Period
to 14 November 2018

The following table provides summary statistics for permanent job vacancies advertised in the UK excluding London with a requirement for Penetration Testing skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Penetration Testing over the 6 months to 14 November 2018 with a comparison to the same period in the previous 2 years.

Penetration Testing
UK > UK excluding London
6 months to
14 Nov 2018
Same period 2017 Same period 2016
Rank 363 373 345
Rank change year-on-year +10 -28 +131
Permanent jobs citing Penetration Testing 719 766 958
As % of all permanent IT jobs advertised in the UK excluding London 0.78% 0.76% 0.87%
As % of the Processes & Methodologies category 0.86% 0.84% 0.96%
Number of salaries quoted 568 603 730
UK excluding London median annual salary £52,500 £50,000 £50,000
Median salary % change year-on-year +5.00% - +5.26%
10th Percentile £36,500 £33,750 £32,500
90th Percentile £70,000 £70,250 £80,000
UK median annual salary £60,000 £55,000 £57,500
% change year-on-year +9.09% -4.35% +7.71%

Penetration Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in the UK excluding London with a requirement for process or methodology skills.

All Process and Methodology Skills
UK excluding London
Permanent vacancies with a requirement for process or methodology skills 83,448 91,248 99,518
As % of all permanent IT jobs advertised in the UK excluding London 90.89% 90.60% 90.32%
Number of salaries quoted 65,998 74,045 81,146
UK excluding London median annual salary £45,000 £42,500 £42,500
Median salary % change year-on-year +5.88% - -
10th Percentile £26,500 £26,250 £26,250
90th Percentile £70,000 £66,000 £66,250
UK median annual salary £50,000 £50,000 £48,000
% change year-on-year - +4.17% +1.05%

Penetration Testing
Job Vacancy Trend in the UK excluding London

Job postings citing Penetration Testing as a percentage of all IT jobs advertised in the UK excluding London.

Job vacancy trend for Penetration Testing in the UK excluding London

Penetration Testing
Salary Trend in the UK excluding London

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing Penetration Testing in the UK excluding London.

Salary trend for Penetration Testing in the UK excluding London

Penetration Testing
Salary Histogram in the UK excluding London

The salary distribution of IT jobs citing Penetration Testing in the UK excluding London over the 6 months to 14 November 2018.

Salary histogram for Penetration Testing in the UK excluding London

Penetration Testing
Job Locations in the UK excluding London

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Penetration Testing within the UK excluding London region over the 6 months to 14 November 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
North of England +130 312 £50,000 - 28
North West +110 242 £50,000 -4.76% 15
South East -161 123 £60,000 +14.29% 24
East of England +76 112 £65,000 +13.04% 13
Midlands -9 71 £45,000 - 16
South West +7 66 £50,000 +11.11% 14
Yorkshire +40 59 £46,000 -3.16% 12
West Midlands -14 44 £42,000 -9.19% 12
East Midlands +23 27 £55,000 +46.67% 4
Wales +6 14 £43,000 -9.47% 1
Scotland -12 13 £46,750 +24.67% 5
North East +4 11 £65,750 +10.50% 1
Northern Ireland +11 8 £62,500 +4.17% 1
Penetration Testing
UK

For the 6 months to 14 November 2018, IT jobs citing Penetration Testing also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads across the UK excluding London region with a requirement for Penetration Testing.

1 381 (52.99%) Information Security
2 365 (50.76%) CISSP
3 286 (39.78%) Linux
4 283 (39.36%) SIEM
5 278 (38.66%) ISO/IEC 27001
6 274 (38.11%) Microsoft
7 262 (36.44%) Windows
8 218 (30.32%) Cybersecurity
9 164 (22.81%) SANS
9 164 (22.81%) PCI DSS
10 163 (22.67%) OWASP
11 156 (21.70%) GDPR
12 153 (21.28%) Vulnerability Management
13 144 (20.03%) Vulnerability Assessment
14 142 (19.75%) Risk Management
15 138 (19.19%) Cisco Certification
16 136 (18.92%) Firewall
17 132 (18.36%) Cisco
18 131 (18.22%) Network Security
19 127 (17.66%) Management Information System
20 126 (17.52%) Security Management
21 125 (17.39%) Microsoft Azure
22 123 (17.11%) Data Protection
23 122 (16.97%) Degree
23 122 (16.97%) Finance
23 122 (16.97%) CREST Certified
24 121 (16.83%) Amazon AWS
25 119 (16.55%) SQL
26 112 (15.58%) Data Loss Prevention
27 111 (15.44%) Disaster Recovery

Penetration Testing
Co-occurring IT Skills in the UK excluding London by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 28 (3.89%) Apache Pig
1 28 (3.89%) SharePoint
2 10 (1.39%) Confluence
3 4 (0.56%) Apache
3 4 (0.56%) IIS
3 4 (0.56%) MS Exchange
3 4 (0.56%) nginx
3 4 (0.56%) Skype for Business
4 2 (0.28%) Apache Spark
5 1 (0.14%) BizTalk Server
5 1 (0.14%) Elasticsearch
5 1 (0.14%) Exchange Server 2010
5 1 (0.14%) Exchange Server 2013
5 1 (0.14%) IBM Domino
5 1 (0.14%) IBM Notes
5 1 (0.14%) Mendix
5 1 (0.14%) WebSphere
Applications
1 80 (11.13%) Microsoft PowerPoint
2 14 (1.95%) Microsoft Office
3 3 (0.42%) Microsoft Project
3 3 (0.42%) MS Visio
4 2 (0.28%) Microsoft Excel
Business Applications
1 1 (0.14%) Dynamics CRM
1 1 (0.14%) Dynamics NAV
1 1 (0.14%) SAP IS-U
Cloud Services
1 125 (17.39%) Microsoft Azure
2 121 (16.83%) Amazon AWS
3 18 (2.50%) Office 365
4 15 (2.09%) SaaS
5 12 (1.67%) Cloud Computing
5 12 (1.67%) IaaS
6 10 (1.39%) Virtual Private Cloud
7 6 (0.83%) AWS CloudFormation
7 6 (0.83%) Google Cloud Platform
8 3 (0.42%) PaaS
9 2 (0.28%) IBM Cloud
9 2 (0.28%) Serverless
10 1 (0.14%) Amazon EC2
10 1 (0.14%) Amazon ELB
10 1 (0.14%) Amazon S3
10 1 (0.14%) Amazon SQS
10 1 (0.14%) GitHub
10 1 (0.14%) Route 53
10 1 (0.14%) Sumo Logic
Communications & Networking
1 136 (18.92%) Firewall
2 131 (18.22%) Network Security
3 87 (12.10%) Wi-Fi
4 50 (6.95%) TCP/IP
5 45 (6.26%) SSL
6 40 (5.56%) HTTP
7 31 (4.31%) Intrusion Detection
7 31 (4.31%) VPN
8 25 (3.48%) DNS
9 19 (2.64%) LAN
10 17 (2.36%) WAN
11 15 (2.09%) IPsec
12 14 (1.95%) Internet
12 14 (1.95%) Wireless
13 12 (1.67%) Cisco ASA
14 11 (1.53%) SAN
15 9 (1.25%) F5 BIG-IP GTM
15 9 (1.25%) F5 BIG-IP LTM
15 9 (1.25%) VLAN
16 8 (1.11%) BGP
Database & Business Intelligence
1 39 (5.42%) MySQL
2 38 (5.29%) Big Data
3 36 (5.01%) SQL Server
4 34 (4.73%) Hadoop
5 28 (3.89%) Apache Hive
6 9 (1.25%) Data Warehouse
7 7 (0.97%) NoSQL
8 5 (0.70%) Redis
9 3 (0.42%) Relational Database
10 2 (0.28%) DB2
10 2 (0.28%) HBase
10 2 (0.28%) Impala
10 2 (0.28%) MongoDB
10 2 (0.28%) NonStop SQL
10 2 (0.28%) Parquet
10 2 (0.28%) RDBMS
10 2 (0.28%) Sqoop
11 1 (0.14%) GIS
11 1 (0.14%) SAP BW
11 1 (0.14%) SQL Server Integration Services
Development Applications
1 53 (7.37%) JIRA
2 44 (6.12%) Selenium
3 38 (5.29%) Git (software)
4 31 (4.31%) Atlassian Bamboo
5 30 (4.17%) Bitbucket
5 30 (4.17%) CodeSonar
5 30 (4.17%) git-flow
5 30 (4.17%) Robot Framework
6 24 (3.34%) Metasploit
7 15 (2.09%) Burp Suite
8 7 (0.97%) Jenkins
9 6 (0.83%) Cucumber
10 5 (0.70%) LoadRunner
10 5 (0.70%) Subversion
11 4 (0.56%) AppScan
11 4 (0.56%) IDA Disassembler
12 3 (0.42%) GDB
12 3 (0.42%) SoapUI
13 2 (0.28%) TeamCity
14 1 (0.14%) WebDriver
General
1 122 (16.97%) Finance
2 97 (13.49%) Legal
3 53 (7.37%) Retail
4 21 (2.92%) Telecoms
5 11 (1.53%) Advertising
6 10 (1.39%) Billing
7 7 (0.97%) Electronics
7 7 (0.97%) Law
8 4 (0.56%) Automotive
8 4 (0.56%) Banking
8 4 (0.56%) Military
9 3 (0.42%) Brand Awareness
9 3 (0.42%) Games
9 3 (0.42%) Marketing
9 3 (0.42%) Pharmaceutical
10 2 (0.28%) Financial Institution
10 2 (0.28%) Publishing
11 1 (0.14%) Investment Banking
11 1 (0.14%) Manufacturing
Job Titles
1 163 (22.67%) Analyst
2 145 (20.17%) Security Analyst
3 130 (18.08%) Security Manager
4 101 (14.05%) Information Manager
4 101 (14.05%) Information Security Manager
5 98 (13.63%) IT Analyst
5 98 (13.63%) IT Security Analyst
6 91 (12.66%) Security Engineer
7 86 (11.96%) Senior Analyst
8 82 (11.40%) Senior Security Analyst
9 80 (11.13%) Senior IT Security Analyst
10 71 (9.87%) Tester
11 61 (8.48%) Penetration Tester
12 49 (6.82%) Architect
13 46 (6.40%) Consultant
14 41 (5.70%) Security Architect
15 36 (5.01%) Security Consultant
16 31 (4.31%) IT Manager
17 30 (4.17%) Software Engineer
18 29 (4.03%) Security Specialist
Libraries, Frameworks & Software Standards
1 42 (5.84%) REST
2 38 (5.29%) .NET
3 36 (5.01%) SOAP
4 34 (4.73%) RabbitMQ
5 33 (4.59%) Django
5 33 (4.59%) Java EE
5 33 (4.59%) STL
6 31 (4.31%) ASP.NET
6 31 (4.31%) Node.js
7 30 (4.17%) .NET Framework
7 30 (4.17%) LAMP
7 30 (4.17%) Spring MVC
8 21 (2.92%) HTML
9 16 (2.23%) CSS
10 12 (1.67%) JSON
11 11 (1.53%) Web Services
12 9 (1.25%) Laravel
13 6 (0.83%) Ajax
13 6 (0.83%) OpenID
13 6 (0.83%) SAML
Miscellaneous
1 127 (17.66%) Management Information System
2 85 (11.82%) Cyber Kill Chain
3 51 (7.09%) Analytical Skills
4 48 (6.68%) Security Operations Centre
5 43 (5.98%) Data Centre
6 32 (4.45%) Computer Science
7 29 (4.03%) Cyberthreat
8 22 (3.06%) Self-Motivation
9 21 (2.92%) Mobile App
10 16 (2.23%) Data Protection Act
11 11 (1.53%) Distributed Denial-of-Service
12 10 (1.39%) Public Cloud
13 9 (1.25%) Enterprise Software
13 9 (1.25%) PKI
14 8 (1.11%) Cyberattack
15 6 (0.83%) Clustering
15 6 (0.83%) Embedded Systems
15 6 (0.83%) Fintech
15 6 (0.83%) Greenfield Project
16 5 (0.70%) Enterprise Cloud
Operating Systems
1 286 (39.78%) Linux
2 262 (36.44%) Windows
3 37 (5.15%) Android
3 37 (5.15%) Apple iOS
4 30 (4.17%) Mac OS X
5 21 (2.92%) Kali Linux
5 21 (2.92%) Unix
5 21 (2.92%) Windows Server
6 8 (1.11%) Windows Server 2008
7 1 (0.14%) Red Hat Enterprise Linux
7 1 (0.14%) Solaris
7 1 (0.14%) Windows Phone
7 1 (0.14%) zOS
Processes & Methodologies
1 381 (52.99%) Information Security
2 283 (39.36%) SIEM
3 218 (30.32%) Cybersecurity
4 163 (22.67%) OWASP
5 153 (21.28%) Vulnerability Management
6 144 (20.03%) Vulnerability Assessment
7 142 (19.75%) Risk Management
8 126 (17.52%) Security Management
9 123 (17.11%) Data Protection
10 112 (15.58%) Data Loss Prevention
11 111 (15.44%) Disaster Recovery
12 107 (14.88%) Mentoring
13 105 (14.60%) Agile Software Development
14 103 (14.33%) Business Continuity
15 101 (14.05%) Incident Management
16 94 (13.07%) Security Operations
17 89 (12.38%) Due Diligence
18 85 (11.82%) Web Development
19 83 (11.54%) Risk Analysis
19 83 (11.54%) Scenario Testing
Programming Languages
1 119 (16.55%) SQL
2 91 (12.66%) Python
3 78 (10.85%) Java
4 60 (8.34%) PHP
5 57 (7.93%) C++
6 56 (7.79%) C
7 54 (7.51%) C#
8 48 (6.68%) JavaScript
9 47 (6.54%) Bash Shell
10 40 (5.56%) PowerShell
11 38 (5.29%) Perl
12 35 (4.87%) Objective-C
13 31 (4.31%) Ruby
14 13 (1.81%) Go
15 4 (0.56%) Assembly Language
15 4 (0.56%) Shell Script
16 3 (0.42%) VB
17 2 (0.28%) T-SQL
18 1 (0.14%) Apple Swift
18 1 (0.14%) VBScript
Qualifications
1 365 (50.76%) CISSP
2 164 (22.81%) SANS
3 138 (19.19%) Cisco Certification
4 122 (16.97%) CREST Certified
4 122 (16.97%) Degree
5 99 (13.77%) CISM
6 95 (13.21%) (ISC)2 CCSP
7 88 (12.24%) Security Cleared
8 65 (9.04%) GIAC
9 64 (8.90%) OSCP
10 63 (8.76%) SSCP
11 61 (8.48%) DV Cleared
12 58 (8.07%) Microsoft Certification
13 55 (7.65%) CEH
14 54 (7.51%) MCSE
15 49 (6.82%) CISA
15 49 (6.82%) CompTIA Security+
16 35 (4.87%) CCNA
17 34 (4.73%) CSSLP
18 31 (4.31%) Network+ Certification
Quality Assurance & Compliance
1 278 (38.66%) ISO/IEC 27001
2 164 (22.81%) PCI DSS
3 156 (21.70%) GDPR
4 40 (5.56%) Cyber Essentials
5 24 (3.34%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
6 20 (2.78%) COBIT
7 15 (2.09%) Cyber Essentials PLUS
8 14 (1.95%) QA
9 13 (1.81%) HIPAA
9 13 (1.81%) Sarbanes-Oxley
10 9 (1.25%) ISO 22301
11 7 (0.97%) SLA
12 5 (0.70%) PMO
13 3 (0.42%) RMADS
14 2 (0.28%) Data Quality
14 2 (0.28%) ISO 9001
15 1 (0.14%) GPG13
15 1 (0.14%) Web Application Security Consortium
System Software
1 100 (13.91%) VMware Infrastructure
2 95 (13.21%) Active Directory
3 32 (4.45%) Docker
4 30 (4.17%) vSphere
5 11 (1.53%) Firmware
6 4 (0.56%) ProxySG
7 2 (0.28%) Apache Flume
7 2 (0.28%) HDFS
7 2 (0.28%) Virtual Machines
8 1 (0.14%) Virtual Servers
8 1 (0.14%) VMware ESXi
8 1 (0.14%) VMware Server
Systems Management
1 40 (5.56%) Nessus
2 38 (5.29%) Puppet
3 30 (4.17%) Salt
4 23 (3.20%) Nmap
5 10 (1.39%) Opscode Chef
6 8 (1.11%) Nexpose
7 6 (0.83%) Ansible
7 6 (0.83%) OpenVAS
8 5 (0.70%) AirWatch
8 5 (0.70%) Defensics
8 5 (0.70%) Foglight
8 5 (0.70%) Microsoft Clustering
9 4 (0.56%) McAfee ePO
10 3 (0.42%) Computer Emergency Response Teams
11 2 (0.28%) Cisco CUCM
11 2 (0.28%) Cisco UCCX
11 2 (0.28%) Oozie
11 2 (0.28%) QRadar
11 2 (0.28%) TrustSec
11 2 (0.28%) WebInspect
Vendors
1 274 (38.11%) Microsoft
2 132 (18.36%) Cisco
3 108 (15.02%) VMware
4 20 (2.78%) LogRhythm
4 20 (2.78%) Qualys
4 20 (2.78%) Splunk
5 18 (2.50%) Red Hat
6 16 (2.23%) CheckPoint
7 15 (2.09%) Blue Coat
7 15 (2.09%) F5
8 13 (1.81%) AlienVault
8 13 (1.81%) HP
8 13 (1.81%) Juniper
8 13 (1.81%) Netsparker
9 11 (1.53%) Sophos
9 11 (1.53%) Symantec
10 10 (1.39%) SolarWinds
11 9 (1.25%) McAfee
12 7 (0.97%) Fortinet
13 6 (0.83%) NetApp