Period
to 23 November 2017

The following table provides summary statistics for permanent job vacancies advertised in the South East with a requirement for Penetration Testing skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Penetration Testing over the 6 months to 23 November 2017 with a comparison to the same period in the previous 2 years.

Penetration Testing
England > South East
6 months to
23 Nov 2017
Same period 2016 Same period 2015
Rank 258 278 426
Rank change year-on-year +20 +148 +13
Permanent jobs citing Penetration Testing 357 373 241
As % of all permanent IT jobs advertised in the South East 1.16% 1.06% 0.57%
As % of the Processes & Methodologies category 1.33% 1.22% 0.65%
Number of salaries quoted 283 296 197
South East median annual salary £52,500 £55,000 £52,500
Median salary % change year-on-year -4.55% +4.76% +10.53%
10th Percentile £35,000 £36,250 £32,000
90th Percentile £75,000 £87,500 £75,000
England median annual salary £55,000 £57,500 £52,500
% change year-on-year -4.35% +9.52% -

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in the South East with a requirement for process or methodology skills.

All Process and Methodology Skills
South East
Permanent vacancies with a requirement for process or methodology skills 26921 30674 37032
As % of all permanent IT jobs advertised in the South East 87.45% 87.40% 86.98%
Number of salaries quoted 22140 25444 30626
South East median annual salary £45,000 £45,000 £45,000
10th Percentile £27,500 £27,500 £26,250
90th Percentile £68,750 £68,750 £67,500
England median annual salary £50,000 £50,000 £47,500
% change year-on-year - +5.26% +5.56%

Penetration Testing
Job Vacancy Trend in the South East

Job postings citing Penetration Testing as a percentage of all IT jobs advertised in the South East.

Job vacancy trend for Penetration Testing in the South East

Penetration Testing
Salary Trend in the South East

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing Penetration Testing in the South East.

Salary trend for Penetration Testing in the South East

Penetration Testing
Salary Histogram in the South East

The salary distribution of IT jobs citing Penetration Testing in the South East over the 6 months to 23 November 2017.

Salary histogram for Penetration Testing in the South East

Penetration Testing
Job Locations in the South East

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the South East region over the 6 months to 23 November 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
Thames Valley +2 149 £50,000 -13.04% 17
Surrey +94 124 £52,500 -4.55% 9
Oxfordshire -33 87 £50,000 -16.67% 7
Hampshire 0 65 £63,500 +5.83% 4
Berkshire +55 45 £46,250 -19.57% 5
Buckinghamshire +27 17 £52,500 -34.38% 5
Kent -26 12 £37,500 -16.67%
West Sussex -8 2 £45,750 -29.62%
Middlesex - 2 £85,000 -
Penetration Testing
England

For the 6 months to 23 November 2017, IT jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads across the South East region with a requirement for Penetration Testing.

1 223 (62.46%) Information Security
2 166 (46.50%) Cybersecurity
3 150 (42.02%) ISO/IEC 27001
4 144 (40.34%) CISSP
5 111 (31.09%) Firewall
6 99 (27.73%) CISM
7 95 (26.61%) Finance
8 77 (21.57%) Risk Assessment
9 73 (20.45%) Network Security
10 71 (19.89%) PCI DSS
11 69 (19.33%) Risk Management
12 68 (19.05%) Linux
12 68 (19.05%) Ethical Hacking
13 60 (16.81%) Management Information System
13 60 (16.81%) Security Architecture
14 58 (16.25%) Windows
14 58 (16.25%) Vulnerability Assessment
15 53 (14.85%) ITIL
15 53 (14.85%) Security Cleared
16 52 (14.57%) Degree
17 50 (14.01%) Risk Analysis
18 49 (13.73%) Security Operations
18 49 (13.73%) Telecoms
19 48 (13.45%) GIAC
20 47 (13.17%) Security Management
20 47 (13.17%) Active Directory
20 47 (13.17%) Data Centre
20 47 (13.17%) SIEM
21 45 (12.61%) TCP/IP
22 42 (11.76%) C

Penetration Testing
Co-occurring IT Skills in the South East by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 5 (1.40%) OpenStack
2 3 (0.84%) Elasticsearch
2 3 (0.84%) nginx
3 2 (0.56%) Apache
3 2 (0.56%) IIS
3 2 (0.56%) JBoss
3 2 (0.56%) SharePoint
4 1 (0.28%) BizTalk Server
4 1 (0.28%) Confluence
4 1 (0.28%) MS Exchange
4 1 (0.28%) Skype for Business
4 1 (0.28%) Tomcat
Applications
1 9 (2.52%) Spreadsheet
2 3 (0.84%) Microsoft Excel
2 3 (0.84%) Microsoft PowerPoint
3 2 (0.56%) MS Visio
4 1 (0.28%) Microsoft Office
Business Applications
1 6 (1.68%) Payment Gateway
2 2 (0.56%) Dynamics CRM
Cloud Services
1 30 (8.40%) Amazon AWS
2 20 (5.60%) SaaS
3 19 (5.32%) IaaS
4 9 (2.52%) Microsoft Azure
5 3 (0.84%) Amazon S3
5 3 (0.84%) Amazon SQS
5 3 (0.84%) GitHub
6 1 (0.28%) Cloud Computing
6 1 (0.28%) Office 365
Communications & Networking
1 111 (31.09%) Firewall
2 73 (20.45%) Network Security
3 45 (12.61%) TCP/IP
4 23 (6.44%) Ethernet
5 21 (5.88%) Cisco ASA
6 19 (5.32%) VPN
7 18 (5.04%) SS7
8 17 (4.76%) Internet
8 17 (4.76%) IPsec
8 17 (4.76%) SSL
9 14 (3.92%) Radio Access Network
9 14 (3.92%) VoLTE
10 13 (3.64%) HTTP
11 12 (3.36%) Wireless
12 11 (3.08%) WAN
13 10 (2.80%) SMTP
14 9 (2.52%) Cisco Nexus
14 9 (2.52%) IP Telephony
14 9 (2.52%) VoIP
15 8 (2.24%) DMVPN
Database & Business Intelligence
1 3 (0.84%) Big Data
1 3 (0.84%) MySQL
2 1 (0.28%) SQL Server
Development Applications
1 11 (3.08%) Metasploit
2 7 (1.96%) Burp Suite
3 3 (0.84%) IDA Disassembler
4 2 (0.56%) Selenium
5 1 (0.28%) Appium
5 1 (0.28%) AppScan
5 1 (0.28%) JIRA
5 1 (0.28%) SoapUI
5 1 (0.28%) SpecFlow
5 1 (0.28%) Team Foundation Server
5 1 (0.28%) Xcode
General
1 95 (26.61%) Finance
2 49 (13.73%) Telecoms
3 21 (5.88%) Legal
4 8 (2.24%) Digital Economy
4 8 (2.24%) Publishing
5 7 (1.96%) Banking
6 6 (1.68%) Financial Institution
7 2 (0.56%) Aerospace
7 2 (0.56%) Electronics
7 2 (0.56%) Investment Banking
7 2 (0.56%) Marketing
7 2 (0.56%) Spanish Language
8 1 (0.28%) Billing
8 1 (0.28%) Games
8 1 (0.28%) Law
8 1 (0.28%) Manufacturing
8 1 (0.28%) Retail
Job Titles
1 99 (27.73%) Analyst
2 95 (26.61%) Security Analyst
3 55 (15.41%) Consultant
4 48 (13.45%) Security Consultant
5 45 (12.61%) Penetration Tester
5 45 (12.61%) Tester
6 37 (10.36%) Information Analyst
6 37 (10.36%) Information Security Analyst
7 36 (10.08%) Business Development Manager
7 36 (10.08%) Business Manager
7 36 (10.08%) Development Manager
7 36 (10.08%) Security Engineer
8 27 (7.56%) Network Engineer
9 25 (7.00%) IT Analyst
9 25 (7.00%) IT Security Analyst
10 22 (6.16%) Security Manager
11 14 (3.92%) IP Network Engineer
11 14 (3.92%) IT Engineer
11 14 (3.92%) IT Security Engineer
11 14 (3.92%) VoLTE Engineer
Libraries, Frameworks & Software Standards
1 15 (4.20%) Web Services
2 10 (2.80%) .NET
2 10 (2.80%) Middleware
3 9 (2.52%) HTML
4 8 (2.24%) Node.js
5 6 (1.68%) JSON
5 6 (1.68%) RESTful
5 6 (1.68%) XML
6 5 (1.40%) ASP.NET Web API
6 5 (1.40%) HTML5
7 4 (1.12%) Ajax
8 3 (0.84%) CSS
8 3 (0.84%) Elastic Stack
8 3 (0.84%) jQuery
8 3 (0.84%) Laravel
8 3 (0.84%) LEMP Stack
8 3 (0.84%) Memcached
9 2 (0.56%) REST
10 1 (0.28%) 802.1X
10 1 (0.28%) ASP.NET
Miscellaneous
1 60 (16.81%) Management Information System
2 47 (13.17%) Data Centre
3 29 (8.12%) Cyberthreat
4 28 (7.84%) Data Protection Act
5 14 (3.92%) Cyber Attack
5 14 (3.92%) Smartphone
6 12 (3.36%) Mobile App
7 11 (3.08%) Computer Science
8 10 (2.80%) Public Cloud
9 9 (2.52%) CESG
9 9 (2.52%) Clustering
10 8 (2.24%) Analytical Skills
10 8 (2.24%) Blog
10 8 (2.24%) iSeries
11 7 (1.96%) Security Operations Centre
12 6 (1.68%) Cybercrime
13 5 (1.40%) Cloud Native
14 3 (0.84%) Cyber Defence
14 3 (0.84%) Field-Programmable Gate Array
14 3 (0.84%) Machine to Machine
Operating Systems
1 68 (19.05%) Linux
2 58 (16.25%) Windows
3 31 (8.68%) Unix
4 21 (5.88%) Android
5 16 (4.48%) Windows Server
6 14 (3.92%) Apple iOS
7 12 (3.36%) VxWorks
8 9 (2.52%) Kali Linux
9 8 (2.24%) Solaris
10 7 (1.96%) Mac OS X
11 4 (1.12%) Windows Server 2008
12 3 (0.84%) Ubuntu
13 2 (0.56%) Red Hat Enterprise Linux
13 2 (0.56%) Windows 10
13 2 (0.56%) Windows 7
14 1 (0.28%) Debian
Processes & Methodologies
1 223 (62.46%) Information Security
2 166 (46.50%) Cybersecurity
3 77 (21.57%) Risk Assessment
4 69 (19.33%) Risk Management
5 68 (19.05%) Ethical Hacking
6 60 (16.81%) Security Architecture
7 58 (16.25%) Vulnerability Assessment
8 53 (14.85%) ITIL
9 50 (14.01%) Risk Analysis
10 49 (13.73%) Security Operations
11 47 (13.17%) Security Management
11 47 (13.17%) SIEM
12 41 (11.48%) Information Security Management
13 40 (11.20%) Data Protection
14 39 (10.92%) OWASP
15 37 (10.36%) Process Improvement
16 36 (10.08%) Business Development
17 35 (9.80%) Vulnerability Management
18 34 (9.52%) Vulnerability Scanning
19 33 (9.24%) Security Testing
Programming Languages
1 42 (11.76%) C
2 32 (8.96%) Java
3 26 (7.28%) Python
4 17 (4.76%) C++
5 14 (3.92%) PHP
6 9 (2.52%) Perl
7 8 (2.24%) VB.NET
8 5 (1.40%) C#
8 5 (1.40%) JavaScript
9 3 (0.84%) Bash Shell
9 3 (0.84%) PowerShell
9 3 (0.84%) Shell Script
10 2 (0.56%) SQL
11 1 (0.28%) Objective-C
11 1 (0.28%) VBA
Qualifications
1 144 (40.34%) CISSP
2 99 (27.73%) CISM
3 53 (14.85%) Security Cleared
4 52 (14.57%) Degree
5 48 (13.45%) GIAC
6 37 (10.36%) CRISC
7 36 (10.08%) CEH
8 33 (9.24%) DV Cleared
9 25 (7.00%) CREST Certified
10 17 (4.76%) OSCP
11 16 (4.48%) SC Cleared
12 15 (4.20%) Cisco Certification
13 14 (3.92%) CCNP
14 10 (2.80%) SSCP
15 7 (1.96%) GCIH
15 7 (1.96%) ISO 27001 Lead Auditor
16 6 (1.68%) CHECK Team Member
16 6 (1.68%) GCIA
16 6 (1.68%) SANS
17 5 (1.40%) ITIL Certification
Quality Assurance & Compliance
1 150 (42.02%) ISO/IEC 27001
2 71 (19.89%) PCI DSS
3 28 (7.84%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
4 17 (4.76%) Cyber Essentials
4 17 (4.76%) GDPR
5 15 (4.20%) QA
6 14 (3.92%) ISO/IEC 27005
7 11 (3.08%) COBIT
8 7 (1.96%) HMG Security Policy Framework
8 7 (1.96%) ISO 22301
8 7 (1.96%) ISO 31000
9 4 (1.12%) ISO 9001
9 4 (1.12%) NIST 800
10 2 (0.56%) Cyber Essentials PLUS
10 2 (0.56%) PA-DSS
10 2 (0.56%) Sarbanes-Oxley
11 1 (0.28%) HIPAA
11 1 (0.28%) JSP 440
11 1 (0.28%) SLA
System Software
1 47 (13.17%) Active Directory
2 8 (2.24%) VMware ESXi
3 2 (0.56%) Firmware
4 1 (0.28%) Hyper-V
4 1 (0.28%) VMware Infrastructure
Systems Management
1 14 (3.92%) Nessus
2 12 (3.36%) Nmap
3 7 (1.96%) Kibana
3 7 (1.96%) logstash
4 6 (1.68%) Computer Emergency Response Teams
5 1 (0.28%) WebInspect
Vendors
1 30 (8.40%) Splunk
2 26 (7.28%) Cisco
3 18 (5.04%) VMware
4 13 (3.64%) Qualys
5 12 (3.36%) Sophos
6 8 (2.24%) NetWitness
7 7 (1.96%) Apple
8 6 (1.68%) Oracle
9 5 (1.40%) F5
9 5 (1.40%) GENBAND
9 5 (1.40%) SolarWinds
10 4 (1.12%) CheckPoint
10 4 (1.12%) Microsoft
11 3 (0.84%) BT
11 3 (0.84%) Codenomicon
12 1 (0.28%) HP
12 1 (0.28%) IBM
12 1 (0.28%) NetApp
12 1 (0.28%) Red Hat
12 1 (0.28%) SAP