the UK	33.27%	29.43%	29.31%
Number of daily rates quoted	7,669	6,433	8,550
10^th Percentile	£304	£310	£300
25^th Percentile	£413	£423	£425
Median daily rate (50^th Percentile)	£525	£525	£550
Median % change year-on-year	-	-4.55%	-
75^th Percentile	£625	£638	£650
90^th Percentile	£723	£725	£725
UK excluding London median daily rate	£500	£520	£538
% change year-on-year	-3.85%	-3.26%	+2.38%
Number of hourly rates quoted	1,024	524	762
10^th Percentile	£17.56	£18.78	£17.72
25^th Percentile	£19.38	£24.18	£27.70
Median hourly rate	£25.15	£45.00	£53.85
Median % change year-on-year	-44.11%	-16.43%	+19.67%
75^th Percentile	£45.46	£67.08	£68.75
90^th Percentile	£73.75	£75.00	£80.00
UK excluding London median hourly rate	£25.15	£47.25	£52.50
% change year-on-year	-46.77%	-10.01%	+19.32%

SANS
Job Vacancy Trend

Historical trend showing the proportion of contract IT job postings citing SANS relative to all contract IT jobs advertised.

SANS
Daily Rate Trend

Contractor daily rate distribution trend for jobs in the UK citing SANS.

SANS
Daily Rate Histogram

Daily rate distribution for jobs citing SANS over the 6 months to 25 November 2025.

SANS
Hourly Rate Trend

Contractor hourly rate distribution trend for jobs in the UK citing SANS.

SANS
Top 11 Contract Job Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing SANS within the UK over the 6 months to 25 November 2025. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Contract IT Job Ads	Median Daily Rate Past 6 Months	Median Daily Rate % Change on Same Period Last Year	Live Jobs
England	-9	24	£537	-10.50%	5
Work from Home	+26	16	£625	-	6
London	+9	13	£563	+7.14%	1
UK excluding London	-19	13	£537	-10.50%	6
South West	+2	6	£537	-10.50%	1
South East	-	4	£581	-	1
Midlands	-	2	-	-
West Midlands	-	2	-	-
East of England	-15	1	£850	-
Scotland	-	1	-	-	2
Wales	-	1	£500	-	1

SANS
Top 30 Co-Occurring Skills & Capabilities

For the 6 months to 25 November 2025, contractor job vacancies citing SANS also mentioned the following skills and capabilities in order of popularity. The figures indicate the absolute number of co-occurrences and as a proportion of all contract job ads with a requirement for SANS.

1	24 (75.00%)	CISSP
2	19 (59.38%)	AWS
2	19 (59.38%)	Cybersecurity
3	17 (53.13%)	NIST
4	16 (50.00%)	Azure
5	13 (40.63%)	Cloud Security
5	13 (40.63%)	SIEM
6	12 (37.50%)	Degree
6	12 (37.50%)	GIAC
6	12 (37.50%)	Incident Response
7	11 (34.38%)	Agile
7	11 (34.38%)	ISO/IEC 27001
8	10 (31.25%)	MITRE ATT&CK
8	10 (31.25%)	OWASP
8	10 (31.25%)	Python

8	10 (31.25%)	Security Operations
9	9 (28.13%)	GCP
9	9 (28.13%)	Security Cleared
10	8 (25.00%)	OSCP
10	8 (25.00%)	Palo Alto
10	8 (25.00%)	Penetration Testing
10	8 (25.00%)	SC Cleared
10	8 (25.00%)	Test Automation
10	8 (25.00%)	Vulnerability Management
11	7 (21.88%)	PCI DSS
11	7 (21.88%)	Security Management
12	6 (18.75%)	Application Security
12	6 (18.75%)	CI/CD
12	6 (18.75%)	CISM
12	6 (18.75%)	CompTIA CySA+

SANS
Co-Occurring Skills & Capabilities by Category

The following tables expand on the one above by listing co-occurrences grouped by category. They cover the same employment type, locality and period, with up to 20 co-occurrences shown in each category:

Application Platforms
1	3 (9.38%)	SharePoint

Cloud Services
1	19 (59.38%)	AWS
2	16 (50.00%)	Azure
3	9 (28.13%)	GCP
4	3 (9.38%)	Azure Sentinel
4	3 (9.38%)	Entra ID
5	2 (6.25%)	Microsoft 365
5	2 (6.25%)	OCI
6	1 (3.13%)	Amazon ECR
6	1 (3.13%)	Amazon EKS
6	1 (3.13%)	AWS CloudFormation
6	1 (3.13%)	AWS Fargate
6	1 (3.13%)	Azure AKS
6	1 (3.13%)	GitHub
6	1 (3.13%)	Google Kubernetes Engine
6	1 (3.13%)	IaaS
6	1 (3.13%)	Microsoft Purview
6	1 (3.13%)	PaaS
6	1 (3.13%)	Power Platform
6	1 (3.13%)	SaaS
6	1 (3.13%)	Tessian

Communications & Networking
1	5 (15.63%)	Firewall
2	2 (6.25%)	Network Security
2	2 (6.25%)	SSL
2	2 (6.25%)	VLAN
2	2 (6.25%)	VPN
3	1 (3.13%)	Internet
3	1 (3.13%)	Intranet
3	1 (3.13%)	Intrusion Detection
3	1 (3.13%)	NGFW
3	1 (3.13%)	Wireless

Database & Business Intelligence
1	1 (3.13%)	Power BI

Development Applications
1	4 (12.50%)	JIRA
2	3 (9.38%)	Burp Suite
3	2 (6.25%)	Metasploit
3	2 (6.25%)	sqlmap
4	1 (3.13%)	Git
4	1 (3.13%)	Jenkins
4	1 (3.13%)	SonarQube

General
1	12 (37.50%)	Social Skills
2	6 (18.75%)	Public Sector
3	3 (9.38%)	Analytical Skills
3	3 (9.38%)	Finance
3	3 (9.38%)	Inclusion and Diversity
3	3 (9.38%)	Legal
4	1 (3.13%)	Banking
4	1 (3.13%)	Influencing Skills
4	1 (3.13%)	Law
4	1 (3.13%)	Military
4	1 (3.13%)	Organisational Skills
4	1 (3.13%)	Presentation Skills
4	1 (3.13%)	Telecoms

Job Titles
1	11 (34.38%)	Security Engineer
2	7 (21.88%)	Analyst
2	7 (21.88%)	Security Analyst
3	5 (15.63%)	Consultant
4	4 (12.50%)	Tester
5	3 (9.38%)	Penetration Tester
5	3 (9.38%)	Senior
6	2 (6.25%)	Architect
6	2 (6.25%)	Cybersecurity Specialist
6	2 (6.25%)	Head of Information Security
6	2 (6.25%)	Security Consultant
6	2 (6.25%)	Security Specialist
6	2 (6.25%)	Senior Consultant
6	2 (6.25%)	Test Engineer
7	1 (3.13%)	AWS Architect
7	1 (3.13%)	Azure Architect
7	1 (3.13%)	Cloud Engineer
7	1 (3.13%)	Head of Information
7	1 (3.13%)	SOC Consultant
7	1 (3.13%)	Vulnerability Consultant

Libraries, Frameworks & Software Standards
1	1 (3.13%)	.NET
1	1 (3.13%)	JWT
1	1 (3.13%)	REST
1	1 (3.13%)	Spring

Miscellaneous
1	7 (21.88%)	Security Posture
2	6 (18.75%)	Cyber Defence
3	4 (12.50%)	Management Information System
4	3 (9.38%)	Security Operations Centre
5	2 (6.25%)	CSOC
5	2 (6.25%)	Cyber Threat
5	2 (6.25%)	Enterprise Software
5	2 (6.25%)	Operational Technology
5	2 (6.25%)	PKI
6	1 (3.13%)	Algorithms
6	1 (3.13%)	Cloud Native
6	1 (3.13%)	Cloud Security Posture
6	1 (3.13%)	Cyber Kill Chain
6	1 (3.13%)	Cyber Security Posture
6	1 (3.13%)	Data Centre
6	1 (3.13%)	Hybrid Cloud
6	1 (3.13%)	SCADA

Operating Systems
1	4 (12.50%)	Linux
2	3 (9.38%)	Windows
3	1 (3.13%)	Kali Linux

Processes & Methodologies
1	19 (59.38%)	Cybersecurity
2	13 (40.63%)	Cloud Security
2	13 (40.63%)	SIEM
3	12 (37.50%)	Incident Response
4	11 (34.38%)	Agile
5	10 (31.25%)	MITRE ATT&CK
5	10 (31.25%)	OWASP
5	10 (31.25%)	Security Operations
6	8 (25.00%)	Penetration Testing
6	8 (25.00%)	Test Automation
6	8 (25.00%)	Vulnerability Management
7	7 (21.88%)	Security Management
8	6 (18.75%)	Application Security
8	6 (18.75%)	CI/CD
8	6 (18.75%)	DevSecOps
8	6 (18.75%)	Impact Assessments
8	6 (18.75%)	Security Testing
9	5 (15.63%)	Information Security
9	5 (15.63%)	Infrastructure as Code
9	5 (15.63%)	Problem-Solving

Programming Languages
1	10 (31.25%)	Python
2	6 (18.75%)	PowerShell
3	2 (6.25%)	Bash
3	2 (6.25%)	Java
4	1 (3.13%)	Perl
4	1 (3.13%)	SQL

Qualifications
1	24 (75.00%)	CISSP
2	12 (37.50%)	Degree
2	12 (37.50%)	GIAC
3	9 (28.13%)	Security Cleared
4	8 (25.00%)	OSCP
4	8 (25.00%)	SC Cleared
5	6 (18.75%)	CISM
5	6 (18.75%)	CompTIA CySA+
5	6 (18.75%)	CREST Certified
5	6 (18.75%)	Network+ Certification
6	4 (12.50%)	CEH
6	4 (12.50%)	DV Cleared
7	3 (9.38%)	CISA
7	3 (9.38%)	ISACA
8	2 (6.25%)	CCSP
8	2 (6.25%)	Cisco Certification
8	2 (6.25%)	GPEN
8	2 (6.25%)	GSEC
8	2 (6.25%)	OSCE
8	2 (6.25%)	SSCP

Quality Assurance & Compliance
1	17 (53.13%)	NIST
2	11 (34.38%)	ISO/IEC 27001
3	7 (21.88%)	PCI DSS
4	5 (15.63%)	HIPAA
5	4 (12.50%)	NIST 800
6	3 (9.38%)	GDPR
7	1 (3.13%)	GRC
7	1 (3.13%)	NCSC
7	1 (3.13%)	QA

System Software
1	3 (9.38%)	Active Directory
2	1 (3.13%)	Docker

Systems Management
1	3 (9.38%)	Nessus
1	3 (9.38%)	Nmap
2	2 (6.25%)	Ansible
2	2 (6.25%)	Kubernetes
2	2 (6.25%)	QRadar
2	2 (6.25%)	Terraform
3	1 (3.13%)	Computer Emergency Response Teams
3	1 (3.13%)	Istio
3	1 (3.13%)	Microsoft Intune

Vendors
1	8 (25.00%)	Palo Alto
2	5 (15.63%)	Microsoft
3	2 (6.25%)	Cisco
3	2 (6.25%)	Rapid7
3	2 (6.25%)	ServiceNow
3	2 (6.25%)	Splunk
4	1 (3.13%)	CheckPoint
4	1 (3.13%)	Clearswift
4	1 (3.13%)	CrowdStrike
4	1 (3.13%)	CyberArk
4	1 (3.13%)	Exabeam
4	1 (3.13%)	Fortinet
4	1 (3.13%)	Google
4	1 (3.13%)	Qualys
4	1 (3.13%)	Tenable
4	1 (3.13%)	Zscaler

SANS InstituteUK

All Academic and Professional CertificationsUK

SANSJob Vacancy Trend

SANSDaily Rate Trend

SANSDaily Rate Histogram

SANSHourly Rate Trend

SANSTop 11 Contract Job Locations

SANSTop 30 Co-Occurring Skills & Capabilities

SANSCo-Occurring Skills & Capabilities by Category