Period
to 10 December 2018

The following table provides summary statistics for permanent job vacancies advertised in England with a requirement for Penetration Testing skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Penetration Testing over the 6 months to 10 December 2018 with a comparison to the same period in the previous 2 years.

Penetration Testing
UK > England
6 months to
10 Dec 2018
Same period 2017 Same period 2016
Rank 344 384 339
Rank change year-on-year +40 -45 +148
Permanent jobs citing Penetration Testing 1,348 1,367 1,674
As % of all permanent IT jobs advertised in England 0.91% 0.82% 0.96%
As % of the Processes & Methodologies category 0.99% 0.89% 1.05%
Number of salaries quoted 1,053 1,097 1,349
England median annual salary £60,000 £55,000 £57,500
Median salary % change year-on-year +9.09% -4.35% +4.55%
10th Percentile £37,500 £36,250 £35,073
90th Percentile £85,000 £83,950 £85,000
UK median annual salary £60,000 £55,000 £57,500
% change year-on-year +9.09% -4.35% +4.55%

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in England with a requirement for process or methodology skills.

All Process and Methodology Skills
England
Permanent vacancies with a requirement for process or methodology skills 136,402 153,625 159,282
As % of all permanent IT jobs advertised in England 91.64% 91.89% 91.26%
Number of salaries quoted 109,205 122,886 133,297
England median annual salary £52,500 £50,000 £50,000
Median salary % change year-on-year +5.00% - +5.26%
10th Percentile £29,883 £28,500 £28,000
90th Percentile £85,000 £80,000 £80,000
UK median annual salary £52,000 £50,000 £48,000
% change year-on-year +4.00% +4.17% +1.05%

Penetration Testing
Job Vacancy Trend in England

Job postings citing Penetration Testing as a percentage of all IT jobs advertised in England.

Job vacancy trend for Penetration Testing in England

Penetration Testing
Salary Trend in England

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing Penetration Testing in England.

Salary trend for Penetration Testing in England

Penetration Testing
Salary Histogram in England

The salary distribution of IT jobs citing Penetration Testing in England over the 6 months to 10 December 2018.

Salary histogram for Penetration Testing in England

Penetration Testing
Job Locations in England

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the England region over the 6 months to 10 December 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
London +44 607 £65,000 - 71
North of England +144 345 £50,000 - 24
North West +132 270 £50,000 -6.10% 13
South East -137 130 £57,500 +9.52% 20
East of England +76 114 £57,500 -4.17% 11
Midlands +14 73 £45,000 -5.26% 19
Yorkshire +52 68 £46,000 -3.16% 11
South West +3 66 £50,000 +11.11% 13
West Midlands +11 50 £42,000 -16.00% 17
East Midlands +14 23 £57,500 +57.38% 2
North East +2 7 £65,750 +68.59%
Penetration Testing
UK

For the 6 months to 10 December 2018, IT jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads across the England region with a requirement for Penetration Testing.

1 701 (52.00%) Information Security
2 607 (45.03%) CISSP
3 522 (38.72%) Cybersecurity
4 467 (34.64%) Linux
5 466 (34.57%) Windows
6 460 (34.12%) SIEM
7 440 (32.64%) ISO/IEC 27001
8 361 (26.78%) Microsoft
9 276 (20.47%) Firewall
10 267 (19.81%) Finance
10 267 (19.81%) Vulnerability Management
11 264 (19.58%) GDPR
12 256 (18.99%) Vulnerability Assessment
13 245 (18.18%) OWASP
14 241 (17.88%) CREST Certified
14 241 (17.88%) SANS
15 229 (16.99%) PCI DSS
15 229 (16.99%) Degree
16 227 (16.84%) Network Security
17 220 (16.32%) CISM
18 216 (16.02%) Risk Management
19 207 (15.36%) Management Information System
20 200 (14.84%) Cisco
21 196 (14.54%) Security Testing
22 195 (14.47%) Cisco Certification
23 188 (13.95%) Data Loss Prevention
24 187 (13.87%) Microsoft Azure
25 185 (13.72%) Data Protection
26 169 (12.54%) Amazon AWS
27 162 (12.02%) Security Management

Penetration Testing
Co-occurring IT Skills in England by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 35 (2.60%) SharePoint
2 30 (2.23%) Apache Pig
3 25 (1.85%) Confluence
4 11 (0.82%) IIS
5 7 (0.52%) MS Exchange
5 7 (0.52%) Skype for Business
6 6 (0.45%) Apache
7 5 (0.37%) nginx
7 5 (0.37%) WebSphere
8 4 (0.30%) SharePoint Server
8 4 (0.30%) WebSphere Application Server
9 3 (0.22%) CMS
9 3 (0.22%) Elasticsearch
9 3 (0.22%) Umbraco
10 2 (0.15%) Apache Spark
10 2 (0.15%) DNN
11 1 (0.074%) BizTalk Server
11 1 (0.074%) Exchange Server 2013
11 1 (0.074%) IBM Domino
11 1 (0.074%) IBM Notes
Applications
1 106 (7.86%) Microsoft PowerPoint
2 25 (1.85%) Microsoft Office
3 7 (0.52%) Microsoft Excel
4 5 (0.37%) MS Visio
5 2 (0.15%) Microsoft Project
Business Applications
1 3 (0.22%) RiskWrite
2 1 (0.074%) SAP IS-U
Cloud Services
1 187 (13.87%) Microsoft Azure
2 169 (12.54%) Amazon AWS
3 54 (4.01%) SaaS
4 34 (2.52%) Google Cloud Platform
5 26 (1.93%) Office 365
6 10 (0.74%) Serverless
7 9 (0.67%) Cloud Computing
7 9 (0.67%) IaaS
7 9 (0.67%) Virtual Private Cloud
8 7 (0.52%) PaaS
9 5 (0.37%) Mimecast
10 3 (0.22%) Amazon EC2
10 3 (0.22%) Amazon S3
10 3 (0.22%) BlazeMeter
11 2 (0.15%) Amazon SQS
11 2 (0.15%) AWS Lambda
11 2 (0.15%) GitHub
11 2 (0.15%) Google Drive
11 2 (0.15%) IBM Cloud
11 2 (0.15%) OpenDNS
Communications & Networking
1 276 (20.47%) Firewall
2 227 (16.84%) Network Security
3 149 (11.05%) TCP/IP
4 107 (7.94%) Wi-Fi
5 64 (4.75%) Intrusion Detection
6 59 (4.38%) Internet
7 49 (3.64%) HTTP
8 47 (3.49%) SSL
9 39 (2.89%) Wireless
10 32 (2.37%) LAN
10 32 (2.37%) VPN
11 28 (2.08%) DNS
11 28 (2.08%) WAN
12 21 (1.56%) IPsec
13 17 (1.26%) BGP
14 14 (1.04%) Cisco ASA
14 14 (1.04%) Cisco Nexus
14 14 (1.04%) Wireshark
15 12 (0.89%) Cisco IOS
15 12 (0.89%) EIGRP
Database & Business Intelligence
1 58 (4.30%) Big Data
2 43 (3.19%) MySQL
3 36 (2.67%) SQL Server
4 35 (2.60%) Hadoop
5 30 (2.23%) Apache Hive
6 11 (0.82%) Blockchain
6 11 (0.82%) Data Warehouse
7 9 (0.67%) NoSQL
8 6 (0.45%) DB2
8 6 (0.45%) NonStop SQL
8 6 (0.45%) Redis
9 4 (0.30%) MongoDB
9 4 (0.30%) Power BI
10 2 (0.15%) Amazon Aurora
10 2 (0.15%) Amazon DynamoDB
10 2 (0.15%) Amazon RDS
10 2 (0.15%) Relational Database
11 1 (0.074%) BusinessObjects Business Intelligence
11 1 (0.074%) HBase
11 1 (0.074%) Sqoop
Development Applications
1 90 (6.68%) JIRA
2 64 (4.75%) Selenium
3 57 (4.23%) Metasploit
4 43 (3.19%) Git (software)
5 35 (2.60%) Atlassian Bamboo
6 33 (2.45%) Burp Suite
7 32 (2.37%) Bitbucket
7 32 (2.37%) CodeSonar
7 32 (2.37%) git-flow
7 32 (2.37%) Robot Framework
8 19 (1.41%) Android Studio
8 19 (1.41%) Xcode
9 17 (1.26%) Cucumber
10 11 (0.82%) LoadRunner
11 8 (0.59%) Visual Studio
12 7 (0.52%) Appium
13 6 (0.45%) AppScan
13 6 (0.45%) SoapUI
14 5 (0.37%) Jenkins
14 5 (0.37%) webpack
General
1 267 (19.81%) Finance
2 143 (10.61%) Legal
3 73 (5.42%) Retail
4 48 (3.56%) Banking
5 32 (2.37%) Telecoms
6 20 (1.48%) Law
7 16 (1.19%) Advertising
8 14 (1.04%) Investment Banking
9 10 (0.74%) Electronics
9 10 (0.74%) Financial Institution
10 8 (0.59%) Marketing
11 7 (0.52%) Billing
12 6 (0.45%) Military
13 5 (0.37%) Games
14 3 (0.22%) Automotive
14 3 (0.22%) Manufacturing
15 2 (0.15%) Brand Awareness
15 2 (0.15%) Pharmaceutical
16 1 (0.074%) Czech Language
16 1 (0.074%) Publishing
Job Titles
1 299 (22.18%) Analyst
2 263 (19.51%) Security Analyst
3 227 (16.84%) Security Manager
4 194 (14.39%) Tester
5 179 (13.28%) Security Engineer
6 163 (12.09%) Penetration Tester
7 143 (10.61%) Information Security Manager
8 141 (10.46%) Information Manager
9 129 (9.57%) IT Analyst
9 129 (9.57%) IT Security Analyst
10 114 (8.46%) Senior Analyst
11 110 (8.16%) Consultant
12 105 (7.79%) Senior Security Analyst
13 99 (7.34%) Senior IT Security Analyst
14 92 (6.82%) Security Consultant
15 62 (4.60%) Security Specialist
16 61 (4.53%) Cybersecurity Analyst
17 54 (4.01%) Architect
18 49 (3.64%) Security Architect
19 43 (3.19%) IT Manager
Libraries, Frameworks & Software Standards
1 68 (5.04%) .NET
2 60 (4.45%) Node.js
3 41 (3.04%) ASP.NET
4 40 (2.97%) Java EE
5 38 (2.82%) Django
5 38 (2.82%) SOAP
6 37 (2.74%) REST
7 36 (2.67%) .NET Framework
7 36 (2.67%) RabbitMQ
8 35 (2.60%) STL
9 33 (2.45%) Web Services
10 32 (2.37%) HTML
10 32 (2.37%) LAMP
10 32 (2.37%) Spring MVC
11 30 (2.23%) Elastic Stack
12 21 (1.56%) RESTful
13 20 (1.48%) CSS
14 19 (1.41%) Dagger
15 12 (0.89%) OAuth
15 12 (0.89%) OpenID
Miscellaneous
1 207 (15.36%) Management Information System
2 109 (8.09%) Cyber Kill Chain
3 82 (6.08%) Mobile App
4 66 (4.90%) Analytical Skills
5 56 (4.15%) Security Operations Centre
6 51 (3.78%) Data Centre
7 44 (3.26%) Data Protection Act
8 41 (3.04%) Cyberthreat
9 39 (2.89%) Self-Motivation
10 35 (2.60%) Cyberattack
11 30 (2.23%) Fintech
12 20 (1.48%) PKI
13 19 (1.41%) Distributed Denial-of-Service
14 14 (1.04%) Cyber Defence
15 13 (0.96%) Embedded Systems
15 13 (0.96%) Enterprise Software
15 13 (0.96%) NHS
16 12 (0.89%) Public Cloud
17 11 (0.82%) BYOD
17 11 (0.82%) Cybercrime
Operating Systems
1 467 (34.64%) Linux
2 466 (34.57%) Windows
3 72 (5.34%) Android
3 72 (5.34%) Apple iOS
4 54 (4.01%) Windows Server
5 47 (3.49%) Unix
6 45 (3.34%) Kali Linux
7 36 (2.67%) Mac OS X
8 13 (0.96%) Windows Server 2008
9 8 (0.59%) Solaris
9 8 (0.59%) Windows 7
10 7 (0.52%) CentOS
11 4 (0.30%) Ubuntu
12 3 (0.22%) Embedded Linux
12 3 (0.22%) Red Hat Enterprise Linux
12 3 (0.22%) Windows Server 2012
13 2 (0.15%) Windows 10
13 2 (0.15%) Windows 8
14 1 (0.074%) Mac OS
14 1 (0.074%) Windows Phone
Processes & Methodologies
1 701 (52.00%) Information Security
2 522 (38.72%) Cybersecurity
3 460 (34.12%) SIEM
4 267 (19.81%) Vulnerability Management
5 256 (18.99%) Vulnerability Assessment
6 245 (18.18%) OWASP
7 216 (16.02%) Risk Management
8 196 (14.54%) Security Testing
9 188 (13.95%) Data Loss Prevention
10 185 (13.72%) Data Protection
11 162 (12.02%) Security Management
12 153 (11.35%) Ethical Hacking
13 152 (11.28%) Security Operations
14 146 (10.83%) Agile Software Development
15 143 (10.61%) Security Architecture
16 139 (10.31%) Incident Management
17 136 (10.09%) Vulnerability Scanning
18 133 (9.87%) Business Continuity
18 133 (9.87%) Mentoring
19 132 (9.79%) Disaster Recovery
Programming Languages
1 157 (11.65%) SQL
2 150 (11.13%) Python
3 141 (10.46%) Java
4 103 (7.64%) C#
5 97 (7.20%) PowerShell
6 96 (7.12%) C++
7 87 (6.45%) C
8 72 (5.34%) PHP
9 62 (4.60%) JavaScript
10 61 (4.53%) Bash Shell
11 50 (3.71%) Ruby
12 44 (3.26%) Perl
13 35 (2.60%) Objective-C
14 20 (1.48%) Go
15 14 (1.04%) VB
16 12 (0.89%) Shell Script
17 4 (0.30%) T-SQL
18 3 (0.22%) Embedded C
19 2 (0.15%) Lua
19 2 (0.15%) VB.NET
Qualifications
1 607 (45.03%) CISSP
2 241 (17.88%) CREST Certified
2 241 (17.88%) SANS
3 229 (16.99%) Degree
4 220 (16.32%) CISM
5 195 (14.47%) Cisco Certification
6 149 (11.05%) CEH
7 145 (10.76%) Security Cleared
8 124 (9.20%) (ISC)2 CCSP
9 113 (8.38%) OSCP
10 106 (7.86%) CISA
11 98 (7.27%) GIAC
12 74 (5.49%) DV Cleared
13 67 (4.97%) SSCP
14 66 (4.90%) CCNA
15 61 (4.53%) Microsoft Certification
16 60 (4.45%) SC Cleared
17 59 (4.38%) MCSE
18 51 (3.78%) CompTIA Security+
19 40 (2.97%) Computer Science Degree
Quality Assurance & Compliance
1 440 (32.64%) ISO/IEC 27001
2 264 (19.58%) GDPR
3 229 (16.99%) PCI DSS
4 58 (4.30%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
5 56 (4.15%) Cyber Essentials
6 35 (2.60%) COBIT
7 28 (2.08%) QA
8 23 (1.71%) MiFID
9 13 (0.96%) Cyber Essentials PLUS
9 13 (0.96%) Sarbanes-Oxley
10 12 (0.89%) HIPAA
11 11 (0.82%) ISO 22301
12 10 (0.74%) PMO
13 8 (0.59%) SLA
14 4 (0.30%) ISO 9001
14 4 (0.30%) RMADS
15 3 (0.22%) Web Application Security Consortium
16 2 (0.15%) Data Quality
17 1 (0.074%) GPG13
17 1 (0.074%) PMBOK
System Software
1 134 (9.94%) VMware Infrastructure
2 124 (9.20%) Active Directory
3 47 (3.49%) Docker
4 35 (2.60%) Snort
5 32 (2.37%) vSphere
6 8 (0.59%) Hyper-V
7 6 (0.45%) Firmware
8 5 (0.37%) KVM
8 5 (0.37%) ProxySG
9 3 (0.22%) Virtual Servers
10 2 (0.15%) Squid
10 2 (0.15%) Virtual Machines
11 1 (0.074%) Apache Flume
11 1 (0.074%) HDFS
11 1 (0.074%) VMware ESXi
11 1 (0.074%) VMware NSX
Systems Management
1 82 (6.08%) Nessus
2 37 (2.74%) Puppet
3 35 (2.60%) Nmap
4 33 (2.45%) Salt
5 24 (1.78%) Nexpose
6 23 (1.71%) OSSEC
7 20 (1.48%) QRadar
8 19 (1.41%) SCCM
9 16 (1.19%) McAfee ePO
10 13 (0.96%) EnCase
10 13 (0.96%) OpenVAS
11 11 (0.82%) Suricata
12 10 (0.74%) Ansible
12 10 (0.74%) FTK
12 10 (0.74%) Kubernetes
12 10 (0.74%) Terraform
13 9 (0.67%) Network Intrusion Detection System
14 7 (0.52%) Computer Emergency Response Teams
14 7 (0.52%) Opscode Chef
14 7 (0.52%) WSUS
Vendors
1 361 (26.78%) Microsoft
2 200 (14.84%) Cisco
3 143 (10.61%) VMware
4 58 (4.30%) Splunk
5 47 (3.49%) Qualys
6 41 (3.04%) LogRhythm
7 36 (2.67%) CheckPoint
8 35 (2.60%) Palo Alto
9 33 (2.45%) Symantec
10 32 (2.37%) McAfee
11 26 (1.93%) Blue Coat
12 24 (1.78%) Juniper
13 23 (1.71%) Google
13 23 (1.71%) IBM
14 20 (1.48%) ArcSight
15 19 (1.41%) FireEye
16 18 (1.34%) Red Hat
17 16 (1.19%) F5
18 15 (1.11%) ServiceNow
18 15 (1.11%) Sophos