Period
to 23 February 2018

The following table provides summary statistics for permanent job vacancies with a requirement for OWASP skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited OWASP over the 6 months to 23 February 2018 with a comparison to the same period in the previous 2 years.

Open Web Application Security Project (OWASP)
UK
6 months to
23 Feb 2018
Same period 2017 Same period 2016
Rank 667 725 907
Rank change year-on-year +58 +182 +171
Permanent jobs citing OWASP 583 479 391
As % of all permanent IT jobs advertised in the UK 0.33% 0.27% 0.19%
As % of the Processes & Methodologies category 0.37% 0.30% 0.21%
Number of salaries quoted 469 431 329
UK median annual salary £55,000 £57,500 £50,000
Median salary % change year-on-year -4.35% +15.00% -4.76%
10th Percentile £36,250 £36,250 £30,000
90th Percentile £90,000 £77,500 £80,000
UK excluding London median annual salary £52,500 £52,500 £42,500
% change year-on-year - +23.53% -19.05%

OWASP is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

All Process and Methodology Skills
UK
Permanent vacancies with a requirement for process or methodology skills 158,369 157,147 187,706
As % of all permanent IT jobs advertised in the UK 89.88% 89.53% 88.83%
Number of salaries quoted 128,702 129,388 155,466
UK median annual salary £50,000 £48,500 £47,500
Median salary % change year-on-year +3.09% +2.11% +5.56%
10th Percentile £29,000 £28,250 £27,500
90th Percentile £81,250 £78,750 £77,500
UK excluding London median annual salary £45,000 £42,500 £42,500
% change year-on-year +5.88% - +6.25%

OWASP
Job Vacancy Trend

Job postings citing OWASP as a percentage of all IT jobs advertised.

Job vacancy trend for OWASP in the UK

OWASP
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing OWASP.

Salary trend for OWASP in the UK

OWASP
Salary Histogram

The salary distribution of IT jobs citing OWASP over the 6 months to 23 February 2018.

Salary histogram for OWASP in the UK

OWASP
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing OWASP within the UK over the 6 months to 23 February 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +48 530 £56,500 -1.74% 90
UK excluding London +70 333 £52,500 - 64
London +22 221 £70,000 +12.00% 29
South East +27 138 £52,500 -12.50% 15
North of England +49 100 £55,000 +29.41% 17
North West +23 60 £57,500 +35.29% 13
Yorkshire +29 39 £42,500 - 4
Midlands +2 29 £52,500 +23.53% 7
South West -1 22 £47,500 -20.83% 4
West Midlands -10 21 £60,000 +41.18% 6
East of England -19 15 £75,000 +30.43% 18
Wales +23 14 £55,000 - 1
East Midlands +4 8 £44,750 -5.79% 1
Scotland -36 8 £56,250 +18.42% 2
Northern Ireland - 7 £45,000 -
North East - 1 £30,000 -

For the 6 months to 23 February 2018, IT jobs citing OWASP also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for OWASP.

1 243 (41.68%) Agile Software Development
2 188 (32.25%) Java
3 172 (29.50%) JavaScript
4 168 (28.82%) Information Security
5 155 (26.59%) CISSP
6 152 (26.07%) Finance
7 150 (25.73%) Penetration Testing
8 143 (24.53%) SQL
9 141 (24.19%) HTML
10 135 (23.16%) ISO/IEC 27001
11 130 (22.30%) Scrum
12 127 (21.78%) SANS
13 124 (21.27%) Continuous Integration
14 123 (21.10%) CSS
15 120 (20.58%) Cybersecurity
16 115 (19.73%) Python
17 114 (19.55%) C#
17 114 (19.55%) .NET
18 112 (19.21%) Firewall
19 105 (18.01%) Test Automation
20 103 (17.67%) Security Testing
21 99 (16.98%) Windows
21 99 (16.98%) Linux
22 94 (16.12%) CISM
23 90 (15.44%) Amazon AWS
23 90 (15.44%) PCI DSS
23 90 (15.44%) Degree
24 89 (15.27%) Ruby
24 89 (15.27%) TDD
25 85 (14.58%) MySQL

OWASP
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 33 (5.66%) OpenStack
2 28 (4.80%) WebSphere
3 23 (3.95%) Tomcat
4 17 (2.92%) Confluence
5 16 (2.74%) nginx
6 15 (2.57%) Apache
7 14 (2.40%) WebLogic
8 12 (2.06%) Elasticsearch
9 11 (1.89%) Apache Solr
9 11 (1.89%) CMS
9 11 (1.89%) Umbraco
10 10 (1.72%) IIS
10 10 (1.72%) JBoss
11 9 (1.54%) Cloud Foundry
11 9 (1.54%) Oracle SOA Suite
11 9 (1.54%) SAS
12 3 (0.51%) CloudStack
12 3 (0.51%) WebSphere Application Server
13 2 (0.34%) SharePoint
Applications
1 4 (0.69%) Microsoft PowerPoint
Business Applications
1 4 (0.69%) Sentinel
2 1 (0.17%) NetSuite
2 1 (0.17%) Payment Gateway
2 1 (0.17%) Salesforce.com CRM
Cloud Services
1 90 (15.44%) Amazon AWS
2 67 (11.49%) Microsoft Azure
3 26 (4.46%) SaaS
4 25 (4.29%) Google Cloud Platform
5 17 (2.92%) npm
6 16 (2.74%) Cloud Computing
7 12 (2.06%) GitHub
8 11 (1.89%) Amazon ElastiCache
8 11 (1.89%) PaaS
9 10 (1.72%) Amazon S3
10 8 (1.37%) IaaS
10 8 (1.37%) Office 365
11 6 (1.03%) OpenShift
11 6 (1.03%) Serverless
12 5 (0.86%) Amazon SQS
13 4 (0.69%) BlazeMeter
14 2 (0.34%) Azure Active Directory
14 2 (0.34%) BrowserStack
14 2 (0.34%) Firebase
14 2 (0.34%) Heroku
Communications & Networking
1 112 (19.21%) Firewall
2 43 (7.38%) Network Security
3 38 (6.52%) HTTP
4 24 (4.12%) TCP/IP
5 14 (2.40%) DNS
5 14 (2.40%) Internet
6 13 (2.23%) Intrusion Detection
7 11 (1.89%) Wireshark
8 10 (1.72%) WAN
9 9 (1.54%) LAN
9 9 (1.54%) SAN
10 8 (1.37%) Wireless
11 7 (1.20%) SSL
12 6 (1.03%) AMQP
12 6 (1.03%) SSH
12 6 (1.03%) tcpdump
13 4 (0.69%) CTI
13 4 (0.69%) FTP
13 4 (0.69%) NAS
13 4 (0.69%) VPN
Database & Business Intelligence
1 85 (14.58%) MySQL
2 57 (9.78%) SQL Server
3 50 (8.58%) NoSQL
4 33 (5.66%) MongoDB
5 27 (4.63%) MariaDB
6 25 (4.29%) Data Warehouse
7 20 (3.43%) SQL Server Integration Services
8 19 (3.26%) PostgreSQL
9 17 (2.92%) DB2
10 13 (2.23%) Relational Database
11 12 (2.06%) Redis
12 11 (1.89%) Big Data
13 9 (1.54%) BusinessObjects
13 9 (1.54%) SQL Server 2016
14 7 (1.20%) SSDT
15 5 (0.86%) Amazon Redshift
15 5 (0.86%) Hadoop
15 5 (0.86%) Looker
15 5 (0.86%) Qlik Sense
15 5 (0.86%) SQL Server Reporting Services
Development Applications
1 72 (12.35%) Git (software)
2 40 (6.86%) Jenkins
3 28 (4.80%) Team Foundation Server
4 26 (4.46%) Visual Studio
5 24 (4.12%) JIRA
6 23 (3.95%) Maven
6 23 (3.95%) Selenium
7 20 (3.43%) Burp Suite
8 18 (3.09%) JMeter
9 17 (2.92%) gulp
9 17 (2.92%) WebDriver
10 15 (2.57%) JUnit
10 15 (2.57%) Subversion
10 15 (2.57%) TeamCity
11 11 (1.89%) Gradle
12 10 (1.72%) Fiddler
12 10 (1.72%) Metasploit
12 10 (1.72%) SoapUI
13 9 (1.54%) Cucumber
13 9 (1.54%) SpecFlow
General
1 152 (26.07%) Finance
2 39 (6.69%) Retail
3 17 (2.92%) Games
3 17 (2.92%) Legal
4 13 (2.23%) Banking
5 11 (1.89%) Law
6 10 (1.72%) Back Office
6 10 (1.72%) Telecoms
7 6 (1.03%) Billing
8 5 (0.86%) Investment Banking
8 5 (0.86%) Marketing
9 4 (0.69%) Manufacturing
10 2 (0.34%) Electronics
11 1 (0.17%) Advertising
11 1 (0.17%) Financial Institution
11 1 (0.17%) French Language
Job Titles
1 149 (25.56%) Developer
2 65 (11.15%) Security Engineer
3 64 (10.98%) Analyst
3 64 (10.98%) Architect
4 62 (10.63%) Tester
5 54 (9.26%) Security Analyst
6 50 (8.58%) Penetration Tester
7 37 (6.35%) .NET Developer
7 37 (6.35%) Consultant
8 34 (5.83%) Information Analyst
8 34 (5.83%) Information Security Analyst
8 34 (5.83%) Security Consultant
9 32 (5.49%) Senior Developer
10 31 (5.32%) Security Architect
10 31 (5.32%) Security Manager
11 30 (5.15%) Security Specialist
12 26 (4.46%) Software Engineer
13 24 (4.12%) Applications Engineer
13 24 (4.12%) Java Developer
14 23 (3.95%) Lead Developer
Libraries, Frameworks & Software Standards
1 141 (24.19%) HTML
2 123 (21.10%) CSS
3 114 (19.55%) .NET
4 58 (9.95%) REST
5 57 (9.78%) HTML5
6 52 (8.92%) Spring
6 52 (8.92%) Web Services
7 42 (7.20%) XML
8 40 (6.86%) JSON
9 37 (6.35%) RESTful
10 34 (5.83%) CSS3
11 33 (5.66%) jQuery
12 32 (5.49%) AngularJS
13 31 (5.32%) ASP.NET
14 28 (4.80%) .NET Framework
15 27 (4.63%) J2EE
16 25 (4.29%) Spring Boot
17 24 (4.12%) SOAP
17 24 (4.12%) WCF
18 23 (3.95%) ASP.NET MVC
Miscellaneous
1 57 (9.78%) Management Information System
2 43 (7.38%) Computer Science
3 35 (6.00%) Cyber Defence
4 28 (4.80%) Fintech
5 27 (4.63%) Analytical Skills
6 24 (4.12%) User Experience
7 22 (3.77%) Enterprise Software
8 21 (3.60%) Mobile App
9 20 (3.43%) Cyberattack
9 20 (3.43%) Public Cloud
10 17 (2.92%) Data Centre
11 16 (2.74%) BYOD
11 16 (2.74%) Clustering
12 14 (2.40%) Cyberthreat
13 11 (1.89%) Mainframe
14 10 (1.72%) Algorithms
14 10 (1.72%) CESG
15 8 (1.37%) FMCG
16 7 (1.20%) PKI
16 7 (1.20%) Virtual Team
Operating Systems
1 99 (16.98%) Linux
1 99 (16.98%) Windows
2 66 (11.32%) Unix
3 33 (5.66%) Windows Server
4 16 (2.74%) Apple iOS
4 16 (2.74%) Red Hat Enterprise Linux
5 14 (2.40%) Android
5 14 (2.40%) Windows Server 2012
6 11 (1.89%) Solaris
7 9 (1.54%) Kali Linux
8 7 (1.20%) Oracle Linux
8 7 (1.20%) Windows Server 2008
9 6 (1.03%) AIX
9 6 (1.03%) Mac OS X
10 5 (0.86%) Ubuntu
10 5 (0.86%) Windows 10
10 5 (0.86%) Windows Mobile
10 5 (0.86%) zOS
11 4 (0.69%) HPUX
12 3 (0.51%) CentOS
Processes & Methodologies
1 243 (41.68%) Agile Software Development
2 168 (28.82%) Information Security
3 150 (25.73%) Penetration Testing
4 130 (22.30%) Scrum
5 124 (21.27%) Continuous Integration
6 120 (20.58%) Cybersecurity
7 105 (18.01%) Test Automation
8 103 (17.67%) Security Testing
9 89 (15.27%) TDD
10 76 (13.04%) Security Architecture
11 74 (12.69%) BDD
12 72 (12.35%) MVC
13 68 (11.66%) DevOps
13 68 (11.66%) SIEM
14 62 (10.63%) Software Engineering
15 61 (10.46%) SDLC
16 57 (9.78%) SOLID
17 56 (9.61%) SOA
18 55 (9.43%) Risk Management
19 52 (8.92%) OO
Programming Languages
1 188 (32.25%) Java
2 172 (29.50%) JavaScript
3 143 (24.53%) SQL
4 115 (19.73%) Python
5 114 (19.55%) C#
6 89 (15.27%) Ruby
7 46 (7.89%) PHP
8 42 (7.20%) C++
9 40 (6.86%) C
10 35 (6.00%) Shell Script
11 29 (4.97%) PowerShell
12 23 (3.95%) Bash Shell
13 14 (2.40%) T-SQL
14 13 (2.23%) Perl
15 11 (1.89%) Go
16 10 (1.72%) Groovy
17 3 (0.51%) ES6
17 3 (0.51%) ES7
17 3 (0.51%) Objective-C
18 2 (0.34%) VB.NET
Qualifications
1 155 (26.59%) CISSP
2 127 (21.78%) SANS
3 94 (16.12%) CISM
4 90 (15.44%) Degree
5 64 (10.98%) CEH
6 36 (6.17%) CSSLP
7 31 (5.32%) Cisco Certification
8 29 (4.97%) Computer Science Degree
9 28 (4.80%) CREST Certified
10 26 (4.46%) CISA
11 24 (4.12%) OSCP
12 20 (3.43%) GIAC
13 16 (2.74%) Master's Degree
14 13 (2.23%) (ISC)2 CCSP
14 13 (2.23%) CCNP
15 11 (1.89%) CRISC
15 11 (1.89%) Security Cleared
16 10 (1.72%) CCSP
16 10 (1.72%) GPEN
17 9 (1.54%) CISMP
Quality Assurance & Compliance
1 135 (23.16%) ISO/IEC 27001
2 90 (15.44%) PCI DSS
3 47 (8.06%) QA
4 25 (4.29%) GDPR
5 18 (3.09%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
6 16 (2.74%) HIPAA
7 15 (2.57%) GCP
8 14 (2.40%) ISO/IEC 27005
8 14 (2.40%) Web Application Security Consortium
9 13 (2.23%) COBIT
10 11 (1.89%) GPG13
11 6 (1.03%) ISO 22301
12 5 (0.86%) Cyber Essentials
13 4 (0.69%) MiFID
13 4 (0.69%) RMADS
14 3 (0.51%) ISO 9001
14 3 (0.51%) PSD2
15 2 (0.34%) BS7799
15 2 (0.34%) PMO
16 1 (0.17%) NIST 800
System Software
1 38 (6.52%) VMware Infrastructure
2 19 (3.26%) Docker
3 14 (2.40%) Active Directory
4 11 (1.89%) Virtual Machines
5 6 (1.03%) vSphere
6 3 (0.51%) Firmware
6 3 (0.51%) Xen
6 3 (0.51%) XenServer
7 2 (0.34%) Apache ZooKeeper
8 1 (0.17%) OpenAM
8 1 (0.17%) VirtualBox
Systems Management
1 29 (4.97%) Nessus
2 27 (4.63%) WebInspect
3 23 (3.95%) Kubernetes
4 20 (3.43%) Opscode Chef
4 20 (3.43%) Puppet
5 19 (3.26%) Ansible
6 16 (2.74%) Nmap
7 13 (2.23%) Single Sign-On
8 7 (1.20%) Cobbler
9 6 (1.03%) logstash
9 6 (1.03%) Terraform
10 5 (0.86%) CSIRT
10 5 (0.86%) Kibana
10 5 (0.86%) McAfee ePO
11 4 (0.69%) HP Fortify
11 4 (0.69%) Tivoli
12 2 (0.34%) Computer Emergency Response Teams
12 2 (0.34%) FortiGate
12 2 (0.34%) Nagios
12 2 (0.34%) ZABBIX
Vendors
1 67 (11.49%) Microsoft
2 44 (7.55%) Oracle
2 44 (7.55%) VMware
3 19 (3.26%) Veracode
4 18 (3.09%) IBM
5 17 (2.92%) HP
6 15 (2.57%) Cisco
6 15 (2.57%) Red Hat
7 14 (2.40%) Google
8 13 (2.23%) Qualys
8 13 (2.23%) Sun
9 11 (1.89%) Capita
10 9 (1.54%) Ab Initio
10 9 (1.54%) Juniper
11 8 (1.37%) RedGate
12 7 (1.20%) McAfee
12 7 (1.20%) Symantec
12 7 (1.20%) WorldPay
13 5 (0.86%) Acunetix
13 5 (0.86%) Apple