Period
to 19 October 2021

The following table provides summary statistics for permanent job vacancies with a requirement for OWASP skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited OWASP over the 6 months to 19 October 2021 with a comparison to the same period in the previous 2 years.

Open Web Application Security Project (OWASP)
UK
6 months to
19 Oct 2021
Same period 2020 Same period 2019
Rank 508 407 638
Rank change year-on-year -101 +231 -2
Permanent jobs citing OWASP 697 321 495
As % of all permanent jobs advertised in the UK 0.56% 0.66% 0.36%
As % of the Processes & Methodologies category 0.59% 0.71% 0.39%
Number of salaries quoted 438 269 320
10th Percentile £45,000 £45,000 £39,295
25th Percentile £55,000 £53,750 £46,250
Median annual salary (50th Percentile) £75,000 £65,000 £60,000
Median % change year-on-year +15.38% +8.33% -
75th Percentile £90,000 £80,000 £81,938
90th Percentile £101,250 £95,000 £95,000
UK excluding London median annual salary £61,750 £60,000 £52,500
% change year-on-year +2.92% +14.29% -4.55%

OWASP is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

All Process and Methodology Skills
UK
Permanent vacancies with a requirement for process or methodology skills 118,311 45,094 126,251
As % of all permanent IT jobs advertised in the UK 94.22% 93.12% 92.62%
Number of salaries quoted 78,392 37,630 100,617
10th Percentile £32,750 £33,000 £30,000
25th Percentile £42,500 £42,500 £37,750
Median annual salary (50th Percentile) £57,500 £55,000 £52,500
Median % change year-on-year +4.55% +4.76% +5.00%
75th Percentile £77,500 £73,750 £70,000
90th Percentile £95,000 £90,000 £86,250
UK excluding London median annual salary £50,000 £48,750 £45,000
% change year-on-year +2.56% +8.33% -

OWASP
Job Vacancy Trend

Job postings citing OWASP as a proportion of all IT jobs advertised.

Job vacancy trend for OWASP in the UK

OWASP
Salary Trend

3-month moving average salary quoted in jobs citing OWASP.

Salary trend for OWASP in the UK

OWASP
Salary Histogram

Salary distribution for jobs citing OWASP over the 6 months to 19 October 2021.

Salary histogram for OWASP in the UK

OWASP
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing OWASP within the UK over the 6 months to 19 October 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -102 628 £72,500 +11.54% 94
London -46 416 £80,000 +14.29% 46
UK excluding London -188 213 £61,750 +2.92% 52
Work from Home -168 142 £77,500 +29.17% 22
South East -124 109 £75,000 +25.00% 14
North of England -111 53 £55,000 -4.35% 18
North West -97 35 £60,050 +4.43% 11
South West -90 21 £55,000 -13.39% 5
Yorkshire -101 15 £55,000 +46.67% 4
Midlands -113 15 £52,500 +5.00% 5
Scotland -90 14 £58,250 +0.42% 3
East Midlands - 8 £64,250 - 3
West Midlands -124 7 £52,500 +5.00% 2
East of England -94 4 £225,000 +150.00% 6
Wales - 4 - - 1
North East -27 3 £60,000 +64.38% 3
Northern Ireland - 1 - -

For the 6 months to 19 October 2021, IT jobs citing OWASP also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for OWASP.

1 364 (52.22%) Agile Software Development
2 331 (47.49%) Azure
3 299 (42.90%) AWS
4 258 (37.02%) Social Skills
5 255 (36.59%) DevOps
6 227 (32.57%) Finance
7 224 (32.14%) Docker
8 211 (30.27%) Java
9 206 (29.56%) Test Automation
10 191 (27.40%) Kubernetes
11 182 (26.11%) Microservices
12 176 (25.25%) JavaScript
13 171 (24.53%) Information Security
14 168 (24.10%) Python
15 166 (23.82%) Continuous Integration
16 165 (23.67%) Software Engineering
16 165 (23.67%) Microsoft
17 164 (23.53%) GCP
18 158 (22.67%) OAuth
19 153 (21.95%) Cybersecurity
20 147 (21.09%) SDLC
20 147 (21.09%) Git (software)
21 136 (19.51%) Jenkins
22 135 (19.37%) NoSQL
23 134 (19.23%) C#
24 133 (19.08%) React
25 126 (18.08%) Node.js
26 125 (17.93%) CSS
27 124 (17.79%) TDD
28 123 (17.65%) SQL

OWASP
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 48 (6.89%) Confluence
2 34 (4.88%) IIS
3 33 (4.73%) nginx
4 32 (4.59%) Apache
5 11 (1.58%) CMS
6 9 (1.29%) Drupal
6 9 (1.29%) Elasticsearch
7 7 (1.00%) WordPress
8 6 (0.86%) NServiceBus
9 4 (0.57%) Umbraco
10 3 (0.43%) Adobe Experience Manager
10 3 (0.43%) JBoss
11 2 (0.29%) Mule
12 1 (0.14%) EPiServer
12 1 (0.14%) Exchange Server 2010
12 1 (0.14%) MS Exchange
12 1 (0.14%) SAS
12 1 (0.14%) SharePoint
12 1 (0.14%) Sitecore CMS
12 1 (0.14%) WebSphere
Applications
1 17 (2.44%) InVision
1 17 (2.44%) Sketch
2 3 (0.43%) Microsoft Office
3 1 (0.14%) MS Visio
Business Applications
1 10 (1.43%) Oracle BPM
2 8 (1.15%) NetSuite
3 2 (0.29%) Sentinel
4 1 (0.14%) Dynamics AX
4 1 (0.14%) Dynamics CRM
4 1 (0.14%) Magento
4 1 (0.14%) Payment Gateway
Cloud Services
1 331 (47.49%) Azure
2 299 (42.90%) AWS
3 164 (23.53%) GCP
4 121 (17.36%) Serverless
5 59 (8.46%) npm
6 48 (6.89%) SaaS
7 40 (5.74%) AWS Lambda
8 37 (5.31%) PaaS
9 33 (4.73%) OpenShift
10 32 (4.59%) GitHub
11 30 (4.30%) IaaS
12 29 (4.16%) NuGet
13 27 (3.87%) Yarn
14 23 (3.30%) Azure Functions
15 17 (2.44%) AWS CloudFormation
15 17 (2.44%) Cloud Computing
16 16 (2.30%) Microsoft 365
17 11 (1.58%) Azure Cosmos DB
17 11 (1.58%) Cloud Run
18 10 (1.43%) Azure Key Vault
Communications & Networking
1 74 (10.62%) Firewall
2 72 (10.33%) HTTP
3 38 (5.45%) Network Security
4 16 (2.30%) VPN
5 12 (1.72%) TCP/IP
6 11 (1.58%) Intrusion Detection
7 10 (1.43%) Broadband
7 10 (1.43%) MPLS
8 9 (1.29%) Wireless
9 8 (1.15%) DNS
9 8 (1.15%) SSL
10 6 (0.86%) BGP
10 6 (0.86%) DHCP
10 6 (0.86%) Internet
10 6 (0.86%) Skype
11 5 (0.72%) HTTPS
11 5 (0.72%) IPv6
11 5 (0.72%) MQTT
11 5 (0.72%) OSPF
11 5 (0.72%) SNMP
Database & Business Intelligence
1 135 (19.37%) NoSQL
2 98 (14.06%) SQL Server
3 74 (10.62%) MongoDB
4 70 (10.04%) Relational Database
5 50 (7.17%) Amazon DynamoDB
5 50 (7.17%) PostgreSQL
6 32 (4.59%) Azure SQL Database
7 25 (3.59%) MySQL
8 18 (2.58%) Redis
9 12 (1.72%) Hadoop
9 12 (1.72%) Hazelcast
10 10 (1.43%) RDBMS
11 8 (1.15%) Oracle Database
12 5 (0.72%) Amazon Aurora
12 5 (0.72%) Blockchain
13 4 (0.57%) Amazon Redshift
14 3 (0.43%) Apache Cassandra
14 3 (0.43%) MarkLogic
14 3 (0.43%) Power BI
15 2 (0.29%) SQL Server Reporting Services
Development Applications
1 147 (21.09%) Git (software)
2 136 (19.51%) Jenkins
3 74 (10.62%) JIRA
4 63 (9.04%) SonarQube
5 55 (7.89%) webpack
6 52 (7.46%) git-flow
7 47 (6.74%) Atlassian Bamboo
8 41 (5.88%) Cypress.io
9 34 (4.88%) JUnit
10 33 (4.73%) Octopus Deploy
11 32 (4.59%) Burp Suite
12 31 (4.45%) gulp
12 31 (4.45%) Maven
13 28 (4.02%) TeamCity
14 27 (3.87%) Mockito
15 25 (3.59%) Selenium
16 24 (3.44%) Gradle
17 17 (2.44%) PostCSS
18 16 (2.30%) Bower
18 16 (2.30%) Grunt
General
1 258 (37.02%) Social Skills
2 227 (32.57%) Finance
3 77 (11.05%) Banking
4 60 (8.61%) Analytical Skills
5 58 (8.32%) Presentation Skills
6 47 (6.74%) Influencing Skills
6 47 (6.74%) Retail
7 46 (6.60%) Retail Banking
8 39 (5.60%) Inclusion and Diversity
9 38 (5.45%) Telecoms
10 37 (5.31%) Marketing
11 35 (5.02%) Games
12 33 (4.73%) Public Sector
13 31 (4.45%) Legal
14 29 (4.16%) Electronics
15 26 (3.73%) Manufacturing
16 9 (1.29%) Law
16 9 (1.29%) Organisational Skills
17 5 (0.72%) Back Office
17 5 (0.72%) Documentation Skills
Job Titles
1 203 (29.12%) Developer
2 81 (11.62%) Security Engineer
3 63 (9.04%) Architect
4 59 (8.46%) Senior Developer
5 48 (6.89%) Security Architect
6 47 (6.74%) Consultant
7 46 (6.60%) Software Engineer
7 46 (6.60%) Technical Leader
8 37 (5.31%) Front End Developer (Client-Side Developer)
9 33 (4.73%) Azure Engineer
9 33 (4.73%) Security Consultant
10 31 (4.45%) Analyst
10 31 (4.45%) Cloud Engineer
11 30 (4.30%) Java Developer
12 29 (4.16%) UI Developer
13 28 (4.02%) Applications Engineer
14 26 (3.73%) Mobile Developer
14 26 (3.73%) Tester
15 23 (3.30%) Azure Consultant
15 23 (3.30%) Senior Software Engineer
Libraries, Frameworks & Software Standards
1 158 (22.67%) OAuth
2 133 (19.08%) React
3 126 (18.08%) Node.js
4 125 (17.93%) CSS
5 121 (17.36%) AngularJS
6 120 (17.22%) HTML
7 117 (16.79%) OAuth2
8 107 (15.35%) .NET
9 105 (15.06%) Spring
10 89 (12.77%) REST
11 85 (12.20%) HTML5
12 83 (11.91%) Spring Boot
13 73 (10.47%) OpenID
14 72 (10.33%) GraphQL
15 70 (10.04%) .NET Core
16 68 (9.76%) CSS3
17 62 (8.90%) RESTful
18 52 (7.46%) Sass
19 47 (6.74%) Web Services
20 43 (6.17%) ASP.NET
Miscellaneous
1 83 (11.91%) User Experience
2 81 (11.62%) Mobile App
3 60 (8.61%) Cloud Native
4 43 (6.17%) Management Information System
5 35 (5.02%) Public Cloud
6 26 (3.73%) Legacy Applications
7 25 (3.59%) Linux Command Line
8 18 (2.58%) Self-Motivation
9 16 (2.30%) Greenfield Project
9 16 (2.30%) Virtual Team
10 13 (1.87%) Social Network
11 11 (1.58%) Reinsurance
12 10 (1.43%) Data Protection Act
13 9 (1.29%) Digital Media
13 9 (1.29%) Hybrid Cloud
14 8 (1.15%) Blog
14 8 (1.15%) Cyberthreat
15 7 (1.00%) Animation
16 6 (0.86%) PKI
16 6 (0.86%) Social Media
Operating Systems
1 76 (10.90%) Linux
2 69 (9.90%) Windows
3 37 (5.31%) Android
4 33 (4.73%) Apple iOS
5 11 (1.58%) Unix
6 8 (1.15%) Kali Linux
6 8 (1.15%) Solaris
7 6 (0.86%) CentOS
8 5 (0.72%) Windows Server
9 2 (0.29%) Windows 10
9 2 (0.29%) Windows Server 2012
9 2 (0.29%) Windows Server 2016
9 2 (0.29%) Windows Server 2019
10 1 (0.14%) Windows Server 2008
10 1 (0.14%) zOS
Processes & Methodologies
1 364 (52.22%) Agile Software Development
2 255 (36.59%) DevOps
3 206 (29.56%) Test Automation
4 182 (26.11%) Microservices
5 171 (24.53%) Information Security
6 166 (23.82%) Continuous Integration
7 165 (23.67%) Software Engineering
8 153 (21.95%) Cybersecurity
9 147 (21.09%) SDLC
10 124 (17.79%) TDD
11 109 (15.64%) Threat Modelling
12 107 (15.35%) Problem-Solving
13 101 (14.49%) Penetration Testing
14 97 (13.92%) Vulnerability Management
15 89 (12.77%) Security Testing
16 88 (12.63%) Continuous Delivery
17 84 (12.05%) Open Source
18 75 (10.76%) DevSecOps
19 71 (10.19%) Data Protection
20 70 (10.04%) Technical Leadership
Programming Languages
1 211 (30.27%) Java
2 176 (25.25%) JavaScript
3 168 (24.10%) Python
4 134 (19.23%) C#
5 123 (17.65%) SQL
6 89 (12.77%) TypeScript
7 66 (9.47%) Kotlin
8 58 (8.32%) C++
9 49 (7.03%) ES6
10 48 (6.89%) PHP
11 39 (5.60%) Go
12 32 (4.59%) PowerShell
13 28 (4.02%) Apple Swift
14 26 (3.73%) Dart
15 19 (2.73%) ES7
15 19 (2.73%) Scala
16 17 (2.44%) Java 11
17 16 (2.30%) T-SQL
18 15 (2.15%) C
19 13 (1.87%) Java 8
Qualifications
1 110 (15.78%) Degree
2 84 (12.05%) CISSP
3 50 (7.17%) Master's Degree
4 47 (6.74%) CEH
4 47 (6.74%) CISM
5 40 (5.74%) OSCP
6 38 (5.45%) SANS
7 30 (4.30%) (ISC)2 CCSP
7 30 (4.30%) Cisco Certification
8 22 (3.16%) CRISC
8 22 (3.16%) GIAC
9 19 (2.73%) Security Cleared
10 18 (2.58%) AWS Certification
11 17 (2.44%) CREST Certified
12 16 (2.30%) SC Cleared
13 14 (2.01%) Computer Science Degree
14 13 (1.87%) CISA
14 13 (1.87%) OSCE
15 12 (1.72%) CCSP
16 11 (1.58%) CESG Certified Professional
Quality Assurance & Compliance
1 115 (16.50%) NIST
2 109 (15.64%) QA
3 96 (13.77%) GDPR
4 84 (12.05%) ISO/IEC 27001
5 37 (5.31%) PCI DSS
6 35 (5.02%) Cyber Essentials
7 28 (4.02%) Accessibility
8 27 (3.87%) WCAG
9 19 (2.73%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
10 14 (2.01%) NCSC
11 13 (1.87%) COBIT
11 13 (1.87%) GRC
11 13 (1.87%) SOC 2
12 12 (1.72%) IASME
13 11 (1.58%) Cyber Essentials PLUS
14 8 (1.15%) NIST 800
15 6 (0.86%) ISO 22301
16 4 (0.57%) HIPAA
17 2 (0.29%) HMG Security Policy Framework
17 2 (0.29%) Sarbanes-Oxley
System Software
1 224 (32.14%) Docker
2 28 (4.02%) Active Directory
3 7 (1.00%) Varnish
4 6 (0.86%) VMware Infrastructure
5 5 (0.72%) iptables
6 3 (0.43%) BitLocker
6 3 (0.43%) Firmware
6 3 (0.43%) vCloud
6 3 (0.43%) Virtual Machines
6 3 (0.43%) vSphere
7 2 (0.29%) Hyper-V
8 1 (0.14%) LXC
Systems Management
1 191 (27.40%) Kubernetes
2 72 (10.33%) Terraform
3 42 (6.03%) Ansible
4 25 (3.59%) Hadoop YARN
4 25 (3.59%) Puppet
5 24 (3.44%) Nessus
6 17 (2.44%) Opscode Chef
7 16 (2.30%) Single Sign-On
8 15 (2.15%) CASB
8 15 (2.15%) HP Fortify
9 11 (1.58%) Rancher
10 10 (1.43%) Nmap
10 10 (1.43%) WebInspect
11 8 (1.15%) Grafana
12 7 (1.00%) HP ALM
12 7 (1.00%) Istio
12 7 (1.00%) Packer
13 6 (0.86%) Consul
13 6 (0.86%) ZABBIX
14 5 (0.72%) Icinga
Vendors
1 165 (23.67%) Microsoft
2 80 (11.48%) Oracle
3 60 (8.61%) Google
4 31 (4.45%) SAP
5 20 (2.87%) Qualys
6 12 (1.72%) CyberArk
6 12 (1.72%) ForgeRock
7 10 (1.43%) Splunk
8 9 (1.29%) Atlassian
8 9 (1.29%) Palo Alto
9 8 (1.15%) ArcSight
9 8 (1.15%) MuleSoft
9 8 (1.15%) Salesforce.com
9 8 (1.15%) Tripwire
10 7 (1.00%) Apple
10 7 (1.00%) Black Duck
10 7 (1.00%) Cisco
10 7 (1.00%) HP
10 7 (1.00%) Micro Focus
10 7 (1.00%) Sonatype