Period
to 15 November 2018

The following table provides summary statistics for permanent job vacancies advertised in London with a requirement for Penetration Testing skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Penetration Testing over the 6 months to 15 November 2018 with a comparison to the same period in the previous 2 years.

Penetration Testing
England > London
6 months to
15 Nov 2018
Same period 2017 Same period 2016
Rank 356 364 308
Rank change year-on-year +8 -56 +163
Permanent jobs citing Penetration Testing 583 647 803
As % of all permanent IT jobs advertised in London 0.87% 0.85% 1.05%
As % of the Processes & Methodologies category 0.95% 0.92% 1.14%
Number of salaries quoted 457 552 679
London median annual salary £65,000 £61,500 £65,000
Median salary % change year-on-year +5.69% -5.38% +13.04%
10th Percentile £45,000 £38,000 £42,500
90th Percentile £95,000 £92,500 £85,000
England median annual salary £60,000 £55,000 £57,500
% change year-on-year +9.09% -4.35% +9.52%

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in London with a requirement for process or methodology skills.

All Process and Methodology Skills
London
Permanent vacancies with a requirement for process or methodology skills 61,577 70,268 70,230
As % of all permanent IT jobs advertised in London 91.60% 92.80% 91.90%
Number of salaries quoted 49,811 54,103 60,521
London median annual salary £62,500 £60,000 £57,500
Median salary % change year-on-year +4.17% +4.35% +4.55%
10th Percentile £35,000 £35,000 £33,207
90th Percentile £95,000 £90,000 £87,750
England median annual salary £52,500 £50,000 £50,000
% change year-on-year +5.00% - +5.26%

Penetration Testing
Job Vacancy Trend in London

Job postings citing Penetration Testing as a percentage of all IT jobs advertised in London.

Job vacancy trend for Penetration Testing in London

Penetration Testing
Salary Trend in London

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing Penetration Testing in London.

Salary trend for Penetration Testing in London

Penetration Testing
Salary Histogram in London

The salary distribution of IT jobs citing Penetration Testing in London over the 6 months to 15 November 2018.

Salary histogram for Penetration Testing in London

Penetration Testing
Job Locations in London

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the London region over the 6 months to 15 November 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
Central London +50 151 £75,000 +15.38% 25
West London +26 19 £70,000 +2.94% 7
North London +8 4 £39,500 -7.06% 1
South London -4 4 £57,500 -13.21% 3
East London -14 4 £90,000 +38.46% 3
Penetration Testing
England

For the 6 months to 15 November 2018, IT jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads across the London region with a requirement for Penetration Testing.

1 315 (54.03%) Cybersecurity
2 285 (48.89%) Information Security
3 235 (40.31%) CISSP
4 180 (30.87%) Windows
5 156 (26.76%) Linux
5 156 (26.76%) Firewall
6 127 (21.78%) SIEM
7 119 (20.41%) Finance
8 117 (20.07%) Security Testing
9 115 (19.73%) CISM
10 113 (19.38%) TCP/IP
11 104 (17.84%) ISO/IEC 27001
12 98 (16.81%) Vulnerability Assessment
13 95 (16.30%) Ethical Hacking
14 91 (15.61%) Vulnerability Management
14 91 (15.61%) CREST Certified
15 89 (15.27%) Degree
16 86 (14.75%) CEH
16 86 (14.75%) Vulnerability Scanning
17 84 (14.41%) Network Security
18 77 (13.21%) Security Architecture
19 75 (12.86%) Java
20 74 (12.69%) GDPR
21 70 (12.01%) Python
22 68 (11.66%) SANS
23 67 (11.49%) Security Cleared
24 62 (10.63%) Security Operations
25 61 (10.46%) OSCP
26 60 (10.29%) Analytics
27 59 (10.12%) PowerShell

Penetration Testing
Co-occurring IT Skills in London by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 17 (2.92%) Confluence
2 10 (1.72%) Apache Pig
2 10 (1.72%) IIS
3 4 (0.69%) MS Exchange
3 4 (0.69%) SharePoint Server
4 3 (0.51%) CMS
4 3 (0.51%) SharePoint
4 3 (0.51%) Umbraco
5 2 (0.34%) Apache
5 2 (0.34%) DNN
5 2 (0.34%) Elasticsearch
5 2 (0.34%) WebSphere
5 2 (0.34%) WebSphere Application Server
6 1 (0.17%) Apache Spark
6 1 (0.17%) Exchange Server 2013
6 1 (0.17%) Skype for Business
Applications
1 14 (2.40%) Microsoft Office
2 8 (1.37%) Microsoft PowerPoint
3 5 (0.86%) Microsoft Excel
4 3 (0.51%) MS Visio
Business Applications
1 3 (0.51%) RiskWrite
2 1 (0.17%) Dynamics CRM
2 1 (0.17%) Dynamics NAV
Cloud Services
1 37 (6.35%) Microsoft Azure
2 34 (5.83%) Amazon AWS
3 27 (4.63%) SaaS
4 26 (4.46%) Google Cloud Platform
5 10 (1.72%) Office 365
5 10 (1.72%) Serverless
6 5 (0.86%) Mimecast
7 4 (0.69%) PaaS
8 2 (0.34%) AWS Lambda
8 2 (0.34%) BlazeMeter
8 2 (0.34%) Google Drive
8 2 (0.34%) OpenDNS
8 2 (0.34%) Virtual Private Cloud
9 1 (0.17%) Amazon CloudWatch
9 1 (0.17%) Amazon EC2
9 1 (0.17%) AWS CodePipeline
9 1 (0.17%) Cloudflare
9 1 (0.17%) Datadog
9 1 (0.17%) IaaS
9 1 (0.17%) Slack
Communications & Networking
1 156 (26.76%) Firewall
2 113 (19.38%) TCP/IP
3 84 (14.41%) Network Security
4 49 (8.40%) Internet
5 44 (7.55%) Intrusion Detection
6 36 (6.17%) Wireless
7 18 (3.09%) HTTP
8 17 (2.92%) LAN
8 17 (2.92%) WAN
9 13 (2.23%) SSL
10 11 (1.89%) DNS
11 8 (1.37%) Wireshark
12 7 (1.20%) Cisco IOS
12 7 (1.20%) Wireless Security
13 6 (1.03%) SMTP
13 6 (1.03%) VPN
14 5 (0.86%) Cisco ASA
14 5 (0.86%) DKIM
14 5 (0.86%) DMARC
15 4 (0.69%) Cisco Firepower
Database & Business Intelligence
1 26 (4.46%) Big Data
2 12 (2.06%) Blockchain
3 10 (1.72%) Apache Hive
3 10 (1.72%) Hadoop
3 10 (1.72%) MySQL
4 9 (1.54%) SQL Server
5 4 (0.69%) NonStop SQL
6 3 (0.51%) Power BI
7 2 (0.34%) Amazon DynamoDB
7 2 (0.34%) DB2
7 2 (0.34%) NoSQL
8 1 (0.17%) Amazon Aurora
8 1 (0.17%) Amazon RDS
8 1 (0.17%) Data Warehouse
8 1 (0.17%) MongoDB
8 1 (0.17%) Redis
Development Applications
1 36 (6.17%) JIRA
2 33 (5.66%) Metasploit
3 24 (4.12%) Selenium
4 16 (2.74%) Git (software)
5 15 (2.57%) Android Studio
5 15 (2.57%) Burp Suite
5 15 (2.57%) Xcode
6 10 (1.72%) Atlassian Bamboo
7 9 (1.54%) Bitbucket
7 9 (1.54%) CodeSonar
7 9 (1.54%) git-flow
7 9 (1.54%) Robot Framework
8 8 (1.37%) Cucumber
9 5 (0.86%) LoadRunner
9 5 (0.86%) webpack
10 4 (0.69%) Grunt
10 4 (0.69%) gulp
10 4 (0.69%) Mocha
10 4 (0.69%) QUnit
10 4 (0.69%) Visual Studio
General
1 119 (20.41%) Finance
2 40 (6.86%) Banking
3 31 (5.32%) Retail
4 28 (4.80%) Legal
5 18 (3.09%) Law
6 16 (2.74%) Investment Banking
7 12 (2.06%) Telecoms
8 6 (1.03%) Marketing
9 5 (0.86%) Advertising
10 4 (0.69%) Financial Institution
11 2 (0.34%) Electronics
11 2 (0.34%) Games
11 2 (0.34%) Manufacturing
12 1 (0.17%) Czech Language
12 1 (0.17%) Hungarian Language
12 1 (0.17%) Military
Job Titles
1 113 (19.38%) Analyst
2 110 (18.87%) Tester
3 99 (16.98%) Security Engineer
4 95 (16.30%) Penetration Tester
5 91 (15.61%) Security Analyst
6 72 (12.35%) Security Manager
7 58 (9.95%) Cybersecurity Analyst
8 52 (8.92%) Consultant
9 46 (7.89%) Security Consultant
10 36 (6.17%) Security Specialist
11 31 (5.32%) Senior Security Engineer
12 29 (4.97%) Security Officer
13 28 (4.80%) IT Engineer
14 27 (4.63%) IT Security Engineer
15 25 (4.29%) Cybersecurity Consultant
15 25 (4.29%) Information Security Manager
16 24 (4.12%) Information Manager
17 21 (3.60%) Cybersecurity Engineer
18 20 (3.43%) Infrastructure Engineer
18 20 (3.43%) Infrastructure Security Engineer
Libraries, Frameworks & Software Standards
1 35 (6.00%) .NET
2 31 (5.32%) Node.js
3 28 (4.80%) Elastic Stack
4 17 (2.92%) ASP.NET
5 16 (2.74%) RESTful
6 15 (2.57%) Dagger
6 15 (2.57%) Web Services
7 14 (2.40%) HTML
8 12 (2.06%) .NET Framework
8 12 (2.06%) Django
8 12 (2.06%) Java EE
9 11 (1.89%) SOAP
10 9 (1.54%) CSS
10 9 (1.54%) LAMP
10 9 (1.54%) RabbitMQ
10 9 (1.54%) REST
10 9 (1.54%) Spring MVC
10 9 (1.54%) STL
11 5 (0.86%) JDBC
11 5 (0.86%) Regular Expression
Miscellaneous
1 56 (9.61%) Mobile App
2 49 (8.40%) Management Information System
3 36 (6.17%) Computer Science
4 35 (6.00%) Fintech
5 28 (4.80%) Data Protection Act
6 24 (4.12%) Cyberattack
7 22 (3.77%) Analytical Skills
8 20 (3.43%) Self-Motivation
9 17 (2.92%) Cyberthreat
10 13 (2.23%) Security Operations Centre
11 11 (1.89%) Cyber Defence
12 10 (1.72%) Cyber Kill Chain
13 9 (1.54%) BYOD
13 9 (1.54%) Distributed Denial-of-Service
13 9 (1.54%) PKI
14 8 (1.37%) Cybercrime
14 8 (1.37%) Data Centre
15 6 (1.03%) CESG
15 6 (1.03%) Embedded Systems
15 6 (1.03%) NHS
Operating Systems
1 180 (30.87%) Windows
2 156 (26.76%) Linux
3 37 (6.35%) Android
3 37 (6.35%) Apple iOS
3 37 (6.35%) Windows Server
4 28 (4.80%) Unix
5 20 (3.43%) Kali Linux
6 13 (2.23%) Mac OS X
7 7 (1.20%) Solaris
7 7 (1.20%) Windows 7
7 7 (1.20%) Windows Server 2008
8 2 (0.34%) CentOS
8 2 (0.34%) Red Hat Enterprise Linux
8 2 (0.34%) Ubuntu
8 2 (0.34%) Windows 10
8 2 (0.34%) Windows 8
8 2 (0.34%) Windows Server 2012
9 1 (0.17%) DC/OS
9 1 (0.17%) Mac OS
Processes & Methodologies
1 315 (54.03%) Cybersecurity
2 285 (48.89%) Information Security
3 127 (21.78%) SIEM
4 117 (20.07%) Security Testing
5 98 (16.81%) Vulnerability Assessment
6 95 (16.30%) Ethical Hacking
7 91 (15.61%) Vulnerability Management
8 86 (14.75%) Vulnerability Scanning
9 77 (13.21%) Security Architecture
10 62 (10.63%) Security Operations
11 60 (10.29%) Analytics
12 59 (10.12%) OWASP
13 58 (9.95%) ITIL
14 56 (9.61%) Data Loss Prevention
15 53 (9.09%) Agile Software Development
16 49 (8.40%) Risk Assessment
17 47 (8.06%) Open Source
17 47 (8.06%) Risk Management
18 45 (7.72%) Data Protection
19 43 (7.38%) Threat Modelling
Programming Languages
1 75 (12.86%) Java
2 70 (12.01%) Python
3 59 (10.12%) PowerShell
4 52 (8.92%) C#
5 43 (7.38%) C++
6 38 (6.52%) C
7 25 (4.29%) JavaScript
8 24 (4.12%) Ruby
9 23 (3.95%) SQL
10 21 (3.60%) PHP
11 19 (3.26%) Bash Shell
11 19 (3.26%) Perl
12 10 (1.72%) Go
13 9 (1.54%) Objective-C
14 8 (1.37%) Shell Script
15 7 (1.20%) VB
16 2 (0.34%) Lua
16 2 (0.34%) T-SQL
16 2 (0.34%) VB.NET
Qualifications
1 235 (40.31%) CISSP
2 115 (19.73%) CISM
3 91 (15.61%) CREST Certified
4 89 (15.27%) Degree
5 86 (14.75%) CEH
6 68 (11.66%) SANS
7 67 (11.49%) Security Cleared
8 61 (10.46%) OSCP
9 58 (9.95%) CISA
10 40 (6.86%) Cisco Certification
11 37 (6.35%) GIAC
12 32 (5.49%) CCNA
13 27 (4.63%) Computer Science Degree
14 25 (4.29%) SC Cleared
15 23 (3.95%) DV Cleared
16 18 (3.09%) GCIH
17 17 (2.92%) GCIA
17 17 (2.92%) GPEN
18 15 (2.57%) OSCE
18 15 (2.57%) SSCP
Quality Assurance & Compliance
1 104 (17.84%) ISO/IEC 27001
2 74 (12.69%) GDPR
3 38 (6.52%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
4 33 (5.66%) PCI DSS
5 23 (3.95%) MiFID
6 18 (3.09%) Cyber Essentials
6 18 (3.09%) QA
7 15 (2.57%) COBIT
8 4 (0.69%) ISO 22301
8 4 (0.69%) Sarbanes-Oxley
9 3 (0.51%) HIPAA
10 1 (0.17%) Data Quality
10 1 (0.17%) FINRA
10 1 (0.17%) PMBOK
10 1 (0.17%) SLA
10 1 (0.17%) Web Application Security Consortium
System Software
1 33 (5.66%) Snort
2 23 (3.95%) Docker
3 13 (2.23%) Active Directory
4 11 (1.89%) VMware Infrastructure
5 10 (1.72%) vSphere
6 7 (1.20%) Hyper-V
7 5 (0.86%) KVM
8 3 (0.51%) ProxySG
9 2 (0.34%) Squid
9 2 (0.34%) Virtual Servers
10 1 (0.17%) Firmware
Systems Management
1 29 (4.97%) Nessus
2 23 (3.95%) OSSEC
3 16 (2.74%) QRadar
4 12 (2.06%) Nexpose
5 11 (1.89%) EnCase
5 11 (1.89%) Nmap
5 11 (1.89%) SCCM
6 10 (1.72%) Puppet
6 10 (1.72%) Salt
6 10 (1.72%) Suricata
7 9 (1.54%) Kubernetes
8 8 (1.37%) Network Intrusion Detection System
9 7 (1.20%) FTK
9 7 (1.20%) Terraform
10 6 (1.03%) WSUS
11 5 (0.86%) OpenVAS
11 5 (0.86%) SCOM
12 4 (0.69%) RSA Archer
13 3 (0.51%) Computer Emergency Response Teams
13 3 (0.51%) Prometheus
Vendors
1 55 (9.43%) Microsoft
2 42 (7.20%) Cisco
3 32 (5.49%) Qualys
4 25 (4.29%) Splunk
5 22 (3.77%) Palo Alto
6 17 (2.92%) ArcSight
6 17 (2.92%) Google
7 16 (2.74%) CheckPoint
8 15 (2.57%) IBM
9 14 (2.40%) LogRhythm
9 14 (2.40%) VMware
10 11 (1.89%) ServiceNow
11 10 (1.72%) CyberArk
11 10 (1.72%) McAfee
11 10 (1.72%) Symantec
12 8 (1.37%) Forcepoint
12 8 (1.37%) Rapid7
13 7 (1.20%) Bomgar
13 7 (1.20%) FireEye
13 7 (1.20%) NetWitness