Period
to 24 November 2017

The following table provides summary statistics for permanent job vacancies advertised in the City of London with a requirement for Penetration Testing skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Penetration Testing over the 6 months to 24 November 2017 with a comparison to the same period in the previous 2 years.

Penetration Testing
Central London > City of London
6 months to
24 Nov 2017
Same period 2016 Same period 2015
Rank 266 242 361
Rank change year-on-year -24 +119 +29
Permanent jobs citing Penetration Testing 60 113 63
As % of all permanent IT jobs advertised in the City of London 0.59% 0.97% 0.37%
As % of the Processes & Methodologies category 0.65% 1.09% 0.41%
Number of salaries quoted 57 98 50
City of London median annual salary £72,500 £65,000 £60,000
Median salary % change year-on-year +11.54% +8.33% -7.69%
10th Percentile £35,250 £33,750 £35,875
90th Percentile £100,000 £78,750 £85,125
Central London median annual salary £65,000 £65,000 £60,000
% change year-on-year - +8.33% -7.69%

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in the City of London with a requirement for process or methodology skills.

All Process and Methodology Skills
City of London
Permanent vacancies with a requirement for process or methodology skills 9209 10393 15217
As % of all permanent IT jobs advertised in the City of London 90.14% 89.42% 89.17%
Number of salaries quoted 8310 9470 13192
City of London median annual salary £60,000 £60,000 £57,500
Median salary % change year-on-year - +4.35% +4.55%
10th Percentile £36,250 £35,000 £33,750
90th Percentile £95,000 £90,000 £87,500
Central London median annual salary £60,000 £57,500 £57,500
% change year-on-year +4.35% - +4.55%

Penetration Testing
Job Vacancy Trend in the City of London

Job postings citing Penetration Testing as a percentage of all IT jobs advertised in the City of London.

Job vacancy trend for Penetration Testing in the City of London

Penetration Testing
Salary Trend in the City of London

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing Penetration Testing in the City of London.

Salary trend for Penetration Testing in the City of London

Penetration Testing
Salary Histogram in the City of London

The salary distribution of IT jobs citing Penetration Testing in the City of London over the 6 months to 24 November 2017.

Salary histogram for Penetration Testing in the City of London

For the 6 months to 24 November 2017, IT jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads across the City of London region with a requirement for Penetration Testing.

1 32 (53.33%) Finance
2 26 (43.33%) Information Security
3 22 (36.67%) Java
4 16 (26.67%) Cybersecurity
5 15 (25.00%) J2EE
6 14 (23.33%) .NET
6 14 (23.33%) CREST Certified
7 12 (20.00%) Vulnerability Scanning
7 12 (20.00%) Windows
7 12 (20.00%) Agile Software Development
8 11 (18.33%) Firewall
8 11 (18.33%) Linux
9 10 (16.67%) Internet
9 10 (16.67%) Degree
9 10 (16.67%) Security Testing
9 10 (16.67%) CHECK Team Leader
10 9 (15.00%) Secure Coding
10 9 (15.00%) OWASP
10 9 (15.00%) OSCP
10 9 (15.00%) CISSP
11 8 (13.33%) Python
11 8 (13.33%) Analytical Skills
11 8 (13.33%) SDLC
11 8 (13.33%) Vulnerability Assessment
11 8 (13.33%) ISO/IEC 27001
12 7 (11.67%) ISMS
12 7 (11.67%) Android
12 7 (11.67%) Data Centre
12 7 (11.67%) Apple iOS
12 7 (11.67%) Active Directory

Penetration Testing
Co-occurring IT Skills in the City of London by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 5 (8.33%) IIS
2 4 (6.67%) Apache
2 4 (6.67%) JBoss
3 1 (1.67%) Exchange Server 2013
3 1 (1.67%) MS Exchange
3 1 (1.67%) Skype for Business
Cloud Services
1 2 (3.33%) Amazon AWS
2 1 (1.67%) Amazon ELB
2 1 (1.67%) Amazon S3
2 1 (1.67%) AWS CloudFormation
2 1 (1.67%) Microsoft Azure
2 1 (1.67%) Office 365
2 1 (1.67%) Route 53
Communications & Networking
1 11 (18.33%) Firewall
2 10 (16.67%) Internet
3 6 (10.00%) Network Security
4 5 (8.33%) TCP/IP
5 4 (6.67%) LDAP
6 2 (3.33%) Cisco IOS
6 2 (3.33%) DKIM
6 2 (3.33%) DMARC
6 2 (3.33%) WAN
6 2 (3.33%) Wireless
7 1 (1.67%) Bluetooth
7 1 (1.67%) Cisco ISE
7 1 (1.67%) DHCP
7 1 (1.67%) DNS
7 1 (1.67%) FTP
7 1 (1.67%) HTTP
7 1 (1.67%) Intrusion Detection
7 1 (1.67%) NFC
7 1 (1.67%) Skype
7 1 (1.67%) VPN
Database & Business Intelligence
1 4 (6.67%) MongoDB
1 4 (6.67%) MySQL
1 4 (6.67%) NoSQL
1 4 (6.67%) SQL Server
2 1 (1.67%) Amazon RDS
2 1 (1.67%) Oracle Database
Development Applications
1 6 (10.00%) Metasploit
2 5 (8.33%) AppScan
3 4 (6.67%) Burp Suite
4 1 (1.67%) Jenkins
4 1 (1.67%) Vagrant
General
1 32 (53.33%) Finance
2 6 (10.00%) Banking
3 5 (8.33%) Retail
4 3 (5.00%) Telecoms
5 2 (3.33%) Legal
Job Titles
1 11 (18.33%) Penetration Tester
1 11 (18.33%) Tester
2 10 (16.67%) Security Engineer
3 7 (11.67%) Architect
3 7 (11.67%) Team Leader
4 6 (10.00%) Applications Engineer
4 6 (10.00%) Information Officer
4 6 (10.00%) Information Security Officer
4 6 (10.00%) Security Officer
5 5 (8.33%) Security Specialist
5 5 (8.33%) Senior Penetration Tester
5 5 (8.33%) Senior Tester
6 4 (6.67%) Application Security Specialist
6 4 (6.67%) Applications Specialist
6 4 (6.67%) Consultant
6 4 (6.67%) Security Consultant
6 4 (6.67%) Security Manager
6 4 (6.67%) Senior Applications Engineer
6 4 (6.67%) Senior Security Engineer
6 4 (6.67%) Solutions Architect
Libraries, Frameworks & Software Standards
1 15 (25.00%) J2EE
2 14 (23.33%) .NET
3 6 (10.00%) CSS
3 6 (10.00%) Hibernate
3 6 (10.00%) HTML
3 6 (10.00%) J2SE
3 6 (10.00%) Spring
4 5 (8.33%) Web Services
5 4 (6.67%) Ajax
5 4 (6.67%) JSF
5 4 (6.67%) JSON
5 4 (6.67%) Node.js
5 4 (6.67%) OAuth
5 4 (6.67%) OAuth2
5 4 (6.67%) RESTful
5 4 (6.67%) SAML
5 4 (6.67%) SOAP
5 4 (6.67%) SVG
6 2 (3.33%) ASP.NET MVC
6 2 (3.33%) Regular Expression
Miscellaneous
1 8 (13.33%) Analytical Skills
2 7 (11.67%) Data Centre
2 7 (11.67%) Management Information System
3 6 (10.00%) Enterprise Software
4 3 (5.00%) Security Operations Centre
5 2 (3.33%) BYOD
6 1 (1.67%) Computer Science
6 1 (1.67%) Data Protection Act
6 1 (1.67%) Greenfield Project
6 1 (1.67%) PKI
6 1 (1.67%) Replication
6 1 (1.67%) User Experience
Operating Systems
1 12 (20.00%) Windows
2 11 (18.33%) Linux
3 7 (11.67%) Android
3 7 (11.67%) Apple iOS
4 6 (10.00%) Unix
5 1 (1.67%) Kali Linux
Processes & Methodologies
1 26 (43.33%) Information Security
2 16 (26.67%) Cybersecurity
3 12 (20.00%) Agile Software Development
3 12 (20.00%) Vulnerability Scanning
4 10 (16.67%) Security Testing
5 9 (15.00%) OWASP
5 9 (15.00%) Secure Coding
6 8 (13.33%) SDLC
6 8 (13.33%) Vulnerability Assessment
7 7 (11.67%) ISMS
7 7 (11.67%) Project Management
8 6 (10.00%) GAP Analysis
8 6 (10.00%) Open Source
8 6 (10.00%) Security Architecture
8 6 (10.00%) SIEM
9 5 (8.33%) Information Security Governance
9 5 (8.33%) Presales
9 5 (8.33%) Reverse Engineering
10 4 (6.67%) Proactive Management
10 4 (6.67%) Security Operations
Programming Languages
1 22 (36.67%) Java
2 8 (13.33%) Python
3 6 (10.00%) C#
3 6 (10.00%) C++
3 6 (10.00%) JavaScript
3 6 (10.00%) Ruby
3 6 (10.00%) SQL
4 4 (6.67%) C
4 4 (6.67%) Groovy
4 4 (6.67%) Perl
5 3 (5.00%) Bash Shell
5 3 (5.00%) PowerShell
5 3 (5.00%) VB.NET
6 2 (3.33%) Objective-C
6 2 (3.33%) VB
7 1 (1.67%) PHP
Qualifications
1 14 (23.33%) CREST Certified
2 10 (16.67%) CHECK Team Leader
2 10 (16.67%) Degree
3 9 (15.00%) CISSP
3 9 (15.00%) OSCP
4 7 (11.67%) CISM
5 6 (10.00%) SANS
6 4 (6.67%) GPEN
6 4 (6.67%) GXPN
6 4 (6.67%) OSCE
7 3 (5.00%) CISA
7 3 (5.00%) Cisco Certification
7 3 (5.00%) GIAC
7 3 (5.00%) Master's Degree
7 3 (5.00%) SC Cleared
7 3 (5.00%) Security Cleared
8 2 (3.33%) CCNA
8 2 (3.33%) CCNP
8 2 (3.33%) CHECK Team Member
8 2 (3.33%) GCIA
Quality Assurance & Compliance
1 8 (13.33%) ISO/IEC 27001
2 6 (10.00%) COBIT
3 3 (5.00%) GDPR
3 3 (5.00%) PCI DSS
4 2 (3.33%) Cyber Essentials
4 2 (3.33%) NIST 800
4 2 (3.33%) QA
5 1 (1.67%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
5 1 (1.67%) ISO/IEC 27005
System Software
1 7 (11.67%) Active Directory
2 2 (3.33%) Hyper-V
2 2 (3.33%) KVM
2 2 (3.33%) Virtual Machines
2 2 (3.33%) VMware Infrastructure
2 2 (3.33%) vSphere
3 1 (1.67%) Docker
3 1 (1.67%) Firmware
3 1 (1.67%) Virtual Servers
Systems Management
1 6 (10.00%) Nessus
2 3 (5.00%) Nmap
2 3 (5.00%) SCCM
3 2 (3.33%) Host Intrusion Detection System
3 2 (3.33%) McAfee ePO
3 2 (3.33%) Network Intrusion Detection System
3 2 (3.33%) OpenVAS
3 2 (3.33%) QRadar
3 2 (3.33%) SCOM
4 1 (1.67%) Core Impact
4 1 (1.67%) FortiGate
4 1 (1.67%) Puppet
4 1 (1.67%) Terraform
Vendors
1 6 (10.00%) Cisco
1 6 (10.00%) Microsoft
2 5 (8.33%) Apple
2 5 (8.33%) IBM
2 5 (8.33%) Oracle
3 4 (6.67%) Xamarin
4 3 (5.00%) Dell
4 3 (5.00%) VMware
5 2 (3.33%) Blue Coat
5 2 (3.33%) CheckPoint
5 2 (3.33%) Citrix
5 2 (3.33%) FireEye
5 2 (3.33%) McAfee
5 2 (3.33%) Palo Alto
5 2 (3.33%) Qualys
5 2 (3.33%) Rapid7
5 2 (3.33%) Splunk
5 2 (3.33%) Tripwire
6 1 (1.67%) Dell Compellent
6 1 (1.67%) ProCurve