Period
to 16 April 2021

The following table provides summary statistics for permanent job vacancies with a requirement for OWASP skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited OWASP over the 6 months to 16 April 2021 with a comparison to the same period in the previous 2 years.

Open Web Application Security Project (OWASP)
UK
6 months to
16 Apr 2021
Same period 2020 Same period 2019
Rank 442 570 566
Rank change year-on-year +128 -4 +80
Permanent jobs citing OWASP 501 461 712
As % of all permanent jobs advertised in the UK 0.60% 0.41% 0.48%
As % of the Processes & Methodologies category 0.65% 0.45% 0.52%
Number of salaries quoted 419 333 487
10th Percentile £42,500 £41,250 £36,250
25th Percentile £55,000 £46,250 £47,500
Median annual salary (50th Percentile) £65,000 £65,000 £60,000
Median % change year-on-year - +8.33% +9.09%
75th Percentile £82,500 £88,750 £71,000
90th Percentile £95,000 £100,000 £86,250
UK excluding London median annual salary £60,000 £57,500 £55,000
% change year-on-year +4.35% +4.55% -

OWASP is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

All Process and Methodology Skills
UK
Permanent vacancies with a requirement for process or methodology skills 77,665 103,125 137,242
As % of all permanent IT jobs advertised in the UK 92.49% 92.17% 92.32%
Number of salaries quoted 59,745 82,840 109,079
10th Percentile £32,500 £31,250 £30,000
25th Percentile £41,250 £40,000 £37,500
Median annual salary (50th Percentile) £55,000 £55,000 £52,500
Median % change year-on-year - +4.76% +5.00%
75th Percentile £75,000 £72,500 £70,000
90th Percentile £90,000 £90,000 £85,000
UK excluding London median annual salary £48,900 £47,500 £45,000
% change year-on-year +2.95% +5.56% -

OWASP
Job Vacancy Trend

Job postings citing OWASP as a proportion of all IT jobs advertised.

Job vacancy trend for OWASP in the UK

OWASP
Salary Trend

3-month moving average salary quoted in jobs citing OWASP.

Salary trend for OWASP in the UK

OWASP
Salary Histogram

Salary distribution for jobs citing OWASP over the 6 months to 16 April 2021.

Salary histogram for OWASP in the UK

OWASP
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing OWASP within the UK over the 6 months to 16 April 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +144 471 £65,000 - 65
London +124 267 £70,000 -6.67% 29
UK excluding London +81 210 £60,000 +4.35% 38
South East +54 106 £60,000 -18.64% 10
Work from Home -69 100 £75,000 -7.69% 12
Midlands +53 32 £60,000 +20.00% 3
North of England +33 24 £50,000 -3.85% 10
South West +9 23 £47,500 +11.76% 8
East Midlands +30 17 £55,000 +91.30% 2
North West +29 16 £50,000 -4.31% 6
West Midlands +9 15 £70,000 +40.00% 1
East of England +69 12 £45,000 -63.27% 4
Wales +25 8 £65,000 +52.94% 1
Yorkshire +6 7 £45,000 -7.69% 3
Scotland +10 6 £44,000 -29.60% 2
North East +14 1 £42,000 +20.00% 1

For the 6 months to 16 April 2021, IT jobs citing OWASP also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for OWASP.

1 188 (37.52%) Azure
2 182 (36.33%) Agile Software Development
3 180 (35.93%) DevOps
4 148 (29.54%) .NET
5 138 (27.54%) C#
5 138 (27.54%) AWS
6 134 (26.75%) Finance
7 133 (26.55%) JavaScript
8 128 (25.55%) Cybersecurity
9 123 (24.55%) Git (software)
10 113 (22.55%) Information Security
11 112 (22.36%) NIST
12 102 (20.36%) Docker
13 94 (18.76%) TDD
14 93 (18.56%) Penetration Testing
14 93 (18.56%) Scrum
15 92 (18.36%) Java
16 90 (17.96%) SQL Server
17 87 (17.37%) SQL
17 87 (17.37%) TypeScript
18 86 (17.17%) React
19 84 (16.77%) ASP.NET
20 82 (16.37%) OAuth
21 81 (16.17%) Kubernetes
22 80 (15.97%) Python
22 80 (15.97%) Firewall
23 79 (15.77%) ISO/IEC 27001
24 78 (15.57%) .NET Core
25 75 (14.97%) QA
26 70 (13.97%) Microsoft

OWASP
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 22 (4.39%) IIS
2 21 (4.19%) NServiceBus
3 17 (3.39%) Elasticsearch
4 14 (2.79%) Confluence
5 5 (1.00%) Apache Pulsar
6 2 (0.40%) JBoss
6 2 (0.40%) Moodle
6 2 (0.40%) nginx
7 1 (0.20%) Apache
7 1 (0.20%) IBM HTTP Server
7 1 (0.20%) K2 blackpearl
7 1 (0.20%) MS Exchange
7 1 (0.20%) Red Hat Fuse
7 1 (0.20%) Tomcat
7 1 (0.20%) WebSphere
7 1 (0.20%) WebSphere Application Server
Applications
1 22 (4.39%) InVision
1 22 (4.39%) Sketch
Business Applications
1 14 (2.79%) Dynamics NAV
2 3 (0.60%) Sentinel
3 1 (0.20%) R3 Corda
3 1 (0.20%) SAP Oil and Gas
Cloud Services
1 188 (37.52%) Azure
2 138 (27.54%) AWS
3 66 (13.17%) PaaS
4 50 (9.98%) IaaS
5 40 (7.98%) GCP
6 33 (6.59%) Serverless
7 26 (5.19%) SaaS
8 22 (4.39%) Azure Active Directory
9 21 (4.19%) Microsoft 365
10 18 (3.59%) Apigee
11 16 (3.19%) iPaaS
11 16 (3.19%) npm
12 15 (2.99%) Amazon GuardDuty
12 15 (2.99%) Cloud Computing
13 12 (2.40%) Virtual Private Cloud
14 11 (2.20%) GitHub
15 9 (1.80%) Amazon EC2
15 9 (1.80%) AWS Lambda
15 9 (1.80%) Azure Data Factory
15 9 (1.80%) Azure Functions
Communications & Networking
1 80 (15.97%) Firewall
2 50 (9.98%) HTTP
3 42 (8.38%) Network Security
4 41 (8.18%) Skype
5 31 (6.19%) VPN
6 25 (4.99%) Intrusion Detection
7 22 (4.39%) DNS
8 15 (2.99%) DHCP
9 13 (2.59%) IPsec
10 9 (1.80%) FTP
10 9 (1.80%) Wireless
11 8 (1.60%) HTTPS
12 7 (1.40%) BGP
12 7 (1.40%) TCP/IP
13 6 (1.20%) Broadband
13 6 (1.20%) IPv6
13 6 (1.20%) OpenVPN
13 6 (1.20%) SNMP
14 5 (1.00%) Intranet
15 4 (0.80%) Value-Added Service
Database & Business Intelligence
1 90 (17.96%) SQL Server
2 37 (7.39%) PostgreSQL
3 36 (7.19%) NoSQL
4 18 (3.59%) Redis
5 17 (3.39%) Blockchain
6 15 (2.99%) Azure SQL Database
7 14 (2.79%) SQL Server 2005
7 14 (2.79%) SQL Server 2008
7 14 (2.79%) SQL Server 2012
8 12 (2.40%) Big Data
8 12 (2.40%) Relational Database
9 11 (2.20%) Cosmos DB
10 7 (1.40%) MySQL
11 6 (1.20%) Data Warehouse
11 6 (1.20%) MongoDB
12 5 (1.00%) Amazon RDS
12 5 (1.00%) NewSQL
13 4 (0.80%) RDBMS
13 4 (0.80%) SQL Server 2016
14 3 (0.60%) Oracle Database 11g
Development Applications
1 123 (24.55%) Git (software)
2 54 (10.78%) TeamCity
3 51 (10.18%) Octopus Deploy
4 42 (8.38%) Selenium
5 34 (6.79%) Jenkins
6 32 (6.39%) Cypress.io
7 30 (5.99%) Burp Suite
8 22 (4.39%) PostCSS
9 19 (3.79%) Fiddler
9 19 (3.79%) IntelliJ
10 18 (3.59%) Charles Proxy
10 18 (3.59%) Team Foundation Server
11 17 (3.39%) JIRA
12 10 (2.00%) Travis CI
13 8 (1.60%) SpecFlow
14 7 (1.40%) JMeter
14 7 (1.40%) Postman
14 7 (1.40%) Subversion
14 7 (1.40%) webpack
15 6 (1.20%) Visual Studio Code
General
1 134 (26.75%) Finance
2 36 (7.19%) Retail
3 25 (4.99%) Telecoms
4 21 (4.19%) Public Sector
5 19 (3.79%) Electronics
5 19 (3.79%) Marketing
6 18 (3.59%) Manufacturing
7 17 (3.39%) Legal
8 7 (1.40%) Banking
8 7 (1.40%) Games
9 3 (0.60%) German Language
10 2 (0.40%) French Language
10 2 (0.40%) Retail Banking
11 1 (0.20%) Aerospace
11 1 (0.20%) Automotive
11 1 (0.20%) Financial Institution
11 1 (0.20%) Law
11 1 (0.20%) Publishing
Job Titles
1 170 (33.93%) Developer
2 98 (19.56%) Security Engineer
3 77 (15.37%) .NET Developer
4 44 (8.78%) Architect
5 37 (7.39%) Senior Developer
6 33 (6.59%) Analyst
6 33 (6.59%) Java Developer
7 32 (6.39%) Cloud Engineer
7 32 (6.39%) Security Architect
8 30 (5.99%) Lead Developer
9 27 (5.39%) Full Stack Developer
10 26 (5.19%) Consultant
11 24 (4.79%) DevOps Engineer
11 24 (4.79%) IT Engineer
11 24 (4.79%) React Developer
12 23 (4.59%) IT Security Engineer
13 21 (4.19%) AWS Engineer
13 21 (4.19%) Principal Developer
13 21 (4.19%) Senior .NET Developer
13 21 (4.19%) Tester
Libraries, Frameworks & Software Standards
1 148 (29.54%) .NET
2 86 (17.17%) React
3 84 (16.77%) ASP.NET
4 82 (16.37%) OAuth
5 78 (15.57%) .NET Core
6 58 (11.58%) CSS
6 58 (11.58%) HTML
7 57 (11.38%) ASP.NET Core
8 56 (11.18%) Web Services
9 47 (9.38%) Spring Boot
10 46 (9.18%) ASP.NET MVC
11 45 (8.98%) HTML5
12 43 (8.58%) .NET Framework
12 43 (8.58%) ASP.NET Web Forms
13 41 (8.18%) AngularJS
14 36 (7.19%) Spring
15 35 (6.99%) CSS3
15 35 (6.99%) OAuth2
16 34 (6.79%) OpenID
16 34 (6.79%) REST
Miscellaneous
1 37 (7.39%) Analytical Skills
2 34 (6.79%) Management Information System
2 34 (6.79%) Mobile App
3 33 (6.59%) User Experience
4 22 (4.39%) Cloud Native
4 22 (4.39%) Public Cloud
5 20 (3.99%) Cyberthreat
6 17 (3.39%) Distributed Denial-of-Service
7 15 (2.99%) Enterprise Software
7 15 (2.99%) Greenfield Project
8 14 (2.79%) PKI
9 10 (2.00%) Security Operations Centre
10 9 (1.80%) Hybrid Cloud
11 5 (1.00%) Data Structures
11 5 (1.00%) Digital Media
11 5 (1.00%) Hedge funds
11 5 (1.00%) PMI
12 4 (0.80%) Graphic Design
12 4 (0.80%) Self-Motivation
13 3 (0.60%) Internet of Things
Operating Systems
1 64 (12.77%) Linux
2 58 (11.58%) Windows
3 20 (3.99%) CentOS
4 16 (3.19%) Apple iOS
5 14 (2.79%) AIX
5 14 (2.79%) Android
5 14 (2.79%) Windows Server
6 10 (2.00%) Unix
7 7 (1.40%) Mac OS
8 6 (1.20%) Red Hat Enterprise Linux
9 5 (1.00%) SUSE
9 5 (1.00%) Windows 10
10 3 (0.60%) Kali Linux
11 2 (0.40%) Mac OS X
11 2 (0.40%) Ubuntu
11 2 (0.40%) VMS
12 1 (0.20%) MVS
Processes & Methodologies
1 182 (36.33%) Agile Software Development
2 180 (35.93%) DevOps
3 128 (25.55%) Cybersecurity
4 113 (22.55%) Information Security
5 94 (18.76%) TDD
6 93 (18.56%) Penetration Testing
6 93 (18.56%) Scrum
7 67 (13.37%) DevSecOps
8 65 (12.97%) Software Engineering
9 64 (12.77%) Continuous Integration
9 64 (12.77%) Test Automation
10 63 (12.57%) Microservices
11 62 (12.38%) MVC
11 62 (12.38%) Problem-Solving
12 58 (11.58%) Vulnerability Management
13 57 (11.38%) Security Testing
14 54 (10.78%) SIEM
15 47 (9.38%) Security Architecture
16 46 (9.18%) Analytics
16 46 (9.18%) SDLC
Programming Languages
1 138 (27.54%) C#
2 133 (26.55%) JavaScript
3 92 (18.36%) Java
4 87 (17.37%) SQL
4 87 (17.37%) TypeScript
5 80 (15.97%) Python
6 38 (7.58%) PowerShell
7 29 (5.79%) Kotlin
8 27 (5.39%) ES6
8 27 (5.39%) Scala
9 25 (4.99%) Bash Shell
10 24 (4.79%) ES7
11 18 (3.59%) Go
12 15 (2.99%) PHP
13 14 (2.79%) T-SQL
14 11 (2.20%) C++
15 8 (1.60%) C
16 7 (1.40%) Ruby
17 2 (0.40%) Rust
18 1 (0.20%) Shell Script
Qualifications
1 61 (12.18%) CISSP
2 44 (8.78%) Degree
3 38 (7.58%) SANS
4 26 (5.19%) OSCE
5 25 (4.99%) OSCP
6 24 (4.79%) CISM
7 11 (2.20%) CEH
7 11 (2.20%) CISA
8 10 (2.00%) GPEN
9 8 (1.60%) GIAC
10 7 (1.40%) CEPT
10 7 (1.40%) EC-Council LPT
10 7 (1.40%) GXPN
10 7 (1.40%) OSWP
11 6 (1.20%) (ISC)2 CCSP
11 6 (1.20%) CSSLP
11 6 (1.20%) DBS Check
11 6 (1.20%) ISSAP
11 6 (1.20%) ISSEP
11 6 (1.20%) Security Cleared
Quality Assurance & Compliance
1 112 (22.36%) NIST
2 79 (15.77%) ISO/IEC 27001
3 75 (14.97%) QA
4 59 (11.78%) GDPR
5 53 (10.58%) PCI DSS
6 35 (6.99%) Cyber Essentials
7 23 (4.59%) WCAG
8 14 (2.79%) SOC 2
9 9 (1.80%) SOC 1
10 8 (1.60%) COBIT
11 7 (1.40%) GRC
12 5 (1.00%) Sarbanes-Oxley
13 3 (0.60%) SLA
14 2 (0.40%) GLBA
14 2 (0.40%) ISO 22301
14 2 (0.40%) NIST 800
15 1 (0.20%) NCSC
System Software
1 102 (20.36%) Docker
2 36 (7.19%) Active Directory
3 6 (1.20%) iptables
4 5 (1.00%) Virtual Desktop
4 5 (1.00%) Virtual Machines
5 2 (0.40%) BitLocker
5 2 (0.40%) VMware Infrastructure
Systems Management
1 81 (16.17%) Kubernetes
2 58 (11.58%) Terraform
3 40 (7.98%) Puppet
4 33 (6.59%) Nessus
5 14 (2.79%) Ansible
6 13 (2.59%) Opscode Chef
7 10 (2.00%) Consul
8 9 (1.80%) Host Intrusion Detection System
8 9 (1.80%) linkerd
8 9 (1.80%) Prometheus
8 9 (1.80%) Systems Management Server (SMS)
9 7 (1.40%) CASB
10 6 (1.20%) CSIRT
10 6 (1.20%) Grafana
10 6 (1.20%) Icinga
10 6 (1.20%) ZABBIX
11 4 (0.80%) Nmap
12 3 (0.60%) Computer Emergency Response Teams
12 3 (0.60%) Data Guard
12 3 (0.60%) OpenVAS
Vendors
1 70 (13.97%) Microsoft
2 25 (4.99%) Oracle
3 19 (3.79%) Google
3 19 (3.79%) SAP
4 18 (3.59%) Qualys
5 10 (2.00%) CyberArk
5 10 (2.00%) Twitter
6 9 (1.80%) CA
7 8 (1.60%) Atlassian
7 8 (1.60%) ForgeRock
7 8 (1.60%) IBM
8 5 (1.00%) Salesforce.com
8 5 (1.00%) Workday
9 4 (0.80%) Klarna
9 4 (0.80%) PayPal
9 4 (0.80%) WorldPay
10 2 (0.40%) Mercator
10 2 (0.40%) Palo Alto
10 2 (0.40%) Splunk
10 2 (0.40%) VMware