Period
to 24 November 2017

The following table provides summary statistics for permanent job vacancies with a requirement for Security Testing skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Security Testing over the 6 months to 24 November 2017 with a comparison to the same period in the previous 2 years.

Security Testing
UK
6 months to
24 Nov 2017
Same period 2016 Same period 2015
Rank 793 729 736
Rank change year-on-year -64 +7 +103
Permanent jobs citing Security Testing 435 518 662
As % of all permanent IT jobs advertised in the UK 0.24% 0.27% 0.30%
As % of the Processes & Methodologies category 0.27% 0.31% 0.34%
Number of salaries quoted 341 361 458
UK median annual salary £47,500 £52,500 £50,000
Median salary % change year-on-year -9.52% +5.00% -
10th Percentile £32,500 £31,250 £26,250
90th Percentile £77,500 £80,000 £75,000
UK excluding London median annual salary £45,000 £48,500 £45,000
% change year-on-year -7.22% +7.78% +2.27%

Security Testing is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

All Process and Methodology Skills
UK
Permanent vacancies with a requirement for process or methodology skills 161950 169183 194286
As % of all permanent IT jobs advertised in the UK 89.90% 89.41% 88.80%
Number of salaries quoted 127926 140515 160119
UK median annual salary £50,000 £49,500 £47,500
Median salary % change year-on-year +1.01% +4.21% +5.56%
10th Percentile £28,750 £28,000 £27,500
90th Percentile £80,000 £79,800 £77,500
UK excluding London median annual salary £44,000 £42,500 £42,500
% change year-on-year +3.53% - +6.25%

Security Testing
Job Vacancy Trend

Job postings citing Security Testing as a percentage of all IT jobs advertised.

Job vacancy trend for Security Testing in the UK

Security Testing
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing Security Testing.

Salary trend for Security Testing in the UK

Security Testing
Salary Histogram

The salary distribution of IT jobs citing Security Testing over the 6 months to 24 November 2017.

Salary histogram for Security Testing in the UK

Security Testing
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Security Testing within the UK over the 6 months to 24 November 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -30 403 £50,000 - 49
UK excluding London +56 281 £45,000 -7.22% 38
London -82 145 £64,000 +2.40% 13
South East +77 103 £45,000 -7.22% 9
North of England +28 77 £44,629 -18.86% 12
Yorkshire +53 62 £45,000 -18.18% 6
Midlands +47 43 £52,500 +23.53% 7
West Midlands +27 36 £50,000 +17.65% 6
South West +2 26 £45,250 +31.16% 6
Scotland +10 21 £37,500 -28.57% 2
North West -37 13 £45,000 -14.29% 5
East Midlands +35 7 £52,500 +16.67% 1
East of England -23 6 £42,500 -10.53% 2
Northern Ireland - 4 £33,000 -
North East - 2 £35,879 - 1
Wales +11 1 £47,500 -41.54%

For the 6 months to 24 November 2017, IT jobs citing Security Testing also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads with a requirement for Security Testing.

1 171 (39.31%) Agile Software Development
2 161 (37.01%) Information Security
3 136 (31.26%) Test Automation
4 129 (29.66%) Penetration Testing
5 117 (26.90%) Degree
6 111 (25.52%) CISSP
7 108 (24.83%) Java
8 97 (22.30%) OWASP
9 89 (20.46%) CISM
10 88 (20.23%) ISO/IEC 27001
11 84 (19.31%) QA
11 84 (19.31%) Cybersecurity
12 79 (18.16%) Firewall
13 78 (17.93%) Selenium
14 75 (17.24%) Risk Management
15 70 (16.09%) Finance
15 70 (16.09%) Computer Science
16 67 (15.40%) CEH
17 64 (14.71%) Management Information System
18 62 (14.25%) Performance Testing
19 61 (14.02%) Scrum
20 59 (13.56%) PCI DSS
20 59 (13.56%) BDD
21 58 (13.33%) SQL
21 58 (13.33%) Windows
22 55 (12.64%) .NET
22 55 (12.64%) SIEM
23 54 (12.41%) CREST Certified
23 54 (12.41%) Data Protection
24 52 (11.95%) JavaScript

Security Testing
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 16 (3.68%) OpenStack
2 14 (3.22%) IIS
3 11 (2.53%) Apache
4 8 (1.84%) NetWeaver
5 6 (1.38%) Confluence
6 4 (0.92%) Elasticsearch
7 1 (0.23%) CMS
7 1 (0.23%) Exchange Server 2003
7 1 (0.23%) Exchange Server 2010
7 1 (0.23%) Exchange Server 2013
7 1 (0.23%) JBoss
7 1 (0.23%) MS Exchange
7 1 (0.23%) Tomcat
7 1 (0.23%) WebSphere
Applications
1 4 (0.92%) Microsoft Office
2 2 (0.46%) Microsoft Excel
2 2 (0.46%) Microsoft PowerPoint
3 1 (0.23%) HipChat
Business Applications
1 8 (1.84%) SAP GRC
2 6 (1.38%) Payment Gateway
3 1 (0.23%) Dynamics AX
3 1 (0.23%) Dynamics CRM
3 1 (0.23%) Salesforce.com CRM
Cloud Services
1 46 (10.57%) Amazon AWS
2 32 (7.36%) Microsoft Azure
3 25 (5.75%) SaaS
4 10 (2.30%) Office 365
5 6 (1.38%) AWS CloudFormation
6 5 (1.15%) GitHub
7 4 (0.92%) PaaS
8 3 (0.69%) Amazon CloudWatch
9 2 (0.46%) Datadog
9 2 (0.46%) Google Cloud Platform
10 1 (0.23%) Amazon S3
10 1 (0.23%) AWS Lambda
10 1 (0.23%) BlazeMeter
10 1 (0.23%) Cloud Computing
10 1 (0.23%) Google App Engine
10 1 (0.23%) IaaS
10 1 (0.23%) Salesforce Service Cloud
10 1 (0.23%) Sauce Labs
10 1 (0.23%) Serverless
10 1 (0.23%) Virtual Private Cloud
Communications & Networking
1 79 (18.16%) Firewall
2 41 (9.43%) TCP/IP
3 26 (5.98%) LAN
4 21 (4.83%) Intrusion Detection
5 20 (4.60%) Network Security
6 14 (3.22%) Internet
6 14 (3.22%) WAN
7 13 (2.99%) VPN
8 9 (2.07%) Cisco ASA
8 9 (2.07%) Wireshark
9 8 (1.84%) HTTP
9 8 (1.84%) LDAP
9 8 (1.84%) Wireless
10 7 (1.61%) DNS
11 6 (1.38%) Wi-Fi
12 4 (0.92%) DHCP
12 4 (0.92%) tcpdump
13 3 (0.69%) DMZ
13 3 (0.69%) SAN
13 3 (0.69%) VoIP
Database & Business Intelligence
1 30 (6.90%) MySQL
2 27 (6.21%) NoSQL
3 24 (5.52%) SQL Server
4 21 (4.83%) MongoDB
5 16 (3.68%) MariaDB
6 7 (1.61%) Big Data
7 4 (0.92%) Hadoop
8 2 (0.46%) GIS
8 2 (0.46%) InfluxDB
8 2 (0.46%) PostgreSQL
8 2 (0.46%) SQL Server Integration Services
9 1 (0.23%) Amazon RDS
9 1 (0.23%) Data Warehouse
9 1 (0.23%) DB2
9 1 (0.23%) Flink
9 1 (0.23%) Infinispan
9 1 (0.23%) Ingres
9 1 (0.23%) Oracle Exadata
9 1 (0.23%) Redis
9 1 (0.23%) Sqoop
Development Applications
1 78 (17.93%) Selenium
2 32 (7.36%) Cucumber
3 29 (6.67%) JIRA
3 29 (6.67%) WebDriver
4 27 (6.21%) Jenkins
5 20 (4.60%) AppScan
6 19 (4.37%) SpecFlow
7 14 (3.22%) SoapUI
8 13 (2.99%) Selenium IDE
9 10 (2.30%) Burp Suite
9 10 (2.30%) Git (software)
9 10 (2.30%) Metasploit
10 8 (1.84%) JMeter
11 7 (1.61%) Paros
12 6 (1.38%) Gatling
12 6 (1.38%) JBehave
12 6 (1.38%) JUnit
12 6 (1.38%) Mercurial
12 6 (1.38%) Team Foundation Server
13 5 (1.15%) SonarQube
General
1 70 (16.09%) Finance
2 26 (5.98%) Legal
3 20 (4.60%) Banking
4 9 (2.07%) Law
4 9 (2.07%) Marketing
5 8 (1.84%) Retail
5 8 (1.84%) Telecoms
6 7 (1.61%) Games
6 7 (1.61%) Manufacturing
7 4 (0.92%) Local Government
8 3 (0.69%) Investment Banking
9 2 (0.46%) Back Office
9 2 (0.46%) Electronics
9 2 (0.46%) Financial Institution
9 2 (0.46%) Pharmaceutical
9 2 (0.46%) Retail Banking
10 1 (0.23%) Dutch Language
Job Titles
1 99 (22.76%) Analyst
2 79 (18.16%) Tester
3 62 (14.25%) Consultant
3 62 (14.25%) Security Analyst
4 58 (13.33%) Security Consultant
5 43 (9.89%) Test Engineer
6 42 (9.66%) Penetration Tester
7 28 (6.44%) Security Specialist
8 27 (6.21%) Security Tester
9 26 (5.98%) Senior Analyst
9 26 (5.98%) Test Analyst
9 26 (5.98%) Test Automation Engineer
10 24 (5.52%) QA Engineer
11 23 (5.29%) Security Engineer
12 22 (5.06%) Cybersecurity Consultant
13 21 (4.83%) IT Analyst
13 21 (4.83%) IT Security Analyst
14 18 (4.14%) Security Penetration Tester
15 17 (3.91%) Information Analyst
15 17 (3.91%) Information Security Analyst
Libraries, Frameworks & Software Standards
1 55 (12.64%) .NET
2 42 (9.66%) HTML
3 27 (6.21%) Web Services
4 24 (5.52%) HTML5
5 22 (5.06%) XML
6 20 (4.60%) RESTful
7 13 (2.99%) Gherkin
7 13 (2.99%) J2EE
8 12 (2.76%) ASP.NET
9 11 (2.53%) REST
10 10 (2.30%) CSS
10 10 (2.30%) JSON
11 8 (1.84%) ASP.NET MVC
11 8 (1.84%) CGI
11 8 (1.84%) OAuth
11 8 (1.84%) OAuth2
11 8 (1.84%) SAML
12 7 (1.61%) Ruby on Rails
13 6 (1.38%) ASP.NET Web API
14 5 (1.15%) AngularJS
Miscellaneous
1 70 (16.09%) Computer Science
2 64 (14.71%) Management Information System
3 41 (9.43%) Mobile App
4 28 (6.44%) Analytical Skills
5 26 (5.98%) PKI
6 21 (4.83%) Cyberthreat
7 18 (4.14%) User Experience
8 17 (3.91%) Distributed Denial-of-Service
9 13 (2.99%) Cyber Attack
9 13 (2.99%) Data Protection Act
10 11 (2.53%) BYOD
11 9 (2.07%) CESG
11 9 (2.07%) Life Science
12 7 (1.61%) Fintech
12 7 (1.61%) NHS
12 7 (1.61%) Security Operations Centre
13 6 (1.38%) Data Centre
13 6 (1.38%) Public Cloud
14 5 (1.15%) Cyber Defence
15 4 (0.92%) Driving Licence
Operating Systems
1 58 (13.33%) Windows
2 46 (10.57%) Linux
3 33 (7.59%) Apple iOS
4 31 (7.13%) Android
5 24 (5.52%) Unix
6 10 (2.30%) Kali Linux
7 8 (1.84%) Solaris
8 2 (0.46%) Red Hat Enterprise Linux
9 1 (0.23%) CentOS
9 1 (0.23%) Ubuntu
9 1 (0.23%) Windows 10
9 1 (0.23%) Windows 7
9 1 (0.23%) Windows 8
9 1 (0.23%) Windows Server
9 1 (0.23%) Windows Server 2003
9 1 (0.23%) Windows Server 2012
Processes & Methodologies
1 171 (39.31%) Agile Software Development
2 161 (37.01%) Information Security
3 136 (31.26%) Test Automation
4 129 (29.66%) Penetration Testing
5 97 (22.30%) OWASP
6 84 (19.31%) Cybersecurity
7 75 (17.24%) Risk Management
8 62 (14.25%) Performance Testing
9 61 (14.02%) Scrum
10 59 (13.56%) BDD
11 55 (12.64%) SIEM
12 54 (12.41%) Data Protection
13 50 (11.49%) Vulnerability Assessment
14 46 (10.57%) TDD
15 45 (10.34%) Continuous Improvement
16 44 (10.11%) Ethical Hacking
16 44 (10.11%) Security Architecture
17 42 (9.66%) Test Strategy
18 40 (9.20%) Continuous Integration
19 35 (8.05%) Vulnerability Management
Programming Languages
1 108 (24.83%) Java
2 58 (13.33%) SQL
3 52 (11.95%) JavaScript
4 44 (10.11%) Python
5 41 (9.43%) C#
6 32 (7.36%) Ruby
7 23 (5.29%) C++
8 15 (3.45%) C
8 15 (3.45%) Perl
9 14 (3.22%) PHP
10 13 (2.99%) Groovy
11 12 (2.76%) VB
11 12 (2.76%) VB.NET
12 10 (2.30%) Scala
13 9 (2.07%) Objective-C
14 8 (1.84%) PowerShell
15 7 (1.61%) Bash Shell
16 1 (0.23%) Shell Script
16 1 (0.23%) T-SQL
16 1 (0.23%) XPath
Qualifications
1 117 (26.90%) Degree
2 111 (25.52%) CISSP
3 89 (20.46%) CISM
4 67 (15.40%) CEH
5 54 (12.41%) CREST Certified
6 44 (10.11%) Computer Science Degree
7 40 (9.20%) OSCP
8 39 (8.97%) CISA
9 37 (8.51%) Security Cleared
10 25 (5.75%) ISTQB
11 22 (5.06%) SC Cleared
12 16 (3.68%) SSCP
13 15 (3.45%) ISEB
13 15 (3.45%) ISTQB Foundation Certification
14 11 (2.53%) CHECK Team Leader
14 11 (2.53%) CRISC
14 11 (2.53%) GIAC
15 10 (2.30%) Cisco Certification
16 9 (2.07%) GCIH
17 8 (1.84%) Tigerscheme
Quality Assurance & Compliance
1 88 (20.23%) ISO/IEC 27001
2 84 (19.31%) QA
3 59 (13.56%) PCI DSS
4 25 (5.75%) GDPR
5 22 (5.06%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
6 19 (4.37%) Cyber Essentials
7 11 (2.53%) COBIT
7 11 (2.53%) Cyber Essentials PLUS
8 10 (2.30%) HMG Security Policy Framework
9 9 (2.07%) SAS 70
10 4 (0.92%) ISO 9001
10 4 (0.92%) Sarbanes-Oxley
10 4 (0.92%) SSAE 16
11 3 (0.69%) Web Application Security Consortium
12 2 (0.46%) RMADS
13 1 (0.23%) Data Quality
13 1 (0.23%) GPG13
13 1 (0.23%) ISO 14001
13 1 (0.23%) ISO 9000
13 1 (0.23%) SLA
System Software
1 29 (6.67%) Active Directory
2 17 (3.91%) VMware Infrastructure
3 7 (1.61%) Docker
4 1 (0.23%) Apache Flume
4 1 (0.23%) Apache ZooKeeper
4 1 (0.23%) Gluster
4 1 (0.23%) GlusterFS
4 1 (0.23%) Hyper-V
4 1 (0.23%) iptables
4 1 (0.23%) KVM
4 1 (0.23%) Virtual Machines
4 1 (0.23%) XenDesktop
4 1 (0.23%) XenServer
Systems Management
1 19 (4.37%) Nessus
2 11 (2.53%) CSIRT
2 11 (2.53%) Nmap
3 10 (2.30%) Puppet
4 6 (1.38%) HP Quality Center
4 6 (1.38%) Opscode Chef
5 4 (0.92%) HP Fortify
5 4 (0.92%) WebInspect
6 3 (0.69%) Ansible
6 3 (0.69%) Grafana
6 3 (0.69%) Network Intrusion Detection System
6 3 (0.69%) ZABBIX
7 2 (0.46%) Nagios
8 1 (0.23%) Backup Exec
8 1 (0.23%) Host Intrusion Detection System
8 1 (0.23%) McAfee ePO
8 1 (0.23%) Microsoft Clustering
8 1 (0.23%) NetBackup
8 1 (0.23%) SCCM
8 1 (0.23%) SCOM
Vendors
1 41 (9.43%) Microsoft
2 31 (7.13%) Cisco
3 20 (4.60%) VMware
4 19 (4.37%) IBM
5 13 (2.99%) Apple
6 12 (2.76%) Oracle
7 9 (2.07%) SAP
7 9 (2.07%) Xamarin
8 8 (1.84%) Google
8 8 (1.84%) HP
8 8 (1.84%) Red Hat
9 6 (1.38%) CheckPoint
10 5 (1.15%) Qualys
10 5 (1.15%) Salesforce.com
10 5 (1.15%) Sophos
11 4 (0.92%) F5
12 3 (0.69%) MuleSoft
12 3 (0.69%) Splunk
13 2 (0.46%) Atlassian
13 2 (0.46%) Trustwave