Period
to 16 June 2019

The following table provides summary statistics for permanent job vacancies advertised in London with a requirement for Penetration Testing skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Penetration Testing over the 6 months to 16 June 2019 with a comparison to the same period in the previous 2 years.

Penetration Testing
England > London
6 months to
16 Jun 2019
Same period 2018 Same period 2017
Rank 303 357 399
Rank change year-on-year +54 +42 -24
Permanent jobs citing Penetration Testing 579 613 536
As % of all permanent IT jobs advertised in London 1.01% 0.89% 0.77%
As % of the Processes & Methodologies category 1.08% 0.95% 0.83%
Number of salaries quoted 467 478 475
London median annual salary £70,000 £70,000 £60,000
Median salary % change year-on-year - +16.67% -7.69%
10th Percentile £43,750 £42,125 £37,500
90th Percentile £107,500 £100,000 £87,500
England median annual salary £60,000 £60,000 £55,000
% change year-on-year - +9.09% -4.35%

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in London with a requirement for process or methodology skills.

All Process and Methodology Skills
London
Permanent vacancies with a requirement for process or methodology skills 53,386 64,189 64,678
As % of all permanent IT jobs advertised in London 92.77% 92.82% 92.77%
Number of salaries quoted 43,120 51,811 53,096
London median annual salary £65,000 £60,000 £60,000
Median salary % change year-on-year +8.33% - +6.19%
10th Percentile £36,250 £35,000 £34,000
90th Percentile £96,250 £94,250 £90,000
England median annual salary £52,500 £50,000 £50,000
% change year-on-year +5.00% - +4.17%

Penetration Testing
Job Vacancy Trend in London

Job postings citing Penetration Testing as a percentage of all IT jobs advertised in London.

Job vacancy trend for Penetration Testing in London

Penetration Testing
Salary Trend in London

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing Penetration Testing in London.

Salary trend for Penetration Testing in London

Penetration Testing
Salary Histogram in London

The salary distribution of IT jobs citing Penetration Testing in London over the 6 months to 16 June 2019.

Salary histogram for Penetration Testing in London

Penetration Testing
Job Locations in London

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the London region over the 6 months to 16 June 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
Central London 0 117 £75,000 +15.38% 7
West London +39 22 £70,000 +27.27% 1
North London +20 14 £60,000 +41.18% 1
East London +24 5 £70,000 -3.45%
South London -15 3 £34,500 -53.69%
Penetration Testing
England

For the 6 months to 16 June 2019, IT jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads across the London region with a requirement for Penetration Testing.

1 297 (51.30%) Information Security
2 291 (50.26%) Cybersecurity
3 180 (31.09%) CISSP
4 167 (28.84%) Finance
5 149 (25.73%) SIEM
6 132 (22.80%) Linux
7 131 (22.63%) ISO/IEC 27001
8 129 (22.28%) Windows
9 117 (20.21%) Security Architecture
10 110 (19.00%) Firewall
11 105 (18.13%) Agile Software Development
12 100 (17.27%) CISM
13 96 (16.58%) Java
14 94 (16.23%) Vulnerability Management
15 90 (15.54%) Security Testing
15 90 (15.54%) CREST Certified
16 87 (15.03%) Identity Access Management
17 85 (14.68%) Risk Management
18 84 (14.51%) Python
19 82 (14.16%) Microsoft
20 80 (13.82%) Cisco Certification
20 80 (13.82%) OWASP
21 79 (13.64%) Security Operations
22 78 (13.47%) CEH
23 75 (12.95%) PCI DSS
24 73 (12.61%) Vulnerability Scanning
25 72 (12.44%) CISA
26 69 (11.92%) Degree
26 69 (11.92%) OSCP
26 69 (11.92%) SANS

Penetration Testing
Co-occurring IT Skills in London by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 10 (1.73%) Apache
1 10 (1.73%) Confluence
1 10 (1.73%) IIS
2 9 (1.55%) MS Exchange
3 7 (1.21%) Apache Spark
4 5 (0.86%) Elasticsearch
4 5 (0.86%) OpenStack
5 4 (0.69%) ColdFusion
5 4 (0.69%) Tomcat
6 3 (0.52%) Exchange Server 2013
7 2 (0.35%) SharePoint
8 1 (0.17%) Apache Solr
8 1 (0.17%) Cloud Foundry
8 1 (0.17%) Exchange Server 2010
8 1 (0.17%) Jupyter
8 1 (0.17%) nginx
8 1 (0.17%) SharePoint 2010
Applications
1 6 (1.04%) Microsoft Office
2 4 (0.69%) MS Visio
Business Applications
1 1 (0.17%) Sage 300 ERP
Cloud Services
1 65 (11.23%) Microsoft Azure
2 63 (10.88%) Amazon AWS
3 46 (7.94%) SaaS
4 38 (6.56%) Google Cloud Platform
5 9 (1.55%) IaaS
5 9 (1.55%) Office 365
6 6 (1.04%) Cloud Computing
6 6 (1.04%) OpenShift
6 6 (1.04%) Serverless
7 5 (0.86%) AWS CloudFormation
8 4 (0.69%) BlazeMeter
9 2 (0.35%) Azure Data Factory
9 2 (0.35%) PaaS
10 1 (0.17%) Amazon EC2
10 1 (0.17%) Apcera
10 1 (0.17%) GitHub
10 1 (0.17%) Mimecast
Communications & Networking
1 110 (19.00%) Firewall
2 53 (9.15%) HTTP
3 47 (8.12%) TCP/IP
4 42 (7.25%) Intrusion Detection
5 35 (6.04%) IPsec
6 30 (5.18%) Network Security
7 24 (4.15%) VPN
7 24 (4.15%) Wireless
8 23 (3.97%) HTTPS
9 15 (2.59%) DNS
10 14 (2.42%) BGP
10 14 (2.42%) Cisco Nexus
10 14 (2.42%) EIGRP
10 14 (2.42%) Internet
11 11 (1.90%) WAN
12 8 (1.38%) DHCP
12 8 (1.38%) SSL
13 6 (1.04%) Cisco ASA
13 6 (1.04%) LAN
13 6 (1.04%) VLAN
Database & Business Intelligence
1 31 (5.35%) SQL Server
2 23 (3.97%) MySQL
3 17 (2.94%) Big Data
4 7 (1.21%) RDBMS
4 7 (1.21%) Relational Database
5 5 (0.86%) Oracle Database
5 5 (0.86%) PostgreSQL
5 5 (0.86%) SQL Server 2012
6 3 (0.52%) Data Warehouse
7 2 (0.35%) Azure SQL Data Warehouse
7 2 (0.35%) Cosmos DB
7 2 (0.35%) Hadoop
7 2 (0.35%) MongoDB
7 2 (0.35%) Neo4j
7 2 (0.35%) NoSQL
8 1 (0.17%) Oracle Database 11g
8 1 (0.17%) SQL Server 2008
8 1 (0.17%) SQL Server 2016
Development Applications
1 22 (3.80%) Burp Suite
1 22 (3.80%) JIRA
2 19 (3.28%) Metasploit
3 15 (2.59%) Cucumber
4 12 (2.07%) Selenium
4 12 (2.07%) SonarQube
5 11 (1.90%) Jenkins
6 9 (1.55%) Android Studio
6 9 (1.55%) Appium
6 9 (1.55%) Xcode
7 8 (1.38%) Git (software)
8 7 (1.21%) LoadRunner
9 6 (1.04%) AppScan
9 6 (1.04%) GitLab
9 6 (1.04%) Snyk
10 5 (0.86%) Bitbucket
10 5 (0.86%) git-flow
10 5 (0.86%) JMeter
11 4 (0.69%) SoapUI
11 4 (0.69%) SpecFlow
General
1 167 (28.84%) Finance
2 52 (8.98%) Retail
3 43 (7.43%) Banking
4 22 (3.80%) Telecoms
5 12 (2.07%) Marketing
6 10 (1.73%) Legal
7 8 (1.38%) Games
8 7 (1.21%) Law
9 3 (0.52%) Electronics
10 2 (0.35%) Advertising
10 2 (0.35%) Back Office
10 2 (0.35%) Pharmaceutical
10 2 (0.35%) Publishing
11 1 (0.17%) Aerospace
11 1 (0.17%) Financial Institution
11 1 (0.17%) Wholesale Banking
Job Titles
1 128 (22.11%) Security Engineer
2 108 (18.65%) Tester
3 92 (15.89%) Penetration Tester
4 81 (13.99%) Analyst
5 69 (11.92%) Security Analyst
6 58 (10.02%) Security Manager
7 49 (8.46%) Consultant
8 40 (6.91%) Security Specialist
9 37 (6.39%) Information Analyst
9 37 (6.39%) Information Security Analyst
9 37 (6.39%) Security Consultant
10 36 (6.22%) Cybersecurity Engineer
10 36 (6.22%) Head of Security
11 30 (5.18%) Application Security Specialist
11 30 (5.18%) Applications Specialist
12 28 (4.84%) Cybersecurity Consultant
12 28 (4.84%) Information Manager
12 28 (4.84%) Information Security Manager
13 27 (4.66%) Head of Information
13 27 (4.66%) Head of Information Security
Libraries, Frameworks & Software Standards
1 40 (6.91%) SailPoint
2 25 (4.32%) .NET
3 15 (2.59%) Node.js
3 15 (2.59%) RESTful
4 13 (2.25%) HTML
5 12 (2.07%) ASP.NET
6 10 (1.73%) Spring
7 9 (1.55%) Dagger
8 7 (1.21%) AngularJS
8 7 (1.21%) JDBC
8 7 (1.21%) Kafka
8 7 (1.21%) React
9 6 (1.04%) OAuth
9 6 (1.04%) OpenID
9 6 (1.04%) SAML
10 5 (0.86%) ASP.NET Web API
10 5 (0.86%) CSS
10 5 (0.86%) REST
10 5 (0.86%) Spring MVC
10 5 (0.86%) Vue.js
Miscellaneous
1 64 (11.05%) Management Information System
2 55 (9.50%) Mobile App
3 27 (4.66%) Cyberthreat
4 19 (3.28%) Self-Motivation
5 16 (2.76%) BYOD
6 15 (2.59%) Analytical Skills
6 15 (2.59%) Cyberattack
7 14 (2.42%) Enterprise Software
8 9 (1.55%) Client/Server
8 9 (1.55%) Mobile Wallet
9 7 (1.21%) Public Cloud
10 6 (1.04%) Fat Client
10 6 (1.04%) Security Operations Centre
10 6 (1.04%) Thin Client
10 6 (1.04%) Video\Live Streaming
11 5 (0.86%) Data Centre
11 5 (0.86%) Social Media
12 4 (0.69%) Cybercrime
12 4 (0.69%) Mobile Banking
12 4 (0.69%) SCADA
Operating Systems
1 132 (22.80%) Linux
2 129 (22.28%) Windows
3 45 (7.77%) Unix
4 22 (3.80%) Android
4 22 (3.80%) Apple iOS
5 13 (2.25%) Kali Linux
6 9 (1.55%) Windows Server 2012
7 8 (1.38%) Windows Server
8 6 (1.04%) Windows Server 2008
9 5 (0.86%) CentOS
10 4 (0.69%) AIX
10 4 (0.69%) Windows 8
11 3 (0.52%) Windows 10
11 3 (0.52%) Windows 7
12 2 (0.35%) Debian
12 2 (0.35%) Mac OS
13 1 (0.17%) Mac OS X
13 1 (0.17%) Mesosphere
13 1 (0.17%) Red Hat Enterprise Linux
Processes & Methodologies
1 297 (51.30%) Information Security
2 291 (50.26%) Cybersecurity
3 149 (25.73%) SIEM
4 117 (20.21%) Security Architecture
5 105 (18.13%) Agile Software Development
6 94 (16.23%) Vulnerability Management
7 90 (15.54%) Security Testing
8 87 (15.03%) Identity Access Management
9 85 (14.68%) Risk Management
10 80 (13.82%) OWASP
11 79 (13.64%) Security Operations
12 73 (12.61%) Vulnerability Scanning
13 67 (11.57%) Threat Modelling
14 58 (10.02%) Ethical Hacking
15 55 (9.50%) DevOps
16 53 (9.15%) Secure Coding
17 51 (8.81%) Vulnerability Assessment
18 50 (8.64%) Stakeholder Management
19 39 (6.74%) Open Source
20 38 (6.56%) Test Automation
Programming Languages
1 96 (16.58%) Java
2 84 (14.51%) Python
3 65 (11.23%) C++
4 38 (6.56%) C#
5 30 (5.18%) JavaScript
6 28 (4.84%) C
7 21 (3.63%) Perl
7 21 (3.63%) SQL
8 17 (2.94%) PowerShell
9 14 (2.42%) Go
10 13 (2.25%) Bash Shell
11 11 (1.90%) PHP
12 8 (1.38%) Ruby
13 4 (0.69%) Shell Script
13 4 (0.69%) VB.NET
14 2 (0.35%) Scala
14 2 (0.35%) TypeScript
15 1 (0.17%) Lua
15 1 (0.17%) PL/SQL
15 1 (0.17%) VB
Qualifications
1 180 (31.09%) CISSP
2 100 (17.27%) CISM
3 90 (15.54%) CREST Certified
4 80 (13.82%) Cisco Certification
5 78 (13.47%) CEH
6 72 (12.44%) CISA
7 69 (11.92%) Degree
7 69 (11.92%) OSCP
7 69 (11.92%) SANS
8 51 (8.81%) GIAC
9 45 (7.77%) CCNA
10 33 (5.70%) CCNP
11 31 (5.35%) Security Cleared
12 25 (4.32%) (ISC)2 CCSP
12 25 (4.32%) Tigerscheme
13 24 (4.15%) GPEN
14 21 (3.63%) CHECK Team Leader
15 19 (3.28%) Computer Science Degree
16 18 (3.11%) CCSP
16 18 (3.11%) Microsoft Certification
Quality Assurance & Compliance
1 131 (22.63%) ISO/IEC 27001
2 75 (12.95%) PCI DSS
3 62 (10.71%) NIST
4 39 (6.74%) GDPR
5 16 (2.76%) QA
6 14 (2.42%) Cyber Essentials
7 11 (1.90%) COBIT
8 10 (1.73%) Sarbanes-Oxley
9 9 (1.55%) SAS 70
10 6 (1.04%) MiFID
11 3 (0.52%) FINRA
11 3 (0.52%) NCSC
12 2 (0.35%) Actionable Recommendations
12 2 (0.35%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
13 1 (0.17%) Cyber Essentials PLUS
13 1 (0.17%) PA-DSS
13 1 (0.17%) RMADS
System Software
1 35 (6.04%) Active Directory
2 18 (3.11%) Docker
3 9 (1.55%) VMware Infrastructure
4 4 (0.69%) NFS
4 4 (0.69%) Virtual Machines
5 1 (0.17%) BitLocker
5 1 (0.17%) Snort
5 1 (0.17%) VMware NSX
5 1 (0.17%) zsh
Systems Management
1 61 (10.54%) Nessus
2 37 (6.39%) McAfee ePO
2 37 (6.39%) SCCM
3 17 (2.94%) Kubernetes
4 15 (2.59%) Terraform
5 14 (2.42%) Nmap
6 7 (1.21%) FortiGate
7 6 (1.04%) Sysdig
8 5 (0.86%) Ansible
8 5 (0.86%) Nexpose
9 4 (0.69%) Host Intrusion Detection System
9 4 (0.69%) WSUS
10 3 (0.52%) HP Fortify
10 3 (0.52%) Nagios
10 3 (0.52%) WebInspect
11 2 (0.35%) Mesos
11 2 (0.35%) Single Sign-On
12 1 (0.17%) Backup Exec
12 1 (0.17%) IBM BigFix
12 1 (0.17%) SELinux
Vendors
1 82 (14.16%) Microsoft
2 49 (8.46%) Splunk
3 39 (6.74%) Cisco
3 39 (6.74%) Palo Alto
4 37 (6.39%) McAfee
5 36 (6.22%) Aveksa
5 36 (6.22%) LogRhythm
6 35 (6.04%) CyberArk
7 25 (4.32%) Google
8 23 (3.97%) Qualys
9 22 (3.80%) SolarWinds
10 18 (3.11%) Juniper
11 17 (2.94%) CheckPoint
12 14 (2.42%) Blue Coat
12 14 (2.42%) FireEye
12 14 (2.42%) Symantec
13 11 (1.90%) IBM
13 11 (1.90%) Veracode
14 10 (1.73%) VMware
15 9 (1.55%) Oracle