Period
to 20 March 2019

The following table provides summary statistics for permanent job vacancies advertised in England with a requirement for Penetration Testing skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Penetration Testing over the 6 months to 20 March 2019 with a comparison to the same period in the previous 2 years.

Penetration Testing
UK > England
6 months to
20 Mar 2019
Same period 2018 Same period 2017
Rank 336 388 422
Rank change year-on-year +52 +34 +57
Permanent jobs citing Penetration Testing 1,304 1,308 1,178
As % of all permanent IT jobs advertised in England 0.95% 0.79% 0.73%
As % of the Processes & Methodologies category 1.03% 0.86% 0.80%
Number of salaries quoted 980 1,046 929
England median annual salary £60,000 £58,525 £60,000
Median salary % change year-on-year +2.52% -2.46% +9.09%
10th Percentile £37,500 £37,625 £36,250
90th Percentile £93,750 £85,000 £85,000
UK median annual salary £60,000 £59,000 £60,000
% change year-on-year +1.69% -1.67% +9.09%

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in England with a requirement for process or methodology skills.

All Process and Methodology Skills
England
Permanent vacancies with a requirement for process or methodology skills 126,577 151,326 148,080
As % of all permanent IT jobs advertised in England 91.76% 91.80% 91.32%
Number of salaries quoted 100,789 124,350 122,892
England median annual salary £52,500 £50,000 £49,500
Median salary % change year-on-year +5.00% +1.01% +4.21%
10th Percentile £30,000 £29,000 £28,000
90th Percentile £85,000 £81,250 £80,000
UK median annual salary £52,500 £50,000 £47,500
% change year-on-year +5.00% +5.26% -

Penetration Testing
Job Vacancy Trend in England

Job postings citing Penetration Testing as a percentage of all IT jobs advertised in England.

Job vacancy trend for Penetration Testing in England

Penetration Testing
Salary Trend in England

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing Penetration Testing in England.

Salary trend for Penetration Testing in England

Penetration Testing
Salary Histogram in England

The salary distribution of IT jobs citing Penetration Testing in England over the 6 months to 20 March 2019.

Salary histogram for Penetration Testing in England

Penetration Testing
Job Locations in England

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the England region over the 6 months to 20 March 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
London +31 590 £67,500 -3.57% 67
North of England +98 262 £52,500 +5.00% 34
North West +115 189 £52,500 -4.55% 19
East of England +130 130 £68,750 +30.95% 15
South East -82 127 £60,000 +14.29% 38
Midlands +56 98 £60,000 +20.00% 24
South West +32 77 £47,500 +5.56% 15
Yorkshire +23 68 £52,500 +16.67% 10
West Midlands +27 66 £65,000 +30.00% 19
East Midlands +46 29 £46,250 +26.59% 4
North East +22 5 £52,101 - 5
Penetration Testing
UK

For the 6 months to 20 March 2019, IT jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads across the England region with a requirement for Penetration Testing.

1 636 (48.77%) Information Security
2 520 (39.88%) Cybersecurity
3 423 (32.44%) CISSP
4 391 (29.98%) ISO/IEC 27001
5 338 (25.92%) SIEM
6 332 (25.46%) Linux
7 319 (24.46%) Windows
8 311 (23.85%) Finance
9 277 (21.24%) CREST Certified
10 271 (20.78%) Microsoft
11 249 (19.10%) Security Testing
12 243 (18.63%) OWASP
13 240 (18.40%) PCI DSS
14 230 (17.64%) Management Information System
15 227 (17.41%) Risk Management
16 209 (16.03%) Vulnerability Assessment
17 206 (15.80%) GDPR
18 203 (15.57%) Vulnerability Management
19 187 (14.34%) Firewall
20 185 (14.19%) Microsoft Azure
21 182 (13.96%) Degree
22 179 (13.73%) SANS
23 173 (13.27%) Network Security
24 170 (13.04%) CISM
25 168 (12.88%) Python
26 167 (12.81%) Amazon AWS
27 162 (12.42%) OSCP
27 162 (12.42%) Cisco
28 157 (12.04%) Security Architecture
29 156 (11.96%) Security Cleared

Penetration Testing
Co-occurring IT Skills in England by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 20 (1.53%) Confluence
2 19 (1.46%) IIS
3 17 (1.30%) MS Exchange
4 15 (1.15%) SharePoint
5 10 (0.77%) Apache
6 6 (0.46%) Apache Pig
7 5 (0.38%) Skype for Business
8 4 (0.31%) SharePoint Server
8 4 (0.31%) Tomcat
8 4 (0.31%) WebSphere
8 4 (0.31%) WebSphere Application Server
9 3 (0.23%) Exchange Server 2013
9 3 (0.23%) Umbraco
10 2 (0.15%) Apache Solr
10 2 (0.15%) Jupyter
11 1 (0.077%) Cloud Foundry
11 1 (0.077%) Elasticsearch
11 1 (0.077%) Exchange Server 2010
11 1 (0.077%) nginx
11 1 (0.077%) SharePoint 2010
Applications
1 74 (5.67%) Microsoft PowerPoint
2 21 (1.61%) Microsoft Office
3 8 (0.61%) MS Visio
4 4 (0.31%) Microsoft Excel
Business Applications
1 3 (0.23%) RiskWrite
2 1 (0.077%) Sage 300 ERP
2 1 (0.077%) Salesforce.com CRM
Cloud Services
1 185 (14.19%) Microsoft Azure
2 167 (12.81%) Amazon AWS
3 63 (4.83%) SaaS
4 40 (3.07%) Google Cloud Platform
5 26 (1.99%) Office 365
6 13 (1.00%) IaaS
7 12 (0.92%) PaaS
8 9 (0.69%) Cloud Computing
9 8 (0.61%) BlazeMeter
10 5 (0.38%) Serverless
11 4 (0.31%) Amazon EC2
11 4 (0.31%) Mimecast
12 3 (0.23%) Amazon S3
12 3 (0.23%) Amazon SQS
12 3 (0.23%) GitHub
13 2 (0.15%) Amazon ELB
13 2 (0.15%) AWS CloudFormation
13 2 (0.15%) Azure Active Directory
13 2 (0.15%) IBM Cloud
13 2 (0.15%) Route 53
Communications & Networking
1 187 (14.34%) Firewall
2 173 (13.27%) Network Security
3 83 (6.37%) Wi-Fi
4 81 (6.21%) TCP/IP
5 67 (5.14%) Intrusion Detection
6 44 (3.37%) Wireless
7 42 (3.22%) Internet
7 42 (3.22%) VPN
8 40 (3.07%) HTTP
8 40 (3.07%) IPsec
9 37 (2.84%) WAN
10 32 (2.45%) DNS
11 31 (2.38%) LAN
12 29 (2.22%) BGP
12 29 (2.22%) Cisco Nexus
13 28 (2.15%) EIGRP
14 24 (1.84%) SSL
15 18 (1.38%) Cisco ASA
16 17 (1.30%) DHCP
17 13 (1.00%) Software-Defined Radio
Database & Business Intelligence
1 38 (2.91%) Big Data
2 33 (2.53%) SQL Server
3 19 (1.46%) MySQL
4 11 (0.84%) Hadoop
5 10 (0.77%) NoSQL
6 8 (0.61%) MongoDB
7 7 (0.54%) DB2
8 6 (0.46%) Apache Hive
9 4 (0.31%) Data Warehouse
9 4 (0.31%) Power BI
9 4 (0.31%) SQL Server 2012
9 4 (0.31%) SQL Server 2014
10 3 (0.23%) Redis
10 3 (0.23%) Relational Database
11 2 (0.15%) Amazon Aurora
11 2 (0.15%) Amazon RDS
11 2 (0.15%) Blockchain
11 2 (0.15%) Neo4j
11 2 (0.15%) PostgreSQL
12 1 (0.077%) SQL Server 2008
Development Applications
1 69 (5.29%) JIRA
2 55 (4.22%) Burp Suite
3 53 (4.06%) Metasploit
4 48 (3.68%) Selenium
5 33 (2.53%) Cucumber
6 21 (1.61%) Git (software)
7 16 (1.23%) Android Studio
7 16 (1.23%) Appium
7 16 (1.23%) Xcode
8 15 (1.15%) Atlassian Bamboo
8 15 (1.15%) LoadRunner
9 14 (1.07%) SoapUI
10 11 (0.84%) JMeter
10 11 (0.84%) Visual Studio
11 9 (0.69%) SpecFlow
11 9 (0.69%) TeamCity
12 8 (0.61%) Bitbucket
12 8 (0.61%) git-flow
12 8 (0.61%) Jenkins
12 8 (0.61%) Robot Framework
General
1 311 (23.85%) Finance
2 108 (8.28%) Legal
3 60 (4.60%) Banking
4 55 (4.22%) Retail
5 42 (3.22%) Telecoms
6 17 (1.30%) Marketing
7 16 (1.23%) Electronics
8 13 (1.00%) Financial Institution
9 8 (0.61%) Manufacturing
10 7 (0.54%) Games
11 6 (0.46%) Law
11 6 (0.46%) Military
12 5 (0.38%) Advertising
13 4 (0.31%) Aerospace
13 4 (0.31%) Back Office
14 3 (0.23%) Pharmaceutical
14 3 (0.23%) Publishing
15 1 (0.077%) Wholesale Banking
Job Titles
1 238 (18.25%) Analyst
2 236 (18.10%) Tester
3 201 (15.41%) Security Analyst
4 198 (15.18%) Penetration Tester
5 194 (14.88%) Security Manager
6 176 (13.50%) Security Engineer
7 118 (9.05%) Consultant
8 105 (8.05%) Information Security Manager
8 105 (8.05%) IT Analyst
9 103 (7.90%) Information Manager
10 102 (7.82%) IT Security Analyst
10 102 (7.82%) Security Consultant
11 100 (7.67%) Senior Analyst
12 87 (6.67%) Senior Security Analyst
13 70 (5.37%) Senior IT Security Analyst
14 68 (5.21%) Security Specialist
15 63 (4.83%) Senior Tester
16 61 (4.68%) Senior Penetration Tester
17 48 (3.68%) Information Analyst
17 48 (3.68%) Information Security Analyst
Libraries, Frameworks & Software Standards
1 45 (3.45%) .NET
2 36 (2.76%) SailPoint
3 30 (2.30%) Web Services
4 29 (2.22%) Node.js
5 26 (1.99%) HTML
6 21 (1.61%) ASP.NET
6 21 (1.61%) RESTful
7 16 (1.23%) Dagger
8 15 (1.15%) .NET Framework
8 15 (1.15%) JDBC
9 14 (1.07%) Java EE
10 12 (0.92%) OAuth
10 12 (0.92%) OAuth2
10 12 (0.92%) OpenID
10 12 (0.92%) XACML
11 11 (0.84%) Django
12 10 (0.77%) LAMP
12 10 (0.77%) REST
13 9 (0.69%) RabbitMQ
13 9 (0.69%) SOAP
Miscellaneous
1 230 (17.64%) Management Information System
2 118 (9.05%) Mobile App
3 66 (5.06%) Cyber Kill Chain
4 58 (4.45%) Analytical Skills
5 52 (3.99%) Self-Motivation
6 33 (2.53%) Fintech
7 31 (2.38%) Cyberattack
8 30 (2.30%) Data Protection Act
9 29 (2.22%) Cyberthreat
10 28 (2.15%) Security Operations Centre
11 23 (1.76%) Enterprise Software
12 13 (1.00%) Algorithms
12 13 (1.00%) Data Centre
12 13 (1.00%) Distributed Denial-of-Service
12 13 (1.00%) Field-Programmable Gate Array
12 13 (1.00%) Verilog
12 13 (1.00%) VHDL
13 12 (0.92%) Cybercrime
13 12 (0.92%) Embedded Systems
14 11 (0.84%) PKI
Operating Systems
1 332 (25.46%) Linux
2 319 (24.46%) Windows
3 50 (3.83%) Unix
4 47 (3.60%) Android
4 47 (3.60%) Apple iOS
5 31 (2.38%) Kali Linux
6 26 (1.99%) Windows Server
7 15 (1.15%) Windows Server 2012
8 13 (1.00%) Embedded Linux
8 13 (1.00%) Windows Server 2008
9 12 (0.92%) CentOS
10 8 (0.61%) Mac OS X
11 7 (0.54%) Windows 10
12 6 (0.46%) Ubuntu
13 5 (0.38%) Red Hat Enterprise Linux
13 5 (0.38%) Windows 8
14 4 (0.31%) AIX
14 4 (0.31%) Windows 7
15 2 (0.15%) Debian
16 1 (0.077%) Windows Server 2003
Processes & Methodologies
1 636 (48.77%) Information Security
2 520 (39.88%) Cybersecurity
3 338 (25.92%) SIEM
4 249 (19.10%) Security Testing
5 243 (18.63%) OWASP
6 227 (17.41%) Risk Management
7 209 (16.03%) Vulnerability Assessment
8 203 (15.57%) Vulnerability Management
9 157 (12.04%) Security Architecture
10 154 (11.81%) Security Operations
11 130 (9.97%) Incident Management
12 126 (9.66%) Agile Software Development
12 126 (9.66%) Data Protection
12 126 (9.66%) Test Automation
13 124 (9.51%) Security Management
14 123 (9.43%) Ethical Hacking
15 113 (8.67%) Vulnerability Scanning
16 112 (8.59%) Identity Access Management
17 110 (8.44%) Mentoring
18 106 (8.13%) Data Loss Prevention
Programming Languages
1 168 (12.88%) Python
2 120 (9.20%) Java
3 113 (8.67%) SQL
4 109 (8.36%) C++
5 90 (6.90%) C#
6 81 (6.21%) C
7 69 (5.29%) PowerShell
8 56 (4.29%) Bash Shell
9 49 (3.76%) Perl
10 41 (3.14%) Ruby
11 37 (2.84%) JavaScript
12 33 (2.53%) PHP
13 17 (1.30%) VB
14 13 (1.00%) Embedded C
15 11 (0.84%) Shell Script
16 9 (0.69%) Objective-C
17 8 (0.61%) Go
18 3 (0.23%) Lua
18 3 (0.23%) Scala
18 3 (0.23%) XAML
Qualifications
1 423 (32.44%) CISSP
2 277 (21.24%) CREST Certified
3 182 (13.96%) Degree
4 179 (13.73%) SANS
5 170 (13.04%) CISM
6 162 (12.42%) OSCP
7 156 (11.96%) Security Cleared
8 153 (11.73%) Cisco Certification
9 130 (9.97%) CEH
10 105 (8.05%) CISA
11 73 (5.60%) SC Cleared
12 72 (5.52%) GIAC
13 70 (5.37%) (ISC)2 CCSP
14 66 (5.06%) CCNA
15 64 (4.91%) DV Cleared
16 57 (4.37%) CCNP
17 38 (2.91%) CHECK Team Leader
17 38 (2.91%) Tigerscheme
18 37 (2.84%) OSCE
19 35 (2.68%) CHECK Team Member
Quality Assurance & Compliance
1 391 (29.98%) ISO/IEC 27001
2 240 (18.40%) PCI DSS
3 206 (15.80%) GDPR
4 60 (4.60%) Cyber Essentials
5 42 (3.22%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
6 34 (2.61%) QA
7 27 (2.07%) COBIT
8 12 (0.92%) Cyber Essentials PLUS
8 12 (0.92%) ISO 9001
9 11 (0.84%) Sarbanes-Oxley
10 10 (0.77%) Web Application Security Consortium
11 9 (0.69%) RMADS
12 6 (0.46%) PMO
13 5 (0.38%) SLA
14 4 (0.31%) FINRA
14 4 (0.31%) HIPAA
14 4 (0.31%) MiFID
15 2 (0.15%) COSO
15 2 (0.15%) ISO 31000
16 1 (0.077%) Data Quality
System Software
1 111 (8.51%) Active Directory
2 89 (6.83%) VMware Infrastructure
3 17 (1.30%) Docker
4 16 (1.23%) Snort
5 9 (0.69%) Hyper-V
5 9 (0.69%) vSphere
6 5 (0.38%) Virtual Machines
7 4 (0.31%) NFS
8 2 (0.15%) Firmware
8 2 (0.15%) Squid
8 2 (0.15%) VMware NSX
9 1 (0.077%) KVM
9 1 (0.077%) ProxySG
9 1 (0.077%) XenApp
Systems Management
1 96 (7.36%) Nessus
2 44 (3.37%) SCCM
3 38 (2.91%) McAfee ePO
3 38 (2.91%) Nmap
4 25 (1.92%) Nexpose
5 23 (1.76%) Ansible
6 17 (1.30%) QRadar
7 16 (1.23%) Puppet
8 11 (0.84%) EnCase
8 11 (0.84%) Terraform
9 10 (0.77%) FTK
10 9 (0.69%) HP Quality Center
10 9 (0.69%) OpenVAS
10 9 (0.69%) Suricata
11 8 (0.61%) Salt
12 7 (0.54%) Defensics
12 7 (0.54%) Opscode Chef
13 5 (0.38%) Computer Emergency Response Teams
14 4 (0.31%) Cisco CUCM
14 4 (0.31%) HP Fortify
Vendors
1 271 (20.78%) Microsoft
2 162 (12.42%) Cisco
3 94 (7.21%) VMware
4 67 (5.14%) Splunk
5 51 (3.91%) Palo Alto
6 50 (3.83%) McAfee
7 47 (3.60%) LogRhythm
8 46 (3.53%) CheckPoint
9 40 (3.07%) Symantec
10 35 (2.68%) Juniper
11 33 (2.53%) FireEye
12 32 (2.45%) Aveksa
13 30 (2.30%) CyberArk
14 29 (2.22%) Blue Coat
15 28 (2.15%) IBM
16 25 (1.92%) Qualys
17 23 (1.76%) Google
18 14 (1.07%) ServiceNow
19 12 (0.92%) ArcSight
19 12 (0.92%) Trend Micro