Incident Response Jobs

Incident Response
UK

The following table provides summary statistics for permanent job vacancies with a requirement for Incident Response skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited Incident Response over the 6 months to 28 May 2024 with a comparison to the same period in the previous 2 years.

6 months to
28 May 2024		 Same period 2023 Same period 2022
Rank 299 369 441
Rank change year-on-year +70 +72 -1
Permanent jobs citing Incident Response 984 864 1,364
As % of all permanent jobs advertised in the UK 0.96% 0.89% 0.82%
As % of the Processes & Methodologies category 1.14% 0.93% 0.85%
Number of salaries quoted 740 592 845
10th Percentile £42,500 £38,750 £38,750
25th Percentile £50,000 £47,125 £48,000
Median annual salary (50th Percentile) £65,000 £63,800 £62,500
Median % change year-on-year +1.88% +2.08% +4.17%
75th Percentile £80,000 £77,500 £80,000
90th Percentile £97,500 £92,500 £92,500
UK excluding London median annual salary £55,000 £52,500 £52,500
% change year-on-year +4.76% - -

All Process and Methodology Skills
UK

Incident Response is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

Permanent vacancies with a requirement for process or methodology skills 86,445 93,025 160,114
As % of all permanent jobs advertised in the UK 84.24% 95.56% 95.90%
Number of salaries quoted 60,550 54,985 83,280
10th Percentile £29,250 £34,000 £33,500
25th Percentile £40,000 £45,000 £43,750
Median annual salary (50th Percentile) £55,000 £61,000 £60,000
Median % change year-on-year -9.84% +1.67% +9.09%
75th Percentile £72,500 £81,250 £80,000
90th Percentile £92,500 £100,000 £96,250
UK excluding London median annual salary £50,000 £55,000 £52,500
% change year-on-year -9.09% +4.76% +9.38%

Incident Response
Job Vacancy Trend

Job postings citing Incident Response as a proportion of all IT jobs advertised.

Job vacancy trend for Incident Response in the UK

Incident Response
Salary Trend

3-month moving average salary quoted in jobs citing Incident Response.

Salary trend for Incident Response in the UK

Incident Response
Salary Histogram

Salary distribution for jobs citing Incident Response over the 6 months to 28 May 2024.

Salary histogram for Incident Response in the UK

Incident Response
Top 19 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing Incident Response within the UK over the 6 months to 28 May 2024. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Permanent
IT Job Ads		 Median Salary
Past 6 Months		 Median Salary
% Change
on Same Period
Last Year		 Live
Jobs
England +100 871 £65,000 - 221
UK excluding London +85 617 £55,000 +4.76% 155
Work from Home +7 327 £70,000 +16.67% 112
London +93 320 £76,250 +6.64% 74
North of England +153 210 £52,084 -13.19% 56
North West +88 135 £52,084 -11.35% 27
Midlands +9 123 £60,720 +21.44% 24
South East -16 118 £60,000 +9.09% 32
West Midlands +30 91 £60,000 +9.09% 15
South West +26 78 £50,000 - 18
Yorkshire +115 65 £60,000 -4.00% 25
Scotland -45 48 £63,750 +27.50% 16
East Midlands -26 31 £65,000 +36.84% 9
Wales -6 15 £60,000 +9.09% 1
East of England -8 13 £50,000 +11.11% 8
North East +1 10 £60,000 -11.11% 4
Isle of Man -11 8 £46,500 +3.33% 1
Northern Ireland +12 3 £50,000 +8.70%
Channel Islands - 1 £100,000 -

Incident Response
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 17 (1.73%) Microsoft Exchange
2 12 (1.22%) SharePoint
3 8 (0.81%) IIS
4 7 (0.71%) Apache
5 1 (0.10%) CMS
5 1 (0.10%) Confluence
5 1 (0.10%) Moodle
5 1 (0.10%) nginx
5 1 (0.10%) WordPress
Applications
1 39 (3.96%) Microsoft Office
2 25 (2.54%) Microsoft Excel
3 24 (2.44%) Microsoft PowerPoint
4 1 (0.10%) Microsoft Project
4 1 (0.10%) MS Visio
Business Applications
1 6 (0.61%) Dynamics CRM
2 1 (0.10%) Payment Gateway
2 1 (0.10%) SAP S/4HANA
Cloud Services
1 266 (27.03%) Azure
2 146 (14.84%) Microsoft 365
3 143 (14.53%) AWS
4 65 (6.61%) SaaS
5 40 (4.07%) Azure Sentinel
6 35 (3.56%) GCP
7 27 (2.74%) Entra ID
8 21 (2.13%) Amazon CloudWatch
9 20 (2.03%) PaaS
10 18 (1.83%) Amazon S3
10 18 (1.83%) Cloud Computing
10 18 (1.83%) IaaS
10 18 (1.83%) Serverless
11 17 (1.73%) Amazon GuardDuty
11 17 (1.73%) AWS CloudTrail
12 15 (1.52%) AWS CloudFormation
13 14 (1.42%) Power Platform
14 13 (1.32%) Amazon EC2
15 12 (1.22%) AWS Lambda
15 12 (1.22%) Virtual Private Cloud
Communications & Networking
1 245 (24.90%) Firewall
2 90 (9.15%) Intrusion Detection
3 61 (6.20%) Network Security
4 41 (4.17%) TCP/IP
5 34 (3.46%) VPN
6 29 (2.95%) Internet
7 23 (2.34%) LAN
7 23 (2.34%) WAN
8 20 (2.03%) DNS
9 15 (1.52%) Wireshark
10 11 (1.12%) SAN
11 8 (0.81%) DHCP
11 8 (0.81%) SSL
12 7 (0.71%) HTTP
12 7 (0.71%) SMTP
13 5 (0.51%) VLAN
13 5 (0.51%) VoIP
14 4 (0.41%) NetScaler
14 4 (0.41%) Wireless
15 3 (0.30%) Broadband
Database & Business Intelligence
1 35 (3.56%) SQL Server
2 22 (2.24%) MySQL
3 16 (1.63%) RDBMS
3 16 (1.63%) Relational Database
4 13 (1.32%) Amazon RDS
4 13 (1.32%) MongoDB
5 12 (1.22%) BigQuery
5 12 (1.22%) Data Hub
5 12 (1.22%) DB2
5 12 (1.22%) Enterprise Data Warehouse
6 7 (0.71%) Power BI
7 6 (0.61%) Azure SQL Database
7 6 (0.61%) SQL Server Reporting Services
8 4 (0.41%) PostgreSQL
9 2 (0.20%) Metabase
9 2 (0.20%) Oracle Database
9 2 (0.20%) Redis
10 1 (0.10%) Hadoop
10 1 (0.10%) MariaDB
Development Applications
1 6 (0.61%) Git
1 6 (0.61%) Visual Studio
2 5 (0.51%) Burp Suite
2 5 (0.51%) Metasploit
3 3 (0.30%) Jenkins
3 3 (0.30%) sqlmap
4 2 (0.20%) GitLab
4 2 (0.20%) JIRA
4 2 (0.20%) Snyk
5 1 (0.10%) Bitbucket
General
1 307 (31.20%) Social Skills
2 211 (21.44%) Finance
3 147 (14.94%) Analytical Skills
4 76 (7.72%) Legal
5 70 (7.11%) Law
6 43 (4.37%) Manufacturing
6 43 (4.37%) Military
7 42 (4.27%) Banking
8 37 (3.76%) Public Sector
9 28 (2.85%) Marketing
10 24 (2.44%) Inclusion and Diversity
11 21 (2.13%) Games
12 20 (2.03%) Documentation Skills
13 17 (1.73%) Financial Institution
14 16 (1.63%) Presentation Skills
14 16 (1.63%) Retail
15 14 (1.42%) Spanish Language
16 13 (1.32%) Influencing Skills
17 9 (0.91%) French Language
18 8 (0.81%) Pharmaceutical
Job Titles
1 282 (28.66%) Analyst
2 163 (16.57%) Security Analyst
3 142 (14.43%) Senior
4 100 (10.16%) Lead
5 94 (9.55%) Cybersecurity Analyst
6 92 (9.35%) Security Engineer
7 83 (8.43%) Senior Analyst
8 67 (6.81%) Security Manager
9 56 (5.69%) SOC Analyst
10 51 (5.18%) Consultant
11 50 (5.08%) Senior Security Analyst
12 46 (4.67%) Architect
12 46 (4.67%) IT Analyst
13 43 (4.37%) Security Consultant
14 40 (4.07%) IT Security Analyst
15 39 (3.96%) Security Architect
16 35 (3.56%) Incident Manager
17 33 (3.35%) Security Specialist
18 32 (3.25%) Cybersecurity Consultant
18 32 (3.25%) Service Manager
Libraries, Frameworks & Software Standards
1 15 (1.52%) .NET
2 11 (1.12%) Web Services
3 8 (0.81%) Laravel
4 7 (0.71%) XML
5 6 (0.61%) .NET Framework
6 5 (0.51%) ARM Templates
6 5 (0.51%) Node.js
6 5 (0.51%) YAML
7 4 (0.41%) EDI
7 4 (0.41%) Kafka
8 3 (0.30%) HTML
8 3 (0.30%) Sass
8 3 (0.30%) web3js
9 2 (0.20%) CSS
9 2 (0.20%) D3.js
9 2 (0.20%) Elastic Stack
9 2 (0.20%) React
9 2 (0.20%) Vue
10 1 (0.10%) SOAP
10 1 (0.10%) XSLT
Miscellaneous
1 169 (17.17%) Cyber Threat
2 153 (15.55%) Management Information System
3 100 (10.16%) Security Posture
4 99 (10.06%) Cyberattack
5 88 (8.94%) Security Operations Centre
6 60 (6.10%) Operational Technology
7 47 (4.78%) Cyber Kill Chain
8 33 (3.35%) Industrial Internet of Things
9 28 (2.85%) Cyber Defence
10 27 (2.74%) Public Cloud
11 25 (2.54%) Driving Licence
12 22 (2.24%) Analytical Mindset
13 20 (2.03%) Data Centre
14 19 (1.93%) Client/Server
15 16 (1.63%) SCADA
16 12 (1.22%) Cloud Security Posture
16 12 (1.22%) Data Fabric
17 11 (1.12%) Data Protection Act
18 10 (1.02%) Cloud Native
19 9 (0.91%) Onboarding
Operating Systems
1 198 (20.12%) Windows
2 121 (12.30%) Linux
3 59 (6.00%) Unix
4 40 (4.07%) Windows Server
5 18 (1.83%) Mac OS X
6 16 (1.63%) zOS
7 10 (1.02%) Kali Linux
8 8 (0.81%) Ubuntu
9 5 (0.51%) Windows 10
10 4 (0.41%) CentOS
10 4 (0.41%) Solaris
10 4 (0.41%) Windows Server 2012
10 4 (0.41%) Windows Server 2016
11 3 (0.30%) Mac OS
11 3 (0.30%) Windows XP
12 2 (0.20%) Apple iOS
12 2 (0.20%) Windows 7
13 1 (0.10%) AIX
13 1 (0.10%) Android
Processes & Methodologies
1 662 (67.28%) Cybersecurity
2 297 (30.18%) Security Operations
3 290 (29.47%) Information Security
4 270 (27.44%) SIEM
5 190 (19.31%) Problem-Solving
6 187 (19.00%) Incident Management
7 172 (17.48%) Threat Intelligence
8 167 (16.97%) Cyber Threat Intelligence
8 167 (16.97%) Risk Management
9 149 (15.14%) Vulnerability Management
10 106 (10.77%) Computer Science
11 103 (10.47%) Penetration Testing
12 96 (9.76%) Cloud Security
13 95 (9.65%) Disaster Recovery
14 86 (8.74%) Change Management
15 85 (8.64%) ITIL
16 84 (8.54%) Security Architecture
17 80 (8.13%) Service Delivery
18 78 (7.93%) Vulnerability Assessment
19 76 (7.72%) Security Management
Programming Languages
1 74 (7.52%) PowerShell
2 68 (6.91%) Python
3 27 (2.74%) SQL
4 23 (2.34%) Bash
5 13 (1.32%) Java
6 11 (1.12%) C#
7 10 (1.02%) PHP
8 8 (0.81%) JavaScript
8 8 (0.81%) Kusto Query Language
8 8 (0.81%) Rust
9 6 (0.61%) T-SQL
10 5 (0.51%) Bicep
10 5 (0.51%) C++
11 3 (0.30%) Go
12 2 (0.20%) Lisp
12 2 (0.20%) Shell Script
13 1 (0.10%) Perl
13 1 (0.10%) Ruby
13 1 (0.10%) TypeScript
Qualifications
1 266 (27.03%) CISSP
2 260 (26.42%) Degree
3 156 (15.85%) CISM
4 104 (10.57%) Security Cleared
5 60 (6.10%) Cisco Certification
6 54 (5.49%) CEH
6 54 (5.49%) Computer Science Degree
6 54 (5.49%) SC Cleared
7 47 (4.78%) CISA
7 47 (4.78%) CompTIA Security+
8 45 (4.57%) GIAC
9 41 (4.17%) (ISC)2 CCSP
10 37 (3.76%) CCSP
11 33 (3.35%) Master's Degree
12 30 (3.05%) AWS Certification
13 26 (2.64%) GCIH
14 25 (2.54%) CREST Certified
14 25 (2.54%) OSCP
15 22 (2.24%) GCIA
16 19 (1.93%) CRISC
Quality Assurance & Compliance
1 242 (24.59%) ISO/IEC 27001
2 157 (15.96%) NIST
3 80 (8.13%) Cyber Essentials
4 76 (7.72%) GDPR
5 66 (6.71%) PCI DSS
6 41 (4.17%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
7 35 (3.56%) NCSC
8 33 (3.35%) GRC
9 28 (2.85%) ISO 9001
10 25 (2.54%) ISO/IEC 17025
11 20 (2.03%) JSP 440
12 17 (1.73%) Cyber Essentials PLUS
13 12 (1.22%) COBIT
14 11 (1.12%) SLA
15 8 (0.81%) Accessibility
15 8 (0.81%) NIST 800
15 8 (0.81%) Sarbanes-Oxley
15 8 (0.81%) SOC 2
16 7 (0.71%) HIPAA
16 7 (0.71%) QA
System Software
1 76 (7.72%) Active Directory
2 27 (2.74%) VMware Infrastructure
3 13 (1.32%) Hyper-V
4 9 (0.91%) Docker
4 9 (0.91%) Virtual Machines
5 7 (0.71%) Virtual Desktop
6 5 (0.51%) VMware NSX
7 4 (0.41%) Terminal Services
8 2 (0.20%) Virtual Servers
8 2 (0.20%) VMware ESXi
9 1 (0.10%) XenApp
Systems Management
1 25 (2.54%) QRadar
1 25 (2.54%) Terraform
2 23 (2.34%) EnCase
3 16 (1.63%) CSIRT
3 16 (1.63%) Microsoft Intune
4 14 (1.42%) Kubernetes
5 9 (0.91%) Single Sign-On
6 8 (0.81%) SCCM
7 7 (0.71%) Ansible
8 5 (0.51%) Prometheus
8 5 (0.51%) Suricata
9 4 (0.41%) Cacti
9 4 (0.41%) CASB
9 4 (0.41%) Computer Emergency Response Teams
9 4 (0.41%) Grafana
10 3 (0.30%) Nessus
10 3 (0.30%) Nmap
10 3 (0.30%) SELinux
11 2 (0.20%) Active Directory Federation Services
11 2 (0.20%) Host Intrusion Detection System
Vendors
1 288 (29.27%) Microsoft
2 55 (5.59%) VMware
3 40 (4.07%) Splunk
4 37 (3.76%) Dell
5 33 (3.35%) Oracle
6 31 (3.15%) Qualys
7 29 (2.95%) Cisco
8 24 (2.44%) CrowdStrike
9 20 (2.03%) IBM
10 16 (1.63%) Google
11 14 (1.42%) Darktrace
12 13 (1.32%) Databricks
12 13 (1.32%) ServiceNow
13 12 (1.22%) Citrix
13 12 (1.22%) F5
14 10 (1.02%) BT
15 9 (0.91%) CyberArk
15 9 (0.91%) Datto
15 9 (0.91%) Juniper
15 9 (0.91%) Sun
265 Incident Response jobs Nationwide