Period
to 17 November 2017

The following table provides summary statistics for permanent job vacancies advertised in England with a requirement for Penetration Testing skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Penetration Testing over the 6 months to 17 November 2017 with a comparison to the same period in the previous 2 years.

Penetration Testing
UK > England
6 months to
17 Nov 2017
Same period 2016 Same period 2015
Rank 372 327 490
Rank change year-on-year -45 +163 +52
Permanent jobs citing Penetration Testing 1401 1739 1206
As % of all permanent IT jobs advertised in England 0.83% 0.97% 0.58%
As % of the Processes & Methodologies category 0.92% 1.08% 0.66%
Number of salaries quoted 1132 1392 961
England median annual salary £55,000 £57,500 £52,500
Median salary % change year-on-year -4.35% +9.52% -
10th Percentile £36,250 £35,073 £32,500
90th Percentile £82,500 £82,500 £82,500
UK median annual salary £55,000 £57,500 £55,000
% change year-on-year -4.35% +4.55% +4.76%

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in England with a requirement for process or methodology skills.

All Process and Methodology Skills
England
Permanent vacancies with a requirement for process or methodology skills 151850 160342 182990
As % of all permanent IT jobs advertised in England 89.91% 89.36% 88.71%
Number of salaries quoted 120745 134485 152252
England median annual salary £50,000 £50,000 £47,500
Median salary % change year-on-year - +5.26% +5.56%
10th Percentile £28,750 £28,250 £27,500
90th Percentile £80,000 £80,000 £77,500
UK median annual salary £50,000 £49,000 £47,500
% change year-on-year +2.04% +3.16% +5.56%

Penetration Testing
Job Vacancy Trend in England

Job postings citing Penetration Testing as a percentage of all IT jobs advertised in England.

Job vacancy trend for Penetration Testing in England

Penetration Testing
Salary Trend in England

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing Penetration Testing in England.

Salary trend for Penetration Testing in England

Penetration Testing
Salary Histogram in England

The salary distribution of IT jobs citing Penetration Testing in England over the 6 months to 17 November 2017.

Salary histogram for Penetration Testing in England

Penetration Testing
Job Locations in England

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the England region over the 6 months to 17 November 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
London -60 647 £62,500 -3.85% 23
South East +17 356 £52,500 -4.55% 12
North of England -35 151 £50,000 - 10
North West +20 107 £52,000 +4.00% 2
Midlands +11 100 £47,500 -5.00% 2
West Midlands -14 85 £50,000 +5.26% 1
East of England +5 67 £57,500 +21.05% 2
South West -76 58 £45,000 -10.00% 4
Yorkshire -31 40 £47,500 -5.00% 7
East Midlands +30 14 £37,500 -31.82% 1
North East +10 4 £59,500 +32.22% 1
Penetration Testing
UK

For the 6 months to 17 November 2017, IT jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads across the England region with a requirement for Penetration Testing.

1 836 (59.67%) Information Security
2 588 (41.97%) Cybersecurity
3 497 (35.47%) CISSP
4 486 (34.69%) ISO/IEC 27001
5 454 (32.41%) Firewall
6 327 (23.34%) CISM
7 315 (22.48%) Finance
8 314 (22.41%) Windows
9 295 (21.06%) Network Security
10 287 (20.49%) SIEM
11 252 (17.99%) Linux
12 232 (16.56%) PCI DSS
13 221 (15.77%) Vulnerability Scanning
14 218 (15.56%) ITIL
15 214 (15.27%) Security Architecture
16 202 (14.42%) Data Protection
17 197 (14.06%) Risk Management
18 195 (13.92%) TCP/IP
18 195 (13.92%) Degree
19 194 (13.85%) Active Directory
20 187 (13.35%) Vulnerability Management
21 169 (12.06%) CREST Certified
21 169 (12.06%) Agile Software Development
22 167 (11.92%) Management Information System
22 167 (11.92%) Security Operations
23 164 (11.71%) Vulnerability Assessment
24 160 (11.42%) Cisco
24 160 (11.42%) Security Cleared
25 150 (10.71%) CEH
26 143 (10.21%) Ethical Hacking

Penetration Testing
Co-occurring IT Skills in England by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 35 (2.50%) IIS
1 35 (2.50%) MS Exchange
2 22 (1.57%) Exchange Server 2010
3 17 (1.21%) Exchange Server 2013
4 15 (1.07%) Apache
5 12 (0.86%) OpenStack
5 12 (0.86%) SharePoint
6 9 (0.64%) Skype for Business
7 8 (0.57%) Apache Pig
8 7 (0.50%) CMS
9 6 (0.43%) JBoss
9 6 (0.43%) nginx
9 6 (0.43%) WordPress
10 3 (0.21%) Elasticsearch
11 1 (0.071%) BizTalk Server
11 1 (0.071%) Tomcat
Applications
1 11 (0.79%) Spreadsheet
2 9 (0.64%) Microsoft Office
3 3 (0.21%) Microsoft Excel
3 3 (0.21%) Microsoft PowerPoint
4 2 (0.14%) MS Visio
Business Applications
1 7 (0.50%) Payment Gateway
2 2 (0.14%) Dynamics CRM
3 1 (0.071%) Salesforce.com CRM
3 1 (0.071%) SunGard APT
Cloud Services
1 105 (7.49%) Amazon AWS
2 60 (4.28%) SaaS
3 44 (3.14%) IaaS
3 44 (3.14%) Microsoft Azure
4 15 (1.07%) Office 365
5 11 (0.79%) Cloudflare
6 10 (0.71%) PaaS
7 6 (0.43%) AWS Lambda
7 6 (0.43%) Serverless
8 5 (0.36%) AWS CloudFormation
8 5 (0.36%) GitHub
8 5 (0.36%) Mimecast
9 4 (0.29%) Amazon S3
10 3 (0.21%) Amazon SQS
10 3 (0.21%) Cloud Computing
10 3 (0.21%) Google Cloud Platform
10 3 (0.21%) Google Compute Engine
10 3 (0.21%) OpenShift
11 1 (0.071%) AWS OpsWorks
11 1 (0.071%) Route 53
Communications & Networking
1 454 (32.41%) Firewall
2 295 (21.06%) Network Security
3 195 (13.92%) TCP/IP
4 88 (6.28%) DNS
5 82 (5.85%) Internet
6 74 (5.28%) Wireless
7 67 (4.78%) WAN
8 62 (4.43%) DHCP
8 62 (4.43%) VPN
9 55 (3.93%) Intrusion Detection
10 54 (3.85%) Cisco ASA
11 53 (3.78%) LAN
12 38 (2.71%) HTTP
13 34 (2.43%) SAN
14 33 (2.36%) SSL
14 33 (2.36%) VoIP
15 32 (2.28%) VLAN
16 28 (2.00%) Ethernet
16 28 (2.00%) MPLS
17 22 (1.57%) IPsec
Database & Business Intelligence
1 52 (3.71%) SQL Server
2 25 (1.78%) MySQL
3 13 (0.93%) Big Data
4 12 (0.86%) MongoDB
4 12 (0.86%) NoSQL
4 12 (0.86%) SQL Server 2008
4 12 (0.86%) SQL Server 2012
4 12 (0.86%) SQL Server 2014
5 11 (0.79%) Hadoop
6 8 (0.57%) Apache Hive
7 6 (0.43%) Amazon RDS
8 5 (0.36%) GIS
9 3 (0.21%) Blockchain
9 3 (0.21%) Looker
9 3 (0.21%) PostgreSQL
9 3 (0.21%) Redis
10 2 (0.14%) SQL Server 2016
11 1 (0.071%) Hazelcast
11 1 (0.071%) Oracle Database
11 1 (0.071%) Relational Database
Development Applications
1 59 (4.21%) Metasploit
2 49 (3.50%) Burp Suite
3 24 (1.71%) Git (software)
4 23 (1.64%) AppScan
5 9 (0.64%) Paros
5 9 (0.64%) Selenium
6 8 (0.57%) Atlassian Bamboo
6 8 (0.57%) Jenkins
6 8 (0.57%) JIRA
7 7 (0.50%) Bitbucket
7 7 (0.50%) CodeSonar
7 7 (0.50%) git-flow
7 7 (0.50%) Robot Framework
8 4 (0.29%) WebScarab
9 3 (0.21%) Fiddler
9 3 (0.21%) IDA Disassembler
9 3 (0.21%) Sonatype Nexus
9 3 (0.21%) Xcode
10 2 (0.14%) Protractor
10 2 (0.14%) Team Foundation Server
General
1 315 (22.48%) Finance
2 94 (6.71%) Banking
3 82 (5.85%) Telecoms
4 79 (5.64%) Legal
5 41 (2.93%) Retail
6 30 (2.14%) Law
7 19 (1.36%) Financial Institution
8 16 (1.14%) Marketing
9 14 (1.00%) Aerospace
10 13 (0.93%) Automotive
11 9 (0.64%) Digital Economy
11 9 (0.64%) Games
11 9 (0.64%) Investment Banking
11 9 (0.64%) Publishing
12 6 (0.43%) Electronics
12 6 (0.43%) Manufacturing
12 6 (0.43%) Spanish Language
13 4 (0.29%) Advertising
14 3 (0.21%) Corporate Banking
14 3 (0.21%) Multimedia
Job Titles
1 287 (20.49%) Analyst
2 252 (17.99%) Security Analyst
3 212 (15.13%) Tester
4 203 (14.49%) Penetration Tester
5 187 (13.35%) Consultant
6 168 (11.99%) Security Consultant
7 161 (11.49%) Security Engineer
8 148 (10.56%) Security Manager
9 86 (6.14%) IT Analyst
9 86 (6.14%) IT Security Analyst
10 84 (6.00%) IT Engineer
11 80 (5.71%) Business Manager
12 79 (5.64%) Information Analyst
12 79 (5.64%) Information Security Analyst
13 78 (5.57%) Business Development Manager
13 78 (5.57%) Development Manager
14 73 (5.21%) IT Security Engineer
15 70 (5.00%) Network Engineer
16 65 (4.64%) Security Specialist
17 62 (4.43%) Security Officer
Libraries, Frameworks & Software Standards
1 73 (5.21%) .NET
2 43 (3.07%) Web Services
3 34 (2.43%) HTML
4 28 (2.00%) Node.js
5 25 (1.78%) J2EE
5 25 (1.78%) XML
6 19 (1.36%) ASP.NET
7 17 (1.21%) RESTful
8 16 (1.14%) LAMP
9 15 (1.07%) CSS
9 15 (1.07%) Django
10 14 (1.00%) JSON
11 12 (0.86%) Ajax
11 12 (0.86%) Middleware
12 11 (0.79%) REST
12 11 (0.79%) SOAP
13 10 (0.71%) CGI
13 10 (0.71%) OAuth
14 9 (0.64%) HTML5
15 8 (0.57%) OAuth2
Miscellaneous
1 167 (11.92%) Management Information System
2 131 (9.35%) Data Protection Act
3 103 (7.35%) Data Centre
4 85 (6.07%) Computer Science
5 70 (5.00%) Cyberthreat
6 54 (3.85%) Analytical Skills
7 46 (3.28%) Distributed Denial-of-Service
8 41 (2.93%) Mobile App
9 30 (2.14%) Cyber Attack
10 29 (2.07%) PKI
11 28 (2.00%) SCADA
12 24 (1.71%) Cyber Defence
13 23 (1.64%) iPad
14 21 (1.50%) Security Operations Centre
15 20 (1.43%) Clustering
15 20 (1.43%) Cybercrime
15 20 (1.43%) Public Cloud
16 16 (1.14%) CESG
17 15 (1.07%) Enterprise Software
17 15 (1.07%) Smartphone
Operating Systems
1 314 (22.41%) Windows
2 252 (17.99%) Linux
3 124 (8.85%) Unix
3 124 (8.85%) Windows Server
4 96 (6.85%) Apple iOS
5 83 (5.92%) Android
6 43 (3.07%) Mac OS X
7 35 (2.50%) Kali Linux
8 26 (1.86%) Windows Server 2008
9 16 (1.14%) Windows Server 2012
10 13 (0.93%) Windows 7
11 12 (0.86%) VxWorks
12 8 (0.57%) Solaris
13 6 (0.43%) VMS
14 4 (0.29%) Ubuntu
15 2 (0.14%) CentOS
15 2 (0.14%) Check Point GAiA
15 2 (0.14%) KNOPPIX
15 2 (0.14%) Red Hat Enterprise Linux
15 2 (0.14%) Windows 10
Processes & Methodologies
1 836 (59.67%) Information Security
2 588 (41.97%) Cybersecurity
3 287 (20.49%) SIEM
4 221 (15.77%) Vulnerability Scanning
5 218 (15.56%) ITIL
6 214 (15.27%) Security Architecture
7 202 (14.42%) Data Protection
8 197 (14.06%) Risk Management
9 187 (13.35%) Vulnerability Management
10 169 (12.06%) Agile Software Development
11 167 (11.92%) Security Operations
12 164 (11.71%) Vulnerability Assessment
13 143 (10.21%) Ethical Hacking
14 139 (9.92%) OWASP
15 132 (9.42%) Risk Assessment
16 115 (8.21%) Security Testing
17 102 (7.28%) Data Loss Prevention
18 94 (6.71%) Business Development
19 88 (6.28%) Incident Management
20 86 (6.14%) Security Management
Programming Languages
1 120 (8.57%) Java
2 118 (8.42%) Python
3 107 (7.64%) C
4 73 (5.21%) C++
5 66 (4.71%) SQL
6 50 (3.57%) C#
7 47 (3.35%) JavaScript
8 44 (3.14%) PHP
9 42 (3.00%) Perl
10 40 (2.86%) Bash Shell
10 40 (2.86%) Ruby
11 36 (2.57%) PowerShell
12 18 (1.28%) VB.NET
13 16 (1.14%) Objective-C
14 10 (0.71%) Shell Script
15 9 (0.64%) VBScript
16 7 (0.50%) Ada
17 6 (0.43%) Scala
17 6 (0.43%) VB
18 4 (0.29%) Groovy
Qualifications
1 497 (35.47%) CISSP
2 327 (23.34%) CISM
3 195 (13.92%) Degree
4 169 (12.06%) CREST Certified
5 160 (11.42%) Security Cleared
6 150 (10.71%) CEH
7 104 (7.42%) OSCP
8 100 (7.14%) Cisco Certification
9 93 (6.64%) GIAC
10 83 (5.92%) CISA
11 67 (4.78%) CCNA
12 65 (4.64%) CCNP
13 61 (4.35%) SANS
14 54 (3.85%) CHECK Team Leader
14 54 (3.85%) DV Cleared
15 53 (3.78%) SC Cleared
16 50 (3.57%) CRISC
17 45 (3.21%) Computer Science Degree
18 44 (3.14%) SSCP
19 36 (2.57%) Microsoft Certification
Quality Assurance & Compliance
1 486 (34.69%) ISO/IEC 27001
2 232 (16.56%) PCI DSS
3 134 (9.56%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
4 109 (7.78%) GDPR
5 68 (4.85%) Cyber Essentials
6 47 (3.35%) COBIT
7 23 (1.64%) Cyber Essentials PLUS
7 23 (1.64%) ISO 22301
8 21 (1.50%) ISO/IEC 27005
9 20 (1.43%) Sarbanes-Oxley
10 18 (1.28%) QA
11 15 (1.07%) SLA
12 11 (0.79%) NIST 800
13 8 (0.57%) MISRA
14 7 (0.50%) HMG Security Policy Framework
14 7 (0.50%) ISO 31000
15 5 (0.36%) HIPAA
15 5 (0.36%) ISO 9001
16 2 (0.14%) GPG13
16 2 (0.14%) PA-DSS
System Software
1 194 (13.85%) Active Directory
2 31 (2.21%) Hyper-V
3 30 (2.14%) VMware Infrastructure
4 29 (2.07%) ProxySG
5 24 (1.71%) Docker
6 15 (1.07%) vSphere
7 13 (0.93%) VMware ESXi
8 11 (0.79%) Firmware
8 11 (0.79%) Virtual Machines
9 8 (0.57%) Snort
10 4 (0.29%) XenApp
11 2 (0.14%) KVM
11 2 (0.14%) VirtualBox
12 1 (0.071%) LXC
12 1 (0.071%) OpenSIPS
12 1 (0.071%) Virtual Servers
12 1 (0.071%) VMware NSX
12 1 (0.071%) Xen
Systems Management
1 82 (5.85%) Nessus
2 38 (2.71%) Nmap
3 14 (1.00%) Computer Emergency Response Teams
3 14 (1.00%) Puppet
4 11 (0.79%) Core Impact
4 11 (0.79%) Microsoft Clustering
4 11 (0.79%) QRadar
5 10 (0.71%) SCOM
6 9 (0.64%) Ansible
6 9 (0.64%) Opscode Chef
7 8 (0.57%) HP Fortify
7 8 (0.57%) SCCM
8 7 (0.50%) Salt
9 6 (0.43%) Cisco CUCM
9 6 (0.43%) Kibana
9 6 (0.43%) logstash
9 6 (0.43%) McAfee ePO
9 6 (0.43%) WebInspect
10 5 (0.36%) FortiGate
10 5 (0.36%) Host Intrusion Detection System
Vendors
1 160 (11.42%) Cisco
2 112 (7.99%) Microsoft
3 80 (5.71%) CheckPoint
4 58 (4.14%) VMware
5 55 (3.93%) Splunk
6 50 (3.57%) Apple
7 42 (3.00%) Palo Alto
8 35 (2.50%) Blue Coat
8 35 (2.50%) Juniper
9 32 (2.28%) Qualys
10 29 (2.07%) Citrix
11 24 (1.71%) HP
12 21 (1.50%) Oracle
13 19 (1.36%) McAfee
14 16 (1.14%) ArcSight
14 16 (1.14%) NetWitness
14 16 (1.14%) SolarWinds
15 15 (1.07%) IBM
15 15 (1.07%) Sophos
16 12 (0.86%) Radware