Period
to 21 November 2017

The following table provides summary statistics for contract job vacancies with a requirement for CRISC qualifications. Included is a benchmarking guide to the contractor rates offered over the 6 months to 21 November 2017 with a comparison to the same period in the previous 2 years.

Note that daily and hourly rates are treated separately in these statistics. When calculating contractor rate percentiles, daily rates are never derived from quoted hourly rates or vice versa.

ISACA Certified in Risk and Information Systems Control (CRISC)
UK
6 months to
21 Nov 2017
Same period 2016 Same period 2015
Rank 785 781 800
Rank change year-on-year -4 +19 0
Contract jobs citing CRISC 92 100 88
As % of all contract IT jobs advertised in the UK 0.089% 0.095% 0.077%
As % of the Qualifications category 0.48% 0.46% 0.39%
Number of daily rates quoted 64 66 48
UK median daily rate £498 £550 £523
Median daily rate % change year-on-year -9.55% +5.26% +4.50%
10th Percentile £313 £356 £396
90th Percentile £575 £744 £1,100
UK excluding London median daily rate £550 £538 £500
% change year-on-year +2.33% +7.50% -
Number of hourly rates quoted 0 0 0
UK median hourly rate - - -
UK excluding London median hourly rate - - -

CRISC is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Contract vacancies requiring academic qualifications or professional certifications 19240 21636 22485
As % of all contract IT jobs advertised in the UK 18.66% 20.66% 19.80%
Number of daily rates quoted 11789 13485 13553
UK median daily rate £425 £413 £400
Median daily rate % change year-on-year +3.03% +3.13% +2.56%
10th Percentile £220 £243 £244
90th Percentile £600 £588 £575
UK excluding London median daily rate £400 £388 £385
% change year-on-year +3.23% +0.65% +5.48%
Number of hourly rates quoted 902 856 1079
UK median hourly rate £26.25 £26.00 £25.00
Median hourly rate % change year-on-year +0.96% +4.00% +31.58%
10th Percentile £12.00 £12.13 £11.96
90th Percentile £50.00 £49.19 £49.50
UK excluding London median hourly rate £27.50 £27.50 £25.00
% change year-on-year - +10.00% +31.58%

CRISC
Job Vacancy Trend

Job postings citing CRISC as a percentage of all IT jobs advertised.

Job vacancy trend for CRISC in the UK

CRISC
Contractor Daily Rate Trend

This chart provides the 3-month moving average for daily rates quoted in contract jobs citing CRISC.

Contractor daily rate trend for CRISC in the UK

CRISC
Contractor Daily Rate Histogram

The daily rate distribution of IT jobs citing CRISC over the 6 months to 21 November 2017.

Contractor daily rate histogram for CRISC in the UK

CRISC
Top 10 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing CRISC within the UK over the 6 months to 21 November 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Past 6 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +6 85 £498 -9.55% 19
London -21 51 £488 -23.53% 7
UK excluding London +12 41 £550 +2.33% 12
North of England +57 16 £550 -21.43% 6
South East -6 11 £375 -28.57% 3
Yorkshire +23 9 £550 -19.41% 4
North West +27 7 £600 -20.00%
Scotland -4 7 - -
East of England -8 5 £475 +2.70% 2
South West - 2 - -

For the 6 months to 21 November 2017, IT contractor jobs citing CRISC also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all contract ads with a requirement for CRISC.

1 81 (88.04%) CISSP
2 53 (57.61%) Information Security
3 52 (56.52%) CISM
4 44 (47.83%) Finance
5 43 (46.74%) CISA
6 35 (38.04%) Cybersecurity
7 33 (35.87%) ITIL
8 32 (34.78%) Risk Management
9 26 (28.26%) Penetration Testing
10 25 (27.17%) SIEM
11 24 (26.09%) Vulnerability Management
11 24 (26.09%) Degree
12 22 (23.91%) PRINCE2
13 21 (22.83%) Cyberthreat
14 20 (21.74%) Analytical Skills
15 18 (19.57%) Windows
15 18 (19.57%) Banking
15 18 (19.57%) Stakeholder Management
16 17 (18.48%) Management Information System
16 17 (18.48%) Firewall
16 17 (18.48%) CEH
16 17 (18.48%) Incident Management
16 17 (18.48%) ISO/IEC 27001
17 16 (17.39%) Linux
18 15 (16.30%) PKI
18 15 (16.30%) Security Testing
19 14 (15.22%) PCI DSS
20 12 (13.04%) Vulnerability Assessment
20 12 (13.04%) Intrusion Detection
20 12 (13.04%) Unix

CRISC
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 4 (4.35%) IIS
2 1 (1.09%) SharePoint
Applications
1 5 (5.43%) Microsoft Excel
2 2 (2.17%) Microsoft Office
3 1 (1.09%) Microsoft PowerPoint
3 1 (1.09%) MS Visio
Business Applications
1 2 (2.17%) SAP GRC
1 2 (2.17%) SAP S/4HANA
Cloud Services
1 4 (4.35%) Amazon AWS
1 4 (4.35%) Cloud Computing
2 3 (3.26%) Microsoft Azure
3 2 (2.17%) Google Cloud Platform
3 2 (2.17%) IaaS
3 2 (2.17%) PaaS
4 1 (1.09%) Amazon EC2
4 1 (1.09%) Amazon ELB
4 1 (1.09%) Amazon S3
4 1 (1.09%) AWS Lambda
4 1 (1.09%) SaaS
4 1 (1.09%) Serverless
4 1 (1.09%) Virtual Private Cloud
Communications & Networking
1 17 (18.48%) Firewall
2 12 (13.04%) Intrusion Detection
3 8 (8.70%) Reverse Proxy
4 4 (4.35%) NAS
4 4 (4.35%) SAN
5 2 (2.17%) DNS
5 2 (2.17%) Internet
5 2 (2.17%) TCP/IP
6 1 (1.09%) Network Security
Database & Business Intelligence
1 2 (2.17%) SAP HANA
General
1 44 (47.83%) Finance
2 18 (19.57%) Banking
3 7 (7.61%) Legal
4 4 (4.35%) Investment Banking
5 2 (2.17%) Telecoms
6 1 (1.09%) Law
6 1 (1.09%) Marketing
6 1 (1.09%) Retail Banking
Job Titles
1 35 (38.04%) Analyst
2 27 (29.35%) Security Analyst
3 19 (20.65%) Application Security Analyst
4 17 (18.48%) Consultant
5 15 (16.30%) Technical Analyst
5 15 (16.30%) Technical Security Analyst
6 14 (15.22%) IT Analyst
6 14 (15.22%) Security Specialist
7 10 (10.87%) IT Security Analyst
8 9 (9.78%) Security Consultant
9 8 (8.70%) Information Security Specialist
9 8 (8.70%) Information Specialist
9 8 (8.70%) Risk Analyst
10 7 (7.61%) Information Security Consultant
11 6 (6.52%) Risk Consultant
12 5 (5.43%) IT Security Specialist
12 5 (5.43%) Risk Manager
13 4 (4.35%) Information Manager
13 4 (4.35%) Information Security Manager
13 4 (4.35%) Security Manager
Libraries, Frameworks & Software Standards
1 3 (3.26%) Web Services
2 2 (2.17%) Middleware
Miscellaneous
1 21 (22.83%) Cyberthreat
2 20 (21.74%) Analytical Skills
3 17 (18.48%) Management Information System
4 15 (16.30%) PKI
5 8 (8.70%) Distributed Denial-of-Service
5 8 (8.70%) Linux Command Line
6 5 (5.43%) Data Centre
7 4 (4.35%) Cyber Attack
8 3 (3.26%) Mainframe
8 3 (3.26%) Public Cloud
8 3 (3.26%) Virtual Team
9 2 (2.17%) CESG
9 2 (2.17%) Client/Server
9 2 (2.17%) Computer Science
9 2 (2.17%) Private Cloud
9 2 (2.17%) Smart Energy
10 1 (1.09%) Credit Risk
10 1 (1.09%) FMCG
10 1 (1.09%) Market Risk
10 1 (1.09%) Smartphone
Operating Systems
1 18 (19.57%) Windows
2 16 (17.39%) Linux
3 12 (13.04%) Unix
4 4 (4.35%) HPUX
4 4 (4.35%) Red Hat Enterprise Linux
4 4 (4.35%) Windows 7
5 2 (2.17%) Solaris
5 2 (2.17%) Windows NT
Processes & Methodologies
1 53 (57.61%) Information Security
2 35 (38.04%) Cybersecurity
3 33 (35.87%) ITIL
4 32 (34.78%) Risk Management
5 26 (28.26%) Penetration Testing
6 25 (27.17%) SIEM
7 24 (26.09%) Vulnerability Management
8 22 (23.91%) PRINCE2
9 18 (19.57%) Stakeholder Management
10 17 (18.48%) Incident Management
11 15 (16.30%) Security Testing
12 12 (13.04%) Vulnerability Assessment
13 11 (11.96%) Project Management
14 10 (10.87%) Continuous Improvement
14 10 (10.87%) Identity Access Management
14 10 (10.87%) IT Audit
15 9 (9.78%) SDLC
16 8 (8.70%) Analytics
16 8 (8.70%) Information Governance
16 8 (8.70%) Secure Coding
Qualifications
1 81 (88.04%) CISSP
2 52 (56.52%) CISM
3 43 (46.74%) CISA
4 24 (26.09%) Degree
5 17 (18.48%) CEH
6 12 (13.04%) SSCP
7 11 (11.96%) CASP
7 11 (11.96%) CGEIT
7 11 (11.96%) MCSE
7 11 (11.96%) Microsoft Certification
8 8 (8.70%) ISACA
9 7 (7.61%) ISO 27001 Lead Implementer
10 5 (5.43%) ISO 27001 Lead Auditor
11 4 (4.35%) Cisco Certification
11 4 (4.35%) IISP
12 3 (3.26%) (ISC)2 CCSP
13 2 (2.17%) CCSP
13 2 (2.17%) ISEB
13 2 (2.17%) ISEB Practitioner
14 1 (1.09%) GIAC
Quality Assurance & Compliance
1 17 (18.48%) ISO/IEC 27001
2 14 (15.22%) PCI DSS
3 12 (13.04%) COBIT
4 11 (11.96%) Sarbanes-Oxley
5 6 (6.52%) GDPR
6 5 (5.43%) COSO
7 4 (4.35%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
8 2 (2.17%) QA
8 2 (2.17%) SLA
9 1 (1.09%) Cyber Essentials
System Software
1 4 (4.35%) vSphere
2 2 (2.17%) Active Directory
3 1 (1.09%) Docker
3 1 (1.09%) IAG
Systems Management
1 3 (3.26%) RSA Archer
2 2 (2.17%) Host Intrusion Detection System
2 2 (2.17%) Nexpose
3 1 (1.09%) Terraform
Vendors
1 8 (8.70%) Citrix
1 8 (8.70%) Symantec
2 6 (6.52%) Microsoft
3 4 (4.35%) BeyondTrust
3 4 (4.35%) CheckPoint
3 4 (4.35%) Cisco
3 4 (4.35%) Forcepoint
3 4 (4.35%) HP
3 4 (4.35%) LogRhythm
3 4 (4.35%) McAfee
3 4 (4.35%) NetApp
3 4 (4.35%) Oracle
3 4 (4.35%) Red Hat
3 4 (4.35%) Tripwire
3 4 (4.35%) VMware
4 3 (3.26%) SAP
5 2 (2.17%) CyberArk
5 2 (2.17%) Google
5 2 (2.17%) Imperva
5 2 (2.17%) Varonis