Period
to 17 August 2019

The following table provides summary statistics for contract job vacancies with a requirement for SANS qualifications. Included is a benchmarking guide to the contractor rates offered over the 6 months to 17 August 2019 with a comparison to the same period in the previous 2 years.

Note that daily and hourly rates are treated separately in these statistics. When calculating contractor rate percentiles, daily rates are never derived from quoted hourly rates or vice versa.

SANS Institute
UK
6 months to
17 Aug 2019
Same period 2018 Same period 2017
Rank 712 830 750
Rank change year-on-year +118 -80 +92
Contract jobs citing SANS 132 76 115
As % of all contract IT jobs advertised in the UK 0.14% 0.074% 0.12%
As % of the Qualifications category 0.76% 0.39% 0.62%
Number of daily rates quoted 85 58 88
UK median daily rate £550 £575 £474
Median daily rate % change year-on-year -4.35% +21.37% -2.57%
10th Percentile £372 £410 £409
90th Percentile £731 £708 £600
UK excluding London median daily rate £520 £560 £473
% change year-on-year -7.14% +18.52% -2.33%
Number of hourly rates quoted 8 0 0
UK median hourly rate £42.75 - -
UK excluding London median hourly rate £42.75 - -

SANS is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Contract vacancies requiring academic qualifications or professional certifications 17,434 19,259 18,622
As % of all contract IT jobs advertised in the UK 19.13% 18.69% 19.45%
Number of daily rates quoted 10,572 11,413 11,289
UK median daily rate £473 £450 £425
Median daily rate % change year-on-year +5.00% +5.88% +3.66%
10th Percentile £263 £249 £250
90th Percentile £648 £625 £600
UK excluding London median daily rate £442 £415 £400
% change year-on-year +6.45% +3.75% +5.26%
Number of hourly rates quoted 840 933 947
UK median hourly rate £36.00 £22.93 £29.75
Median hourly rate % change year-on-year +57.00% -22.92% +7.01%
10th Percentile £13.75 £12.65 £12.00
90th Percentile £60.00 £50.00 £51.20
UK excluding London median hourly rate £37.24 £23.00 £31.00
% change year-on-year +61.90% -25.81% +10.71%

SANS
Job Vacancy Trend

Job postings citing SANS as a percentage of all IT jobs advertised.

Job vacancy trend for SANS in the UK

SANS
Contractor Daily Rate Trend

This chart provides the 3-month moving average for daily rates quoted in contract jobs citing SANS.

Contractor daily rate trend for SANS in the UK

SANS
Contractor Daily Rate Histogram

The daily rate distribution of IT jobs citing SANS over the 6 months to 17 August 2019.

Contractor daily rate histogram for SANS in the UK

SANS
Contractor Hourly Rate Trend

This chart provides the 3-month moving average for contractor hourly rates quoted in IT jobs citing SANS.

Contractor hourly rate trend for SANS in the UK

SANS
Top 13 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing SANS within the UK over the 6 months to 17 August 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Past 6 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +104 123 £550 -6.46% 32
UK excluding London +71 71 £520 -7.14% 21
London +75 61 £563 -6.25% 12
South West +5 26 £694 +23.33% 8
South East +42 21 £550 -8.33% 1
East of England +21 7 £343 -39.25% 3
Midlands +25 6 £463 -5.13% 6
West Midlands +17 6 £463 -7.50% 6
Wales - 5 £390 -
Scotland +31 4 £700 +27.27% 1
North of England +27 2 £225 -66.67% 2
Yorkshire +12 1 - - 1
North West - 1 £225 - 1

For the 6 months to 17 August 2019, IT contractor jobs citing SANS also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all contract job ads with a requirement for SANS.

1 68 (51.52%) Cybersecurity
2 60 (45.45%) CISSP
3 52 (39.39%) OWASP
4 51 (38.64%) Information Security
5 45 (34.09%) SIEM
6 35 (26.52%) Firewall
7 32 (24.24%) Penetration Testing
7 32 (24.24%) ISO/IEC 27001
8 30 (22.73%) Security Architecture
9 29 (21.97%) CEH
9 29 (21.97%) Security Operations
10 27 (20.45%) NIST
10 27 (20.45%) Microsoft Azure
11 26 (19.70%) GIAC
11 26 (19.70%) Finance
12 25 (18.94%) Vulnerability Management
13 24 (18.18%) Amazon AWS
13 24 (18.18%) Security Testing
14 23 (17.42%) Management Information System
15 22 (16.67%) CISM
16 21 (15.91%) Cisco Certification
16 21 (15.91%) .NET
16 21 (15.91%) ITIL
16 21 (15.91%) Burp Suite
16 21 (15.91%) Analytics
17 20 (15.15%) CREST Certified
17 20 (15.15%) Python
17 20 (15.15%) Law
17 20 (15.15%) Agile Software Development
18 19 (14.39%) Security Cleared

SANS
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 4 (3.03%) Confluence
Applications
1 6 (4.55%) Microsoft Office
1 6 (4.55%) MS Visio
2 2 (1.52%) Microsoft Excel
Cloud Services
1 27 (20.45%) Microsoft Azure
2 24 (18.18%) Amazon AWS
3 8 (6.06%) IaaS
3 8 (6.06%) Office 365
3 8 (6.06%) OpenShift
3 8 (6.06%) PaaS
4 7 (5.30%) SaaS
5 3 (2.27%) Google Cloud Platform
6 1 (0.76%) Basecamp
Communications & Networking
1 35 (26.52%) Firewall
2 17 (12.88%) Intrusion Detection
3 16 (12.12%) TCP/IP
4 13 (9.85%) Wireshark
5 12 (9.09%) Cisco ASA
6 11 (8.33%) Internet
7 6 (4.55%) Network Security
8 4 (3.03%) DNS
8 4 (3.03%) LAN
8 4 (3.03%) MPLS
8 4 (3.03%) SAN
8 4 (3.03%) SNMP
8 4 (3.03%) WAN
9 3 (2.27%) Software-Defined Networking
9 3 (2.27%) VLAN
10 2 (1.52%) Intranet
10 2 (1.52%) IPsec
10 2 (1.52%) SSL
10 2 (1.52%) VPN
11 1 (0.76%) EIGRP
Database & Business Intelligence
1 5 (3.79%) Big Data
2 2 (1.52%) EDRMS
3 1 (0.76%) MongoDB
3 1 (0.76%) Oracle Reports
3 1 (0.76%) RDBMS
3 1 (0.76%) Relational Database
Development Applications
1 21 (15.91%) Burp Suite
2 9 (6.82%) Jenkins
3 8 (6.06%) JIRA
3 8 (6.06%) Metasploit
4 5 (3.79%) AppScan
4 5 (3.79%) Visual Studio Team System
5 4 (3.03%) Balsamiq
6 3 (2.27%) Bitbucket
6 3 (2.27%) Git (software)
6 3 (2.27%) Visual Studio
7 2 (1.52%) SoapUI
8 1 (0.76%) Atlassian Bamboo
8 1 (0.76%) Team Foundation Server
General
1 26 (19.70%) Finance
2 20 (15.15%) Law
3 8 (6.06%) Telecoms
4 6 (4.55%) Manufacturing
5 5 (3.79%) Electronics
5 5 (3.79%) Marketing
5 5 (3.79%) Retail
6 4 (3.03%) Banking
7 3 (2.27%) Legal
7 3 (2.27%) Multimedia
8 1 (0.76%) Aerospace
8 1 (0.76%) Arabic Language
8 1 (0.76%) Investment Banking
8 1 (0.76%) Retail Banking
Job Titles
1 38 (28.79%) Analyst
2 30 (22.73%) Architect
2 30 (22.73%) Security Architect
3 29 (21.97%) Security Analyst
4 19 (14.39%) Tester
5 15 (11.36%) Security Tester
6 14 (10.61%) Cybersecurity Analyst
7 13 (9.85%) SOC Analyst
8 10 (7.58%) Security Manager
9 9 (6.82%) Cloud Architect
10 8 (6.06%) Applications Tester
10 8 (6.06%) Penetration Tester
11 7 (5.30%) Information Manager
11 7 (5.30%) Information Security Manager
11 7 (5.30%) Security Engineer
12 6 (4.55%) Business Analyst
13 4 (3.03%) Consultant
13 4 (3.03%) IT Manager
13 4 (3.03%) Risk Manager
13 4 (3.03%) Senior Security Analyst
Libraries, Frameworks & Software Standards
1 21 (15.91%) .NET
2 12 (9.09%) Web Services
3 5 (3.79%) .NET Framework
3 5 (3.79%) HTML
3 5 (3.79%) Middleware
4 3 (2.27%) .NET Core
4 3 (2.27%) Ajax
4 3 (2.27%) ASP.NET
4 3 (2.27%) JSON
4 3 (2.27%) RESTful
4 3 (2.27%) Spring
4 3 (2.27%) XML
5 2 (1.52%) AngularJS
5 2 (1.52%) jQuery
5 2 (1.52%) React
6 1 (0.76%) 802.1X
6 1 (0.76%) Kafka
6 1 (0.76%) Regular Expression
6 1 (0.76%) Struts
6 1 (0.76%) Underscore.js
Miscellaneous
1 23 (17.42%) Management Information System
2 10 (7.58%) Cyberattack
3 9 (6.82%) Analytical Skills
4 7 (5.30%) Cyberthreat
4 7 (5.30%) Distributed Denial-of-Service
5 6 (4.55%) Hybrid Cloud
6 5 (3.79%) Security Operations Centre
6 5 (3.79%) User Experience
7 4 (3.03%) PKI
7 4 (3.03%) Public Cloud
8 3 (2.27%) Cloud Native
8 3 (2.27%) Private Cloud
9 2 (1.52%) Mobile App
9 2 (1.52%) Self-Motivation
9 2 (1.52%) Smartphone
9 2 (1.52%) Virtual Team
10 1 (0.76%) Cyber Defence
10 1 (0.76%) Cyber Kill Chain
Operating Systems
1 18 (13.64%) Windows
2 17 (12.88%) Linux
3 7 (5.30%) Unix
4 5 (3.79%) Android
4 5 (3.79%) Apple iOS
5 4 (3.03%) Kali Linux
6 3 (2.27%) Windows 10
7 2 (1.52%) AIX
Processes & Methodologies
1 68 (51.52%) Cybersecurity
2 52 (39.39%) OWASP
3 51 (38.64%) Information Security
4 45 (34.09%) SIEM
5 32 (24.24%) Penetration Testing
6 30 (22.73%) Security Architecture
7 29 (21.97%) Security Operations
8 25 (18.94%) Vulnerability Management
9 24 (18.18%) Security Testing
10 21 (15.91%) Analytics
10 21 (15.91%) ITIL
11 20 (15.15%) Agile Software Development
12 18 (13.64%) SDLC
12 18 (13.64%) Threat Intelligence
13 17 (12.88%) Open Source
14 16 (12.12%) Ethical Hacking
15 15 (11.36%) Data Security
15 15 (11.36%) Kalman Filter
15 15 (11.36%) Risk Management
16 13 (9.85%) TOGAF
Programming Languages
1 20 (15.15%) Python
2 14 (10.61%) Java
3 11 (8.33%) PHP
4 10 (7.58%) C
4 10 (7.58%) C#
5 9 (6.82%) C++
6 8 (6.06%) JavaScript
6 8 (6.06%) PowerShell
7 7 (5.30%) Perl
8 5 (3.79%) Objective-C
9 3 (2.27%) Shell Script
9 3 (2.27%) SQL
10 2 (1.52%) Apple Swift
11 1 (0.76%) Bash Shell
11 1 (0.76%) Go
Qualifications
1 60 (45.45%) CISSP
2 29 (21.97%) CEH
3 26 (19.70%) GIAC
4 22 (16.67%) CISM
5 21 (15.91%) Cisco Certification
6 20 (15.15%) CREST Certified
7 19 (14.39%) Security Cleared
8 18 (13.64%) CCNA
9 17 (12.88%) OSCP
10 13 (9.85%) SC Cleared
11 11 (8.33%) CESG Certified Professional
11 11 (8.33%) GPEN
11 11 (8.33%) GWAPT
11 11 (8.33%) GXPN
11 11 (8.33%) OSCE
12 10 (7.58%) Degree
13 9 (6.82%) GCIH
14 8 (6.06%) CISA
14 8 (6.06%) DV Cleared
15 7 (5.30%) CLAS
Quality Assurance & Compliance
1 32 (24.24%) ISO/IEC 27001
2 27 (20.45%) NIST
3 18 (13.64%) GDPR
4 13 (9.85%) COBIT
4 13 (9.85%) Cyber Essentials
5 8 (6.06%) PCI DSS
6 7 (5.30%) HIPAA
6 7 (5.30%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
7 6 (4.55%) HMG Security Policy Framework
8 3 (2.27%) Web Application Security Consortium
9 2 (1.52%) ISO 31000
9 2 (1.52%) Sarbanes-Oxley
System Software
1 9 (6.82%) Docker
2 2 (1.52%) Active Directory
Systems Management
1 15 (11.36%) Nessus
2 12 (9.09%) Nmap
3 8 (6.06%) Kubernetes
4 4 (3.03%) CSIRT
4 4 (3.03%) WebInspect
5 3 (2.27%) Computer Emergency Response Teams
5 3 (2.27%) Single Sign-On
6 2 (1.52%) HP Fortify
6 2 (1.52%) Network Intrusion Detection System
6 2 (1.52%) Puppet
7 1 (0.76%) Ansible
7 1 (0.76%) Host Intrusion Detection System
7 1 (0.76%) Terraform
Vendors
1 17 (12.88%) ArcSight
2 16 (12.12%) Cisco
3 14 (10.61%) Microsoft
4 7 (5.30%) Rapid7
4 7 (5.30%) Veracode
5 6 (4.55%) SAP
6 5 (3.79%) IBM
6 5 (3.79%) Netsparker
7 4 (3.03%) Acunetix
7 4 (3.03%) CheckPoint
7 4 (3.03%) Darktrace
7 4 (3.03%) Fortinet
7 4 (3.03%) HP
7 4 (3.03%) Juniper
7 4 (3.03%) Palo Alto
7 4 (3.03%) Qualys
8 3 (2.27%) LogRhythm
8 3 (2.27%) McAfee
8 3 (2.27%) Mercator
8 3 (2.27%) Splunk