Period
to 22 August 2017

The following table provides summary statistics for permanent job vacancies with a requirement for OWASP skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited OWASP over the 6 months to 22 August 2017 with a comparison to the same period in the previous 2 years.

Open Web Application Security Project (OWASP)
UK
6 months to
22 Aug 2017
Same period 2016 Same period 2015
Rank 785 730 993
Rank change year-on-year -55 +263 +171
Permanent jobs citing OWASP 412 566 323
As % of all permanent IT jobs advertised in the UK 0.23% 0.29% 0.15%
As % of the Processes & Methodologies category 0.26% 0.32% 0.17%
Number of salaries quoted 321 529 261
UK median annual salary £57,500 £52,500 £55,000
Median salary % change year-on-year +9.52% -4.55% +22.22%
10th Percentile £35,000 £36,250 £31,250
90th Percentile £100,000 £80,000 £80,000
UK excluding London median annual salary £50,000 £50,000 £52,500
% change year-on-year - -4.76% +26.51%

OWASP is in the process and methodology skills category. The next table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process and methodology skills.

Process & Methodology Skills
UK
Permanent job vacancies with a requirement for process and methodology skills 158356 175503 192296
As % of all permanent IT job vacancies advertised in the UK 89.94% 89.07% 88.16%
Number of salaries quoted 125505 146405 157070
UK median annual salary £50,000 £49,000 £47,500
Median salary % change year-on-year +2.04% +3.16% +5.56%
10th Percentile £28,750 £27,500 £27,500
90th Percentile £80,000 £77,500 £76,250
UK excluding London median annual salary £42,500 £42,500 £42,500

OWASP
Job Vacancy Trend

Job postings citing OWASP as a percentage of all IT jobs advertised.

Job vacancy trend for OWASP in the UK

OWASP
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing OWASP.

Salary trend for OWASP in the UK

OWASP
Salary Histogram

The salary distribution of IT jobs citing OWASP over the 6 months to 22 August 2017.

Salary histogram for OWASP in the UK

OWASP
Top 14 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing OWASP within the UK over the 6 months to 22 August 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -50 404 £57,500 +9.52% 29
London +17 213 £72,500 +16.00% 16
UK excluding London -73 198 £50,000 - 13
South East +45 101 £50,000 -4.76% 4
North of England -59 46 £45,000 +5.88% 7
Yorkshire +6 29 £45,000 +5.88% 4
Midlands +12 20 £50,000 +1.01% 1
North West -57 17 £47,500 +11.76% 3
South West -14 14 £56,250 -2.17%
East of England -24 12 £47,500 -40.63% 1
West Midlands +15 11 £50,000 -1.96% 1
East Midlands +9 9 £33,500 -32.32%
Scotland +10 4 £52,500 +20.00%
Northern Ireland - 1 £42,500 -

For the 6 months to 22 August 2017, IT jobs citing OWASP also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads with a requirement for OWASP.

1 215 (52.18%) Agile Software Development
2 145 (35.19%) Java
3 131 (31.80%) Information Security
4 126 (30.58%) SQL
5 125 (30.34%) JavaScript
6 116 (28.16%) Python
7 110 (26.70%) Penetration Testing
8 108 (26.21%) Finance
9 100 (24.27%) Scrum
10 97 (23.54%) .NET
11 96 (23.30%) HTML
12 92 (22.33%) Linux
12 92 (22.33%) DevOps
13 91 (22.09%) ISO/IEC 27001
14 90 (21.84%) Continuous Integration
15 89 (21.60%) Amazon AWS
16 85 (20.63%) CISSP
17 83 (20.15%) Microsoft
17 83 (20.15%) Windows
17 83 (20.15%) Jenkins
18 82 (19.90%) Security Testing
19 81 (19.66%) C#
20 77 (18.69%) Git (software)
21 75 (18.20%) CSS
22 73 (17.72%) Ruby
23 72 (17.48%) Firewall
24 69 (16.75%) CEH
25 65 (15.78%) Cybersecurity
26 64 (15.53%) Mobile App
26 64 (15.53%) Web Development

OWASP
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 38 (9.22%) WebSphere
2 34 (8.25%) Tomcat
3 33 (8.01%) OpenStack
4 26 (6.31%) WebLogic
5 23 (5.58%) nginx
6 22 (5.34%) Apache
6 22 (5.34%) JBoss
7 21 (5.10%) CloudStack
8 20 (4.85%) CMS
9 18 (4.37%) IIS
10 17 (4.13%) Cloud Foundry
11 12 (2.91%) SharePoint
12 9 (2.18%) Umbraco
13 8 (1.94%) Oracle SOA Suite
13 8 (1.94%) Sitefinity
13 8 (1.94%) WebSphere Application Server
14 7 (1.70%) Kentico
15 6 (1.46%) Confluence
16 4 (0.97%) Elasticsearch
17 3 (0.73%) Sitecore CMS
Applications
1 3 (0.73%) Microsoft Excel
2 2 (0.49%) Microsoft Office
2 2 (0.49%) Microsoft PowerPoint
2 2 (0.49%) Microsoft Project
2 2 (0.49%) MS Visio
Business Applications
1 5 (1.21%) Payment Gateway
2 1 (0.24%) Dynamics CRM
2 1 (0.24%) WebTrends
Cloud Services
1 89 (21.60%) Amazon AWS
2 38 (9.22%) Microsoft Azure
3 30 (7.28%) SaaS
4 20 (4.85%) PaaS
5 8 (1.94%) GitHub
6 5 (1.21%) Office 365
7 3 (0.73%) IaaS
8 2 (0.49%) Azure Active Directory
9 1 (0.24%) Amazon S3
9 1 (0.24%) Amazon SQS
9 1 (0.24%) Cloud Computing
9 1 (0.24%) Google Cloud Platform
9 1 (0.24%) OpenShift
9 1 (0.24%) Sauce Labs
Communications & Networking
1 72 (17.48%) Firewall
2 63 (15.29%) Network Security
3 39 (9.47%) TCP/IP
4 28 (6.80%) Internet
5 21 (5.10%) Wireless
6 20 (4.85%) DNS
7 12 (2.91%) LAN
8 11 (2.67%) DHCP
8 11 (2.67%) HTTP
9 9 (2.18%) Multicast
9 9 (2.18%) SSL
9 9 (2.18%) WAN
10 8 (1.94%) BGP
10 8 (1.94%) BIG-IP
10 8 (1.94%) DMVPN
10 8 (1.94%) NX-OS
10 8 (1.94%) OSPF
10 8 (1.94%) SMTP
10 8 (1.94%) VLAN
10 8 (1.94%) Wi-Fi
Database & Business Intelligence
1 57 (13.83%) SQL Server
2 34 (8.25%) MySQL
3 25 (6.07%) SQL Server Integration Services
4 22 (5.34%) NoSQL
5 15 (3.64%) MongoDB
6 12 (2.91%) MariaDB
7 9 (2.18%) Oracle Database
8 7 (1.70%) Azure SQL Database
8 7 (1.70%) PostgreSQL
9 6 (1.46%) Relational Database
10 5 (1.21%) Hadoop
10 5 (1.21%) Looker
11 4 (0.97%) Big Data
11 4 (0.97%) SQL Server 2012
12 2 (0.49%) Data Warehouse
12 2 (0.49%) RDBMS
12 2 (0.49%) SQL Server 2008
12 2 (0.49%) SQL Server 2014
13 1 (0.24%) SQL Server Analysis Services
13 1 (0.24%) SQL Server Reporting Services
Development Applications
1 83 (20.15%) Jenkins
2 77 (18.69%) Git (software)
3 36 (8.74%) gulp
4 34 (8.25%) Subversion
5 32 (7.77%) TeamCity
6 31 (7.52%) Metasploit
7 27 (6.55%) JUnit
8 23 (5.58%) Gradle
8 23 (5.58%) Maven
9 19 (4.61%) Burp Suite
10 17 (4.13%) IBM UrbanCode
10 17 (4.13%) Selenium
10 17 (4.13%) Visual Studio
11 16 (3.88%) CircleCI
11 16 (3.88%) JIRA
11 16 (3.88%) Travis CI
12 15 (3.64%) AppScan
13 14 (3.40%) Jasmine
13 14 (3.40%) Team Foundation Server
14 13 (3.16%) JMeter
General
1 108 (26.21%) Finance
2 22 (5.34%) Banking
3 18 (4.37%) Retail
4 16 (3.88%) Telecoms
5 14 (3.40%) Legal
6 9 (2.18%) Games
7 8 (1.94%) Automotive
8 6 (1.46%) Financial Institution
9 5 (1.21%) Aerospace
10 4 (0.97%) Back Office
10 4 (0.97%) Investment Banking
10 4 (0.97%) Manufacturing
11 3 (0.73%) Advertising
12 2 (0.49%) Marketing
12 2 (0.49%) Publishing
13 1 (0.24%) Digital Economy
13 1 (0.24%) Electronics
13 1 (0.24%) Pharmaceutical
13 1 (0.24%) Retail Banking
Job Titles
1 87 (21.12%) Developer
2 54 (13.11%) Consultant
3 49 (11.89%) Security Consultant
3 49 (11.89%) Tester
4 44 (10.68%) Penetration Tester
5 41 (9.95%) DevOps Engineer
6 40 (9.71%) Analyst
7 31 (7.52%) Senior Developer
8 30 (7.28%) Architect
9 29 (7.04%) Security Analyst
10 28 (6.80%) Security Manager
11 25 (6.07%) .NET Developer
11 25 (6.07%) Java Developer
12 24 (5.83%) Security Architect
13 22 (5.34%) C# Developer
14 20 (4.85%) C# .NET Developer
14 20 (4.85%) Information Security Consultant
15 18 (4.37%) Security Specialist
16 16 (3.88%) ASP.NET Developer
16 16 (3.88%) Information Security Analyst
Libraries, Frameworks & Software Standards
1 97 (23.54%) .NET
2 96 (23.30%) HTML
3 75 (18.20%) CSS
4 60 (14.56%) Web Services
5 45 (10.92%) HTML5
6 44 (10.68%) XML
7 43 (10.44%) REST
8 38 (9.22%) ASP.NET
9 37 (8.98%) AngularJS
10 34 (8.25%) jQuery
11 32 (7.77%) JSON
12 27 (6.55%) ASP.NET Web API
12 27 (6.55%) SOAP
13 23 (5.58%) CSS3
14 21 (5.10%) Ajax
14 21 (5.10%) ASP.NET MVC
15 19 (4.61%) .NET Framework
15 19 (4.61%) React
16 18 (4.37%) RESTful
17 15 (3.64%) Node.js
Miscellaneous
1 64 (15.53%) Mobile App
2 39 (9.47%) Computer Science
3 29 (7.04%) Driving Licence
4 28 (6.80%) User Experience
5 26 (6.31%) Management Information System
6 17 (4.13%) Analytical Skills
7 15 (3.64%) Cyberthreat
8 9 (2.18%) Security Operations Centre
9 8 (1.94%) Data Protection Act
9 8 (1.94%) Fintech
9 8 (1.94%) iPad
9 8 (1.94%) Public Cloud
10 7 (1.70%) Algorithms
10 7 (1.70%) Cyber Defence
10 7 (1.70%) Data Centre
11 6 (1.46%) BYOD
11 6 (1.46%) Cyber Attack
11 6 (1.46%) Enterprise Software
12 5 (1.21%) Data Structures
12 5 (1.21%) Distributed Denial-of-Service
Operating Systems
1 92 (22.33%) Linux
2 83 (20.15%) Windows
3 57 (13.83%) Unix
4 48 (11.65%) Android
4 48 (11.65%) Apple iOS
5 21 (5.10%) Red Hat Enterprise Linux
6 14 (3.40%) Kali Linux
7 12 (2.91%) Windows Server
8 7 (1.70%) CentOS
9 5 (1.21%) VMS
10 4 (0.97%) Solaris
11 3 (0.73%) KNOPPIX
11 3 (0.73%) Oracle Linux
12 1 (0.24%) AIX
12 1 (0.24%) HPUX
12 1 (0.24%) Ubuntu
Processes & Methodologies
1 215 (52.18%) Agile Software Development
2 131 (31.80%) Information Security
3 110 (26.70%) Penetration Testing
4 100 (24.27%) Scrum
5 92 (22.33%) DevOps
6 90 (21.84%) Continuous Integration
7 82 (19.90%) Security Testing
8 65 (15.78%) Cybersecurity
9 64 (15.53%) Web Development
10 63 (15.29%) Security Architecture
11 61 (14.81%) Open Source
12 55 (13.35%) Test Automation
13 51 (12.38%) BDD
14 49 (11.89%) TDD
15 47 (11.41%) Vulnerability Assessment
16 44 (10.68%) Ethical Hacking
17 38 (9.22%) Performance Tuning
17 38 (9.22%) SDLC
17 38 (9.22%) Social Engineering
18 35 (8.50%) Unit Testing
Programming Languages
1 145 (35.19%) Java
2 126 (30.58%) SQL
3 125 (30.34%) JavaScript
4 116 (28.16%) Python
5 81 (19.66%) C#
6 73 (17.72%) Ruby
7 48 (11.65%) Shell Script
8 40 (9.71%) C++
9 35 (8.50%) Perl
10 27 (6.55%) Bash Shell
10 27 (6.55%) C
10 27 (6.55%) Groovy
10 27 (6.55%) PHP
11 19 (4.61%) Scala
12 16 (3.88%) Objective-C
12 16 (3.88%) T-SQL
12 16 (3.88%) VB.NET
13 12 (2.91%) Apple Swift
14 9 (2.18%) PowerShell
15 8 (1.94%) PL/SQL
Qualifications
1 85 (20.63%) CISSP
2 69 (16.75%) CEH
3 58 (14.08%) Degree
4 49 (11.89%) OSCP
5 45 (10.92%) CISM
6 41 (9.95%) CREST Certified
7 25 (6.07%) Security Cleared
8 22 (5.34%) Computer Science Degree
9 18 (4.37%) SC Cleared
9 18 (4.37%) Tigerscheme
10 17 (4.13%) CHECK Team Member
10 17 (4.13%) Cyber Scheme
10 17 (4.13%) OSCE
11 15 (3.64%) CISA
12 14 (3.40%) GPEN
13 13 (3.16%) SANS
14 12 (2.91%) GIAC
15 11 (2.67%) CLAS
16 10 (2.43%) Microsoft Certification
17 7 (1.70%) MCTS
Quality Assurance & Compliance
1 91 (22.09%) ISO/IEC 27001
2 38 (9.22%) PCI DSS
3 31 (7.52%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
4 24 (5.83%) ISO 9001
5 22 (5.34%) GDPR
6 17 (4.13%) Cyber Essentials
7 14 (3.40%) Cyber Essentials PLUS
8 12 (2.91%) Sarbanes-Oxley
9 11 (2.67%) ISO/IEC 27005
10 9 (2.18%) QA
10 9 (2.18%) SAS 70
11 6 (1.46%) NIST 800
12 5 (1.21%) COBIT
13 3 (0.73%) BS25999
13 3 (0.73%) PA-DSS
13 3 (0.73%) Web Application Security Consortium
14 2 (0.49%) WAI
14 2 (0.49%) WCAG
15 1 (0.24%) IASME
15 1 (0.24%) RMADS
System Software
1 24 (5.83%) vSphere
2 23 (5.58%) Virtual Machines
3 21 (5.10%) Active Directory
3 21 (5.10%) Xen
3 21 (5.10%) XenServer
4 14 (3.40%) VMware Infrastructure
5 11 (2.67%) Docker
6 5 (1.21%) VMware ESXi
7 3 (0.73%) ProxySG
Systems Management
1 63 (15.29%) Puppet
2 54 (13.11%) Opscode Chef
3 51 (12.38%) Ansible
4 49 (11.89%) Nessus
5 29 (7.04%) Cobbler
6 28 (6.80%) Terraform
6 28 (6.80%) Tivoli
7 18 (4.37%) Kubernetes
8 15 (3.64%) Nmap
9 11 (2.67%) HP Fortify
10 8 (1.94%) Salt
11 5 (1.21%) WebInspect
12 4 (0.97%) Core Impact
12 4 (0.97%) Defensics
12 4 (0.97%) OpenVAS
13 2 (0.49%) vCenter Server
13 2 (0.49%) vMotion
14 1 (0.24%) AirWatch
14 1 (0.24%) Kibana
14 1 (0.24%) logstash
Vendors
1 83 (20.15%) Microsoft
2 48 (11.65%) Oracle
3 28 (6.80%) Red Hat
4 20 (4.85%) EnterpriseDB
5 16 (3.88%) VMware
6 12 (2.91%) Google
6 12 (2.91%) IBM
7 11 (2.67%) Apple
7 11 (2.67%) Cisco
7 11 (2.67%) Sun
8 10 (2.43%) HP
9 9 (2.18%) Blue Coat
9 9 (2.18%) CheckPoint
9 9 (2.18%) F5
10 8 (1.94%) Qualys
11 6 (1.46%) Xamarin
12 5 (1.21%) NetApp
12 5 (1.21%) Sitecore
12 5 (1.21%) Veracode
13 4 (0.97%) Coverity