Period
to 20 November 2019

The following table provides summary statistics for permanent job vacancies advertised in London with a requirement for Penetration Testing skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Penetration Testing over the 6 months to 20 November 2019 with a comparison to the same period in the previous 2 years.

Penetration Testing
England > London
6 months to
20 Nov 2019
Same period 2018 Same period 2017
Rank 384 356 369
Rank change year-on-year -28 +13 -48
Permanent jobs citing Penetration Testing 386 594 650
As % of all permanent IT jobs advertised in London 0.71% 0.88% 0.86%
As % of the Processes & Methodologies category 0.76% 0.95% 0.92%
Number of salaries quoted 320 462 553
London median annual salary £75,000 £65,000 £62,500
Median salary % change year-on-year +15.38% +4.00% -3.85%
10th Percentile £47,375 £45,000 £38,000
90th Percentile £110,000 £95,000 £92,500
England median annual salary £60,000 £60,000 £55,000
% change year-on-year - +9.09% -4.35%

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in London with a requirement for process or methodology skills.

All Process and Methodology Skills
London
Permanent vacancies with a requirement for process or methodology skills 50,760 62,322 70,503
As % of all permanent IT jobs advertised in London 93.09% 92.49% 93.71%
Number of salaries quoted 40,885 50,433 54,368
London median annual salary £65,000 £62,500 £60,000
Median salary % change year-on-year +4.00% +4.17% +4.35%
10th Percentile £36,250 £35,000 £35,000
90th Percentile £100,000 £95,000 £90,000
England median annual salary £52,500 £52,500 £50,000
% change year-on-year - +5.00% -

Penetration Testing
Job Vacancy Trend in London

Job postings citing Penetration Testing as a percentage of all IT jobs advertised in London.

Job vacancy trend for Penetration Testing in London

Penetration Testing
Salary Trend in London

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing Penetration Testing in London.

Salary trend for Penetration Testing in London

Penetration Testing
Salary Histogram in London

The salary distribution of IT jobs citing Penetration Testing in London over the 6 months to 20 November 2019.

Salary histogram for Penetration Testing in London

Penetration Testing
Job Locations in London

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the London region over the 6 months to 20 November 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
Central London -78 49 £75,000 - 12
West London +12 11 £80,000 +14.29% 5
South London +2 7 £60,000 +4.35% 2
North London -3 4 £50,000 +36.99% 1
East London +21 1 £38,000 -57.78% 5
Penetration Testing
England

For the 6 months to 20 November 2019, IT jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads across the London region with a requirement for Penetration Testing.

1 192 (49.74%) Cybersecurity
2 191 (49.48%) Information Security
3 133 (34.46%) SIEM
4 131 (33.94%) Linux
5 113 (29.27%) Firewall
6 102 (26.42%) Finance
7 101 (26.17%) CISSP
8 99 (25.65%) Vulnerability Management
9 81 (20.98%) ISO/IEC 27001
10 77 (19.95%) Java
11 76 (19.69%) Agile Software Development
12 72 (18.65%) CISM
12 72 (18.65%) Python
13 70 (18.13%) Nessus
14 69 (17.88%) AWS
15 68 (17.62%) CREST Certified
16 65 (16.84%) PCI DSS
17 63 (16.32%) Windows
18 62 (16.06%) Security Testing
19 61 (15.80%) Management Information System
19 61 (15.80%) Stakeholder Management
20 59 (15.28%) Ethical Hacking
21 56 (14.51%) C++
22 54 (13.99%) CISA
22 54 (13.99%) Risk Management
22 54 (13.99%) Degree
22 54 (13.99%) Security Operations
23 53 (13.73%) Identity Access Management
24 52 (13.47%) Cisco Certification
25 50 (12.95%) OWASP

Penetration Testing
Co-occurring IT Skills in London by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 9 (2.33%) SharePoint
2 8 (2.07%) Apache Spark
2 8 (2.07%) Elasticsearch
2 8 (2.07%) OpenStack
3 4 (1.04%) ColdFusion
3 4 (1.04%) Confluence
4 3 (0.78%) Drupal
4 3 (0.78%) WordPress
5 1 (0.26%) Cloud Foundry
Applications
1 1 (0.26%) MS Visio
Business Applications
1 2 (0.52%) Distributed Ledger
Cloud Services
1 69 (17.88%) AWS
2 45 (11.66%) Azure
3 31 (8.03%) GCP
4 24 (6.22%) SaaS
5 9 (2.33%) Office 365
6 8 (2.07%) OpenShift
7 6 (1.55%) AWS CloudFormation
8 5 (1.30%) IaaS
9 3 (0.78%) Cloud Computing
10 2 (0.52%) Azure Data Factory
10 2 (0.52%) G Suite
Communications & Networking
1 113 (29.27%) Firewall
2 48 (12.44%) TCP/IP
3 44 (11.40%) HTTP
4 35 (9.07%) Network Security
5 31 (8.03%) Intrusion Detection
5 31 (8.03%) IPsec
6 24 (6.22%) HTTPS
7 23 (5.96%) Internet
8 22 (5.70%) LAN
9 19 (4.92%) Wireless
10 18 (4.66%) WAN
11 17 (4.40%) VPN
12 16 (4.15%) SSL
13 13 (3.37%) Wireshark
14 10 (2.59%) SMTP
14 10 (2.59%) VoIP
15 9 (2.33%) Cisco ASA
15 9 (2.33%) Skype
16 8 (2.07%) HSRP
16 8 (2.07%) NetScaler
Database & Business Intelligence
1 17 (4.40%) MySQL
1 17 (4.40%) SQL Server
2 11 (2.85%) Big Data
3 8 (2.07%) Blockchain
4 4 (1.04%) Oracle Database
4 4 (1.04%) PostgreSQL
5 2 (0.52%) Azure SQL Data Warehouse
5 2 (0.52%) Cosmos DB
5 2 (0.52%) Data Warehouse
6 1 (0.26%) RDBMS
6 1 (0.26%) Relational Database
Development Applications
1 38 (9.84%) Metasploit
2 17 (4.40%) SonarQube
3 16 (4.15%) Jenkins
4 15 (3.89%) Snyk
5 14 (3.63%) GitLab
5 14 (3.63%) JIRA
6 9 (2.33%) Bitbucket
6 9 (2.33%) Git (software)
7 8 (2.07%) git-flow
7 8 (2.07%) VSS/SourceSafe
8 7 (1.81%) Burp Suite
9 3 (0.78%) Android Studio
9 3 (0.78%) Appium
9 3 (0.78%) WiX
9 3 (0.78%) Xcode
10 2 (0.52%) AppScan
10 2 (0.52%) Selenium
11 1 (0.26%) Cobertura
11 1 (0.26%) Gradle
11 1 (0.26%) Subversion
General
1 102 (26.42%) Finance
2 40 (10.36%) Retail
3 26 (6.74%) Banking
4 10 (2.59%) Law
4 10 (2.59%) Legal
4 10 (2.59%) Telecoms
5 7 (1.81%) Games
6 4 (1.04%) Brand Awareness
6 4 (1.04%) Electronics
6 4 (1.04%) Police
7 3 (0.78%) Marketing
8 2 (0.52%) Automotive
8 2 (0.52%) Manufacturing
9 1 (0.26%) Aerospace
9 1 (0.26%) Financial Institution
9 1 (0.26%) French Language
9 1 (0.26%) Front Office
9 1 (0.26%) Housing Association
9 1 (0.26%) Public Sector
9 1 (0.26%) Publishing
Job Titles
1 76 (19.69%) Tester
2 69 (17.88%) Penetration Tester
3 60 (15.54%) Security Engineer
4 57 (14.77%) Analyst
5 53 (13.73%) Security Analyst
6 36 (9.33%) Security Manager
7 34 (8.81%) Senior Penetration Tester
7 34 (8.81%) Senior Tester
8 27 (6.99%) Head of Security
9 26 (6.74%) Information Analyst
9 26 (6.74%) Information Security Analyst
10 24 (6.22%) Consultant
11 23 (5.96%) Cybersecurity Engineer
11 23 (5.96%) Head of Information
11 23 (5.96%) Head of Information Security
11 23 (5.96%) Senior Analyst
12 22 (5.70%) Senior Security Analyst
13 21 (5.44%) Information Manager
13 21 (5.44%) Information Security Manager
14 20 (5.18%) Security Officer
Libraries, Frameworks & Software Standards
1 27 (6.99%) SailPoint
2 20 (5.18%) .NET
3 18 (4.66%) OAuth
4 16 (4.15%) OpenID
4 16 (4.15%) SAML
5 14 (3.63%) Kafka
6 13 (3.37%) Node.js
7 10 (2.59%) ASP.NET
8 9 (2.33%) AngularJS
8 9 (2.33%) REST
8 9 (2.33%) Spring
9 8 (2.07%) GraphQL
9 8 (2.07%) React
9 8 (2.07%) Spring MVC
9 8 (2.07%) Vue.js
10 7 (1.81%) HTML
11 6 (1.55%) CSS
12 4 (1.04%) RESTful
13 3 (0.78%) Dagger
14 2 (0.52%) OAuth2
Miscellaneous
1 61 (15.80%) Management Information System
2 19 (4.92%) Analytical Skills
2 19 (4.92%) PKI
3 18 (4.66%) Mobile App
4 17 (4.40%) BYOD
5 14 (3.63%) Data Centre
6 12 (3.11%) Data Protection Act
7 11 (2.85%) Cyber Kill Chain
8 10 (2.59%) Cyberattack
9 9 (2.33%) Public Cloud
10 8 (2.07%) Cyberthreat
11 7 (1.81%) Security Operations Centre
11 7 (1.81%) Self-Motivation
12 5 (1.30%) Blog
12 5 (1.30%) Virtual Team
13 4 (1.04%) Cyber Defence
13 4 (1.04%) Distributed Denial-of-Service
13 4 (1.04%) SCADA
14 3 (0.78%) Cybercrime
14 3 (0.78%) Social Media
Operating Systems
1 131 (33.94%) Linux
2 63 (16.32%) Windows
3 31 (8.03%) Kali Linux
4 27 (6.99%) Unix
5 18 (4.66%) Android
5 18 (4.66%) Apple iOS
6 9 (2.33%) Mac OS
7 2 (0.52%) Ubuntu
7 2 (0.52%) Windows Server
8 1 (0.26%) CentOS
8 1 (0.26%) Solaris
Processes & Methodologies
1 192 (49.74%) Cybersecurity
2 191 (49.48%) Information Security
3 133 (34.46%) SIEM
4 99 (25.65%) Vulnerability Management
5 76 (19.69%) Agile Software Development
6 62 (16.06%) Security Testing
7 61 (15.80%) Stakeholder Management
8 59 (15.28%) Ethical Hacking
9 54 (13.99%) Risk Management
9 54 (13.99%) Security Operations
10 53 (13.73%) Identity Access Management
11 50 (12.95%) OWASP
12 48 (12.44%) Vulnerability Scanning
13 47 (12.18%) Threat Modelling
14 37 (9.59%) Data Protection
14 37 (9.59%) SDLC
15 36 (9.33%) Vulnerability Assessment
16 34 (8.81%) Project Delivery
17 31 (8.03%) Antivirus Management
17 31 (8.03%) Security Architecture
Programming Languages
1 77 (19.95%) Java
2 72 (18.65%) Python
3 56 (14.51%) C++
4 29 (7.51%) JavaScript
5 24 (6.22%) Go
6 19 (4.92%) C
7 16 (4.15%) C#
8 10 (2.59%) SQL
9 9 (2.33%) Bash Shell
9 9 (2.33%) Perl
9 9 (2.33%) PHP
10 8 (2.07%) PowerShell
10 8 (2.07%) Ruby
11 7 (1.81%) TypeScript
12 4 (1.04%) VB.NET
13 3 (0.78%) VB
14 1 (0.26%) Objective-C
14 1 (0.26%) R
Qualifications
1 101 (26.17%) CISSP
2 72 (18.65%) CISM
3 68 (17.62%) CREST Certified
4 54 (13.99%) CISA
4 54 (13.99%) Degree
5 52 (13.47%) Cisco Certification
6 33 (8.55%) OSCP
6 33 (8.55%) SANS
7 27 (6.99%) CEH
7 27 (6.99%) GIAC
8 22 (5.70%) CompTIA Security+
9 19 (4.92%) CHECK Team Leader
9 19 (4.92%) Security Cleared
10 14 (3.63%) (ISC)2 CCSP
10 14 (3.63%) CCNA
10 14 (3.63%) SSCP
11 13 (3.37%) GPEN
12 12 (3.11%) Tigerscheme
13 11 (2.85%) CCNP
13 11 (2.85%) CCSP
Quality Assurance & Compliance
1 81 (20.98%) ISO/IEC 27001
2 65 (16.84%) PCI DSS
3 40 (10.36%) NIST
4 38 (9.84%) GDPR
5 13 (3.37%) QA
6 9 (2.33%) Sarbanes-Oxley
6 9 (2.33%) SLA
7 7 (1.81%) Cyber Essentials
7 7 (1.81%) Cyber Essentials PLUS
7 7 (1.81%) SAS 70
8 6 (1.55%) NIST 800
9 5 (1.30%) MiFID
10 4 (1.04%) COBIT
11 3 (0.78%) NCSC
12 2 (0.52%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
13 1 (0.26%) Actionable Recommendations
13 1 (0.26%) IASME
13 1 (0.26%) ISO 22301
13 1 (0.26%) RMADS
System Software
1 20 (5.18%) Docker
2 9 (2.33%) Active Directory
3 3 (0.78%) Snort
4 1 (0.26%) Firmware
4 1 (0.26%) VMware Infrastructure
4 1 (0.26%) VMware NSX
Systems Management
1 70 (18.13%) Nessus
2 35 (9.07%) SCCM
3 34 (8.81%) Nmap
4 27 (6.99%) Kubernetes
4 27 (6.99%) McAfee ePO
5 15 (3.89%) Sysdig
6 8 (2.07%) Microsoft Intune
6 8 (2.07%) Terraform
7 4 (1.04%) FortiGate
7 4 (1.04%) Mesos
7 4 (1.04%) Rancher
8 3 (0.78%) Docker Swarm
8 3 (0.78%) QRadar
8 3 (0.78%) WSUS
9 2 (0.52%) Prometheus
10 1 (0.26%) Cisco CME
10 1 (0.26%) CSIRT
10 1 (0.26%) HP Fortify
10 1 (0.26%) Opscode Chef
10 1 (0.26%) Puppet
Vendors
1 35 (9.07%) McAfee
2 34 (8.81%) Splunk
3 31 (8.03%) SolarWinds
4 29 (7.51%) LogRhythm
4 29 (7.51%) Palo Alto
5 27 (6.99%) Aveksa
6 23 (5.96%) Qualys
7 20 (5.18%) Google
8 19 (4.92%) Microsoft
9 18 (4.66%) Cisco
10 16 (4.15%) CyberArk
11 11 (2.85%) Forcepoint
12 8 (2.07%) Meraki
12 8 (2.07%) Symantec
13 5 (1.30%) Darktrace
13 5 (1.30%) Oracle
14 4 (1.04%) Rapid7
15 3 (0.78%) Trend Micro
15 3 (0.78%) Twitter
15 3 (0.78%) YouTube