Period
to 3 August 2021

The following table provides summary statistics for permanent job vacancies with a requirement for OWASP skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited OWASP over the 6 months to 3 August 2021 with a comparison to the same period in the previous 2 years.

Open Web Application Security Project (OWASP)
UK
6 months to
3 Aug 2021
Same period 2020 Same period 2019
Rank 478 512 625
Rank change year-on-year +34 +113 +57
Permanent jobs citing OWASP 652 300 552
As % of all permanent jobs advertised in the UK 0.58% 0.45% 0.38%
As % of the Processes & Methodologies category 0.61% 0.48% 0.41%
Number of salaries quoted 440 230 368
10th Percentile £47,000 £41,158 £37,850
25th Percentile £58,750 £46,250 £46,250
Median annual salary (50th Percentile) £70,000 £62,500 £60,000
Median % change year-on-year +12.00% +4.17% +5.26%
75th Percentile £88,750 £82,500 £77,813
90th Percentile £100,000 £100,000 £93,750
UK excluding London median annual salary £62,500 £53,012 £55,000
% change year-on-year +17.90% -3.61% -

OWASP is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

All Process and Methodology Skills
UK
Permanent vacancies with a requirement for process or methodology skills 106,311 62,475 133,599
As % of all permanent IT jobs advertised in the UK 93.77% 92.79% 92.68%
Number of salaries quoted 72,457 50,576 106,616
10th Percentile £32,500 £32,500 £30,000
25th Percentile £42,250 £41,250 £37,500
Median annual salary (50th Percentile) £55,000 £55,000 £52,500
Median % change year-on-year - +4.76% +5.00%
75th Percentile £75,000 £73,750 £70,000
90th Percentile £92,500 £90,000 £86,250
UK excluding London median annual salary £50,000 £47,500 £45,000
% change year-on-year +5.26% +5.56% -

OWASP
Job Vacancy Trend

Job postings citing OWASP as a proportion of all IT jobs advertised.

Job vacancy trend for OWASP in the UK

OWASP
Salary Trend

3-month moving average salary quoted in jobs citing OWASP.

Salary trend for OWASP in the UK

OWASP
Salary Histogram

Salary distribution for jobs citing OWASP over the 6 months to 3 August 2021.

Salary histogram for OWASP in the UK

OWASP
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing OWASP within the UK over the 6 months to 3 August 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +57 604 £70,000 +10.24% 87
London +46 389 £80,000 +14.29% 47
UK excluding London -69 211 £62,500 +17.90% 50
Work from Home -159 145 £75,000 +25.00% 22
South East -10 120 £70,000 - 12
Midlands -59 31 £62,500 +31.58% 5
North of England -82 25 £50,000 -4.76% 17
West Midlands -63 21 £62,500 +25.00% 4
South West -73 18 £55,000 +6.80% 3
North West -64 15 £51,250 -10.87% 11
East Midlands -36 10 £55,000 +15.79% 1
East of England -32 9 - - 1
Yorkshire -64 7 £40,750 +8.67% 5
Scotland -66 7 £42,500 -26.73% 7
North East -27 3 £60,000 +64.38% 1
Wales -29 2 £65,000 +52.94% 4

For the 6 months to 3 August 2021, IT jobs citing OWASP also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for OWASP.

1 305 (46.78%) Agile Software Development
2 287 (44.02%) Azure
3 229 (35.12%) DevOps
4 227 (34.82%) Finance
5 226 (34.66%) AWS
6 220 (33.74%) Social Skills
7 174 (26.69%) Docker
8 171 (26.23%) Cybersecurity
9 162 (24.85%) Information Security
10 159 (24.39%) Test Automation
11 158 (24.23%) Git (software)
12 157 (24.08%) Java
12 157 (24.08%) JavaScript
13 143 (21.93%) SDLC
14 142 (21.78%) Kubernetes
15 141 (21.63%) OAuth
16 137 (21.01%) Software Engineering
16 137 (21.01%) Microservices
17 135 (20.71%) C#
18 131 (20.09%) Python
19 130 (19.94%) Continuous Integration
20 129 (19.79%) Microsoft
21 124 (19.02%) GCP
21 124 (19.02%) React
22 118 (18.10%) NIST
23 116 (17.79%) .NET
24 111 (17.02%) GDPR
25 110 (16.87%) CSS
26 109 (16.72%) QA
27 107 (16.41%) Degree

OWASP
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 37 (5.67%) Confluence
2 33 (5.06%) IIS
3 27 (4.14%) Apache
4 24 (3.68%) nginx
5 18 (2.76%) Elasticsearch
6 15 (2.30%) NServiceBus
7 6 (0.92%) Drupal
8 5 (0.77%) Apache Pulsar
8 5 (0.77%) CMS
9 4 (0.61%) WordPress
10 1 (0.15%) Adobe Experience Manager
10 1 (0.15%) Moodle
10 1 (0.15%) MS Exchange
10 1 (0.15%) SAS
10 1 (0.15%) WebSphere
10 1 (0.15%) WebSphere Application Server
Applications
1 22 (3.37%) InVision
1 22 (3.37%) Sketch
2 1 (0.15%) MS Visio
Business Applications
1 7 (1.07%) Oracle BPM
2 5 (0.77%) Dynamics NAV
2 5 (0.77%) Sentinel
3 1 (0.15%) Dynamics AX
3 1 (0.15%) Dynamics CRM
3 1 (0.15%) NetSuite
Cloud Services
1 287 (44.02%) Azure
2 226 (34.66%) AWS
3 124 (19.02%) GCP
4 74 (11.35%) Serverless
5 55 (8.44%) PaaS
6 53 (8.13%) IaaS
7 44 (6.75%) npm
8 30 (4.60%) SaaS
9 28 (4.29%) NuGet
10 25 (3.83%) GitHub
10 25 (3.83%) Microsoft 365
10 25 (3.83%) Yarn
11 23 (3.53%) Cloud Computing
12 22 (3.37%) OpenShift
13 21 (3.22%) AWS Lambda
14 18 (2.76%) Amazon EC2
15 15 (2.30%) Azure Storage
16 14 (2.15%) Azure Key Vault
17 12 (1.84%) Azure Sentinel
18 11 (1.69%) AWS Direct Connect
Communications & Networking
1 76 (11.66%) Firewall
2 68 (10.43%) HTTP
3 46 (7.06%) Network Security
4 31 (4.75%) VPN
5 20 (3.07%) Skype
6 19 (2.91%) DNS
7 14 (2.15%) DHCP
7 14 (2.15%) IPsec
8 13 (1.99%) BGP
8 13 (1.99%) HTTPS
8 13 (1.99%) Intrusion Detection
9 11 (1.69%) Broadband
9 11 (1.69%) IPv6
9 11 (1.69%) OpenVPN
9 11 (1.69%) SNMP
10 8 (1.23%) MPLS
11 6 (0.92%) OSPF
11 6 (0.92%) SSL
11 6 (0.92%) TCP/IP
12 5 (0.77%) Wireless
Database & Business Intelligence
1 103 (15.80%) NoSQL
2 97 (14.88%) SQL Server
3 56 (8.59%) MongoDB
4 55 (8.44%) Relational Database
5 43 (6.60%) PostgreSQL
6 36 (5.52%) Amazon DynamoDB
7 28 (4.29%) Azure SQL Database
8 16 (2.45%) MySQL
8 16 (2.45%) Redis
9 9 (1.38%) Hadoop
9 9 (1.38%) Hazelcast
9 9 (1.38%) Oracle Database
9 9 (1.38%) RDBMS
10 8 (1.23%) Data Warehouse
11 5 (0.77%) Amazon Aurora
11 5 (0.77%) Big Data
11 5 (0.77%) NewSQL
11 5 (0.77%) SQL Server 2005
11 5 (0.77%) SQL Server 2008
11 5 (0.77%) SQL Server 2012
Development Applications
1 158 (24.23%) Git (software)
2 76 (11.66%) Jenkins
3 50 (7.67%) JIRA
4 46 (7.06%) git-flow
4 46 (7.06%) TeamCity
5 45 (6.90%) Cypress.io
6 43 (6.60%) Octopus Deploy
7 36 (5.52%) SonarQube
8 35 (5.37%) Atlassian Bamboo
9 34 (5.21%) webpack
10 28 (4.29%) Selenium
11 26 (3.99%) gulp
12 22 (3.37%) PostCSS
13 19 (2.91%) Burp Suite
14 14 (2.15%) Team Foundation Server
15 13 (1.99%) Bitbucket
15 13 (1.99%) JUnit
16 12 (1.84%) Jasmine
17 11 (1.69%) Storybook
17 11 (1.69%) Visual Studio Code
General
1 227 (34.82%) Finance
2 220 (33.74%) Social Skills
3 63 (9.66%) Banking
4 53 (8.13%) Telecoms
5 48 (7.36%) Presentation Skills
6 46 (7.06%) Public Sector
7 44 (6.75%) Electronics
8 43 (6.60%) Retail Banking
9 42 (6.44%) Analytical Skills
10 41 (6.29%) Marketing
10 41 (6.29%) Retail
11 39 (5.98%) Manufacturing
12 36 (5.52%) Influencing Skills
13 32 (4.91%) Games
14 25 (3.83%) Legal
15 16 (2.45%) Inclusion and Diversity
16 8 (1.23%) Organisational Skills
17 6 (0.92%) Documentation Skills
18 3 (0.46%) German Language
18 3 (0.46%) Publishing
Job Titles
1 186 (28.53%) Developer
2 110 (16.87%) Security Engineer
3 49 (7.52%) Architect
4 48 (7.36%) Senior Developer
5 42 (6.44%) Azure Engineer
6 41 (6.29%) Cloud Engineer
6 41 (6.29%) Software Engineer
7 38 (5.83%) Consultant
8 35 (5.37%) Applications Engineer
8 35 (5.37%) Technical Leader
9 33 (5.06%) Front End Developer (Client-Side Developer)
9 33 (5.06%) Security Architect
9 33 (5.06%) Security Specialist
10 29 (4.45%) Analyst
11 28 (4.29%) .NET Developer
11 28 (4.29%) UI Developer
12 25 (3.83%) Java Developer
13 24 (3.68%) React Developer
13 24 (3.68%) Senior Software Engineer
14 23 (3.53%) Security Consultant
Libraries, Frameworks & Software Standards
1 141 (21.63%) OAuth
2 124 (19.02%) React
3 116 (17.79%) .NET
4 110 (16.87%) CSS
5 104 (15.95%) HTML
6 94 (14.42%) OAuth2
7 91 (13.96%) Node.js
8 88 (13.50%) AngularJS
9 86 (13.19%) REST
10 76 (11.66%) HTML5
10 76 (11.66%) Spring
11 73 (11.20%) .NET Core
12 66 (10.12%) GraphQL
13 60 (9.20%) CSS3
13 60 (9.20%) Spring Boot
14 51 (7.82%) ASP.NET
15 50 (7.67%) OpenID
16 44 (6.75%) Sass
17 37 (5.67%) RESTful
18 36 (5.52%) .NET Framework
Miscellaneous
1 82 (12.58%) User Experience
2 69 (10.58%) Mobile App
3 46 (7.06%) Cloud Native
4 37 (5.67%) Management Information System
5 31 (4.75%) Public Cloud
6 22 (3.37%) Legacy Applications
7 20 (3.07%) Linux Command Line
8 15 (2.30%) Hybrid Cloud
9 14 (2.15%) Digital Media
10 13 (1.99%) Enterprise Software
11 12 (1.84%) Cyberthreat
11 12 (1.84%) Security Operations Centre
12 11 (1.69%) Distributed Denial-of-Service
12 11 (1.69%) Virtual Team
13 10 (1.53%) Greenfield Project
14 8 (1.23%) PKI
15 7 (1.07%) Graphic Design
16 6 (0.92%) Tandem
16 6 (0.92%) W3C
17 5 (0.77%) Self-Motivation
Operating Systems
1 81 (12.42%) Linux
2 75 (11.50%) Windows
3 30 (4.60%) Apple iOS
4 28 (4.29%) Android
5 16 (2.45%) CentOS
6 11 (1.69%) Unix
7 8 (1.23%) Windows Server
8 6 (0.92%) Solaris
9 5 (0.77%) AIX
9 5 (0.77%) Red Hat Enterprise Linux
9 5 (0.77%) SUSE
9 5 (0.77%) Windows 10
10 3 (0.46%) Kali Linux
10 3 (0.46%) Mac OS
11 2 (0.31%) Mac OS X
11 2 (0.31%) Ubuntu
12 1 (0.15%) zOS
Processes & Methodologies
1 305 (46.78%) Agile Software Development
2 229 (35.12%) DevOps
3 171 (26.23%) Cybersecurity
4 162 (24.85%) Information Security
5 159 (24.39%) Test Automation
6 143 (21.93%) SDLC
7 137 (21.01%) Microservices
7 137 (21.01%) Software Engineering
8 130 (19.94%) Continuous Integration
9 101 (15.49%) Threat Modelling
10 100 (15.34%) TDD
11 99 (15.18%) Problem-Solving
12 95 (14.57%) Vulnerability Management
13 93 (14.26%) DevSecOps
13 93 (14.26%) Penetration Testing
14 80 (12.27%) Open Source
15 73 (11.20%) Continuous Delivery
16 71 (10.89%) Security Testing
17 64 (9.82%) Security Operations
18 59 (9.05%) Data Protection
Programming Languages
1 157 (24.08%) Java
1 157 (24.08%) JavaScript
2 135 (20.71%) C#
3 131 (20.09%) Python
4 106 (16.26%) SQL
4 106 (16.26%) TypeScript
5 57 (8.74%) Kotlin
6 50 (7.67%) ES6
6 50 (7.67%) PowerShell
7 46 (7.06%) C++
8 33 (5.06%) PHP
9 28 (4.29%) Scala
10 25 (3.83%) ES7
11 24 (3.68%) Apple Swift
11 24 (3.68%) Go
12 22 (3.37%) Dart
12 22 (3.37%) Java 11
13 19 (2.91%) Bash Shell
14 13 (1.99%) C
15 12 (1.84%) T-SQL
Qualifications
1 107 (16.41%) Degree
2 67 (10.28%) CISSP
3 36 (5.52%) CISM
4 34 (5.21%) Master's Degree
5 33 (5.06%) SANS
6 22 (3.37%) OSCP
7 18 (2.76%) CEH
8 15 (2.30%) GIAC
9 14 (2.15%) CISA
9 14 (2.15%) OSCE
10 11 (1.69%) DBS Check
10 11 (1.69%) SC Cleared
10 11 (1.69%) Security Cleared
11 9 (1.38%) (ISC)2 CCSP
11 9 (1.38%) Cisco Certification
12 8 (1.23%) AWS Certification
12 8 (1.23%) Computer Science Degree
12 8 (1.23%) CRISC
12 8 (1.23%) ISSAP
13 7 (1.07%) ISSEP
Quality Assurance & Compliance
1 118 (18.10%) NIST
2 111 (17.02%) GDPR
3 109 (16.72%) QA
4 78 (11.96%) ISO/IEC 27001
5 49 (7.52%) PCI DSS
6 32 (4.91%) Cyber Essentials
7 31 (4.75%) WCAG
8 24 (3.68%) Accessibility
9 18 (2.76%) GRC
9 18 (2.76%) SOC 2
10 13 (1.99%) COBIT
11 6 (0.92%) NCSC
12 5 (0.77%) ISO 22301
13 4 (0.61%) Cyber Essentials PLUS
14 3 (0.46%) SOC 1
15 2 (0.31%) GLBA
15 2 (0.31%) IASME
15 2 (0.31%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
15 2 (0.31%) NIST 800
16 1 (0.15%) HIPAA
System Software
1 174 (26.69%) Docker
2 39 (5.98%) Active Directory
3 11 (1.69%) iptables
4 5 (0.77%) Virtual Desktop
4 5 (0.77%) Virtual Machines
5 4 (0.61%) Varnish
6 3 (0.46%) Firmware
7 2 (0.31%) BitLocker
8 1 (0.15%) VMware Infrastructure
8 1 (0.15%) vSphere
Systems Management
1 142 (21.78%) Kubernetes
2 57 (8.74%) Terraform
3 35 (5.37%) Ansible
3 35 (5.37%) Puppet
4 22 (3.37%) Nessus
5 20 (3.07%) Hadoop YARN
6 14 (2.15%) Grafana
7 12 (1.84%) ZABBIX
8 11 (1.69%) Icinga
9 9 (1.38%) Consul
9 9 (1.38%) Opscode Chef
9 9 (1.38%) Single Sign-On
10 8 (1.23%) HP Fortify
11 7 (1.07%) CASB
11 7 (1.07%) Istio
11 7 (1.07%) Packer
12 6 (0.92%) HP ALM
12 6 (0.92%) WebInspect
13 5 (0.77%) Rancher
13 5 (0.77%) Systems Management Server (SMS)
Vendors
1 129 (19.79%) Microsoft
2 65 (9.97%) Oracle
3 39 (5.98%) SAP
4 37 (5.67%) Google
5 18 (2.76%) Qualys
6 17 (2.61%) CyberArk
6 17 (2.61%) ForgeRock
7 14 (2.15%) Atlassian
8 11 (1.69%) Palo Alto
9 9 (1.38%) Salesforce.com
10 7 (1.07%) Apple
10 7 (1.07%) Klarna
10 7 (1.07%) MuleSoft
10 7 (1.07%) PayPal
10 7 (1.07%) WorldPay
11 6 (0.92%) Black Duck
11 6 (0.92%) CA
11 6 (0.92%) HP
11 6 (0.92%) Micro Focus
11 6 (0.92%) Sonatype