Incident Response Contracts in the UK excluding London

Incident Response
UK > UK excluding London

The following table provides summary statistics for contract job vacancies advertised in the UK excluding London with a requirement for Incident Response skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited Incident Response over the 6 months to 28 April 2024 with a comparison to the same period in the previous 2 years.

6 months to
28 Apr 2024		 Same period 2023 Same period 2022
Rank 159 305 396
Rank change year-on-year +146 +91 -42
Contract jobs citing Incident Response 275 152 113
As % of all contract jobs advertised in the UK excluding London 1.33% 0.63% 0.37%
As % of the Processes & Methodologies category 1.57% 0.71% 0.41%
Number of daily rates quoted 195 115 94
10th Percentile £425 £260 £334
25th Percentile £438 £450 £458
Median daily rate (50th Percentile) £550 £550 £550
75th Percentile £675 £644 £670
90th Percentile £758 £700 £753
UK median daily rate £567 £575 £550
% change year-on-year -1.39% +4.55% -
Number of hourly rates quoted 5 0 5
10th Percentile - - £15.94
25th Percentile - - £16.41
Median hourly rate £40.00 - £16.82
75th Percentile - - £17.64
90th Percentile - - £19.06
UK median hourly rate £40.00 - £17.23
% change year-on-year - - -60.62%

All Process and Methodology Skills
UK excluding London

Incident Response is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies advertised in the UK excluding London with a requirement for process or methodology skills.

Contract vacancies with a requirement for process or methodology skills 17,514 21,548 27,506
As % of all contract IT jobs advertised in the UK excluding London 84.76% 89.51% 88.92%
Number of daily rates quoted 10,486 14,951 19,202
10th Percentile £248 £255 £231
25th Percentile £378 £400 £385
Median daily rate (50th Percentile) £500 £500 £475
Median % change year-on-year - +5.26% +9.20%
75th Percentile £600 £600 £575
90th Percentile £688 £688 £650
UK median daily rate £525 £550 £525
% change year-on-year -4.55% +4.76% +8.25%
Number of hourly rates quoted 2,030 1,307 1,367
10th Percentile £12.30 £11.00 £12.00
25th Percentile £15.18 £16.00 £14.00
Median hourly rate £36.05 £36.00 £20.00
Median % change year-on-year +0.13% +80.00% -8.51%
75th Percentile £60.00 £65.00 £45.48
90th Percentile £72.50 £72.98 £60.00
UK median hourly rate £35.00 £37.30 £25.00
% change year-on-year -6.17% +49.20% -

Incident Response
Job Vacancy Trend in the UK excluding London

Job postings citing Incident Response as a proportion of all IT jobs advertised in the UK excluding London.

Job vacancy trend for Incident Response in the UK excluding London

Incident Response
Contractor Daily Rate Trend in the UK excluding London

3-month moving average daily rate quoted in jobs citing Incident Response in the UK excluding London.

Daily rate trend for Incident Response in the UK excluding London

Incident Response
Daily Rate Histogram in the UK excluding London

Daily rate distribution for jobs citing Incident Response in the UK excluding London over the 6 months to 28 April 2024.

Daily rate histogram for Incident Response in the UK excluding London

Incident Response
Contractor Hourly Rate Trend in the UK excluding London

3-month moving average hourly rates quoted in jobs citing Incident Response in the UK excluding London.

Hourly rate trend for Incident Response in the UK excluding London

Incident Response
Contract Job Locations in the UK excluding London

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing Incident Response within the UK excluding London region over the 6 months to 28 April 2024. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year		 Matching
Contract
IT Job Ads		 Median
Daily Rate
Past 6 Months		 Median Daily Rate
% Change
on Same Period
Last Year		 Live
Jobs
South West +99 107 £575 -8.00% 28
South East +69 65 £482 -16.17% 64
North of England +28 49 £525 -4.55% 98
Midlands +40 42 £625 -3.85% 38
West Midlands +48 39 £630 -3.08% 27
Yorkshire +23 25 £582 +10.86% 23
East of England +5 25 £600 +26.98% 20
North West +20 24 £525 -7.49% 68
Scotland +34 13 £500 +11.11% 13
East Midlands +20 3 £567 -6.01% 11
Incident Response
UK

Incident Response
Co-occurring Skills and Capabilities in the UK excluding London by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 16 (5.82%) CMS
2 9 (3.27%) NetWeaver
3 2 (0.73%) nginx
4 1 (0.36%) Confluence
Applications
1 2 (0.73%) Microsoft Excel
2 1 (0.36%) Microsoft Project
Business Applications
1 9 (3.27%) SAP IBP
Cloud Services
1 38 (13.82%) Azure
2 22 (8.00%) Azure Sentinel
3 20 (7.27%) AWS
4 6 (2.18%) Entra ID
4 6 (2.18%) OpenShift
5 5 (1.82%) CloudFront
5 5 (1.82%) Virtual Private Cloud
6 4 (1.45%) Amazon CloudWatch
6 4 (1.45%) AWS CloudTrail
6 4 (1.45%) Azure Monitor
6 4 (1.45%) GCP
6 4 (1.45%) Microsoft Purview
7 3 (1.09%) Amazon GuardDuty
8 2 (0.73%) Amazon S3
8 2 (0.73%) Anthos
8 2 (0.73%) Datadog
8 2 (0.73%) Google Kubernetes Engine
8 2 (0.73%) Microsoft 365
8 2 (0.73%) Power Platform
8 2 (0.73%) Sumo Logic
Communications & Networking
1 26 (9.45%) Firewall
2 19 (6.91%) Network Security
3 10 (3.64%) DNS
4 7 (2.55%) TCP/IP
5 6 (2.18%) Intrusion Detection
5 6 (2.18%) VPN
6 4 (1.45%) Cisco Nexus
7 3 (1.09%) FTP
7 3 (1.09%) HTTP
7 3 (1.09%) SMTP
7 3 (1.09%) SSL
8 2 (0.73%) DHCP
8 2 (0.73%) LAN
8 2 (0.73%) Reverse Proxy
8 2 (0.73%) WAN
9 1 (0.36%) tcpdump
9 1 (0.36%) Wi-Fi
9 1 (0.36%) Wireshark
Database & Business Intelligence
1 9 (3.27%) SAP BW
1 9 (3.27%) SAP HANA
2 8 (2.91%) Elasticsearch
3 6 (2.18%) PostgreSQL
4 3 (1.09%) SQL Server
5 2 (0.73%) Power BI
6 1 (0.36%) Apache Hive
6 1 (0.36%) BigQuery
6 1 (0.36%) Data Hub
6 1 (0.36%) DB2
6 1 (0.36%) Enterprise Data Warehouse
6 1 (0.36%) Hadoop
6 1 (0.36%) MongoDB
6 1 (0.36%) Tableau
Development Applications
1 13 (4.73%) JIRA
2 1 (0.36%) GitLab
2 1 (0.36%) IDA Disassembler
2 1 (0.36%) Jenkins
General
1 86 (31.27%) Social Skills
2 30 (10.91%) Analytical Skills
3 25 (9.09%) Public Sector
4 16 (5.82%) Finance
5 12 (4.36%) Telecoms
6 9 (3.27%) Legal
7 8 (2.91%) Banking
7 8 (2.91%) Inclusion and Diversity
8 6 (2.18%) Retail
9 3 (1.09%) Manufacturing
10 2 (0.73%) Aerospace
10 2 (0.73%) Electronics
10 2 (0.73%) Games
10 2 (0.73%) Marketing
11 1 (0.36%) Aviation
11 1 (0.36%) Influencing Skills
11 1 (0.36%) Law
11 1 (0.36%) Military
11 1 (0.36%) Spanish Language
Job Titles
1 104 (37.82%) Analyst
2 64 (23.27%) SOC Analyst
3 27 (9.82%) Lead
4 25 (9.09%) Consultant
5 23 (8.36%) SOC Engineer
6 18 (6.55%) Security Engineer
7 17 (6.18%) Senior
8 15 (5.45%) Cyber Defence Analyst
9 14 (5.09%) Senior Analyst
10 12 (4.36%) Security Analyst
11 11 (4.00%) Security Specialist
12 10 (3.64%) Cloud Engineer
12 10 (3.64%) IT Security Specialist
12 10 (3.64%) Security Operations Specialist
13 9 (3.27%) Compliance Analyst
13 9 (3.27%) Data Analyst
13 9 (3.27%) Data Compliance Analyst
13 9 (3.27%) SAP Basis Consultant
13 9 (3.27%) SAP Consultant
13 9 (3.27%) SIEM Consultant
Libraries, Frameworks & Software Standards
1 9 (3.27%) SAP Basis
1 9 (3.27%) SAP Fiori
2 8 (2.91%) Kafka
3 5 (1.82%) OAuth
3 5 (1.82%) OAuth2
3 5 (1.82%) SAML
4 3 (1.09%) Elastic Stack
4 3 (1.09%) LDAP
5 1 (0.36%) OLE
Miscellaneous
1 81 (29.45%) Management Information System
2 76 (27.64%) Security Operations Centre
3 53 (19.27%) Cyber Kill Chain
4 52 (18.91%) Cyber Defence
4 52 (18.91%) Cyber Threat
5 39 (14.18%) CSOC
6 26 (9.45%) Security Posture
7 20 (7.27%) Cyberattack
8 16 (5.82%) Cloud Native
9 12 (4.36%) Distributed Denial-of-Service
10 9 (3.27%) Onboarding
11 7 (2.55%) Public Cloud
12 5 (1.82%) Analytical Mindset
12 5 (1.82%) CMDB
13 2 (0.73%) Insider Threat
14 1 (0.36%) Data Centre
14 1 (0.36%) Data Fabric
14 1 (0.36%) Operational Technology
14 1 (0.36%) Renewable Energy
14 1 (0.36%) YARA
Operating Systems
1 43 (15.64%) Linux
2 36 (13.09%) Windows
3 11 (4.00%) Unix
4 3 (1.09%) zOS
5 2 (0.73%) Windows Server
6 1 (0.36%) Mac OS X
Processes & Methodologies
1 159 (57.82%) Cybersecurity
2 135 (49.09%) SIEM
3 123 (44.73%) Security Operations
4 83 (30.18%) Use Case
5 71 (25.82%) Information Security
5 71 (25.82%) Threat Intelligence
6 70 (25.45%) Incident Management
7 62 (22.55%) MITRE ATT&CK
8 57 (20.73%) SOAR
9 55 (20.00%) Vulnerability Management
10 49 (17.82%) Cyber Threat Intelligence
11 48 (17.45%) Mentoring
12 47 (17.09%) Protective Monitoring
13 46 (16.73%) Root Cause Analysis
14 43 (15.64%) Analytics
15 41 (14.91%) Data Security
16 40 (14.55%) Case Management
17 36 (13.09%) Problem-Solving
18 34 (12.36%) Continuous Improvement
18 34 (12.36%) CRM
Programming Languages
1 15 (5.45%) Kusto Query Language
2 6 (2.18%) PowerShell
3 5 (1.82%) Python
4 4 (1.45%) Bash
5 3 (1.09%) Search Processing Language
5 3 (1.09%) SQL
6 2 (0.73%) Shell Script
7 1 (0.36%) Bicep
7 1 (0.36%) Go
7 1 (0.36%) JavaScript
Qualifications
1 139 (50.55%) Security Cleared
2 85 (30.91%) DV Cleared
3 41 (14.91%) SC Cleared
4 36 (13.09%) Degree
5 25 (9.09%) CISSP
5 25 (9.09%) SANS
6 17 (6.18%) CompTIA Security+
7 11 (4.00%) Computer Science Degree
8 9 (3.27%) Azure Certification
8 9 (3.27%) Cisco Certification
8 9 (3.27%) CISM
9 8 (2.91%) SAP Certification
10 7 (2.55%) CCNP
11 6 (2.18%) Microsoft Certification
12 5 (1.82%) AWS Certification
12 5 (1.82%) CEH
13 4 (1.45%) CCIE
13 4 (1.45%) CCNA
14 3 (1.09%) CCSA
14 3 (1.09%) CCSE
Quality Assurance & Compliance
1 55 (20.00%) NIST
2 38 (13.82%) NIST 800
3 24 (8.73%) GDPR
4 23 (8.36%) NCSC
5 20 (7.27%) ISO/IEC 27001
6 5 (1.82%) PCI DSS
7 3 (1.09%) GRC
7 3 (1.09%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
8 2 (0.73%) HIPAA
8 2 (0.73%) SLA
9 1 (0.36%) Cyber Essentials
9 1 (0.36%) Data Quality
9 1 (0.36%) Disclosure Scotland
9 1 (0.36%) SOC 2
System Software
1 7 (2.55%) Active Directory
1 7 (2.55%) Docker
2 4 (1.45%) VMware Infrastructure
3 2 (0.73%) XenApp
4 1 (0.36%) Snort
Systems Management
1 9 (3.27%) Kibana
1 9 (3.27%) Prometheus
2 8 (2.91%) Istio
2 8 (2.91%) Kubernetes
3 7 (2.55%) Grafana
4 6 (2.18%) Argo
5 4 (1.45%) Trend Micro Deep Security
6 3 (1.09%) Computer Emergency Response Teams
6 3 (1.09%) Nessus
6 3 (1.09%) Terraform
7 2 (0.73%) Kiali
7 2 (0.73%) logstash
7 2 (0.73%) Nagios
7 2 (0.73%) Network Intrusion Detection System
7 2 (0.73%) ZABBIX
8 1 (0.36%) Ansible
8 1 (0.36%) CASB
8 1 (0.36%) FortiGate
8 1 (0.36%) Puppet
8 1 (0.36%) Single Sign-On
Vendors
1 107 (38.91%) Microsoft
2 49 (17.82%) Splunk
3 32 (11.64%) LogRhythm
4 22 (8.00%) Qualys
5 20 (7.27%) Darktrace
5 20 (7.27%) Varonis
6 16 (5.82%) FireEye
6 16 (5.82%) Forcepoint
7 11 (4.00%) SAP
8 10 (3.64%) Cisco
9 7 (2.55%) Virgin Media
10 6 (2.18%) Rapid7
11 5 (1.82%) CheckPoint
12 4 (1.45%) Sophos
12 4 (1.45%) Symantec
12 4 (1.45%) VMware
13 3 (1.09%) CrowdStrike
13 3 (1.09%) F5
13 3 (1.09%) IronPort
13 3 (1.09%) Sage
410 Incident Response jobs Nationwide