Period
to 17 February 2020

The following table provides summary statistics for contract job vacancies with a requirement for ISO/IEC 27001 skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited ISO/IEC 27001 over the 6 months to 17 February 2020 with a comparison to the same period in the previous 2 years.

Note that daily and hourly rates are treated separately in these statistics. When calculating contractor rate percentiles, daily rates are never derived from quoted hourly rates or vice versa.

ISO/IEC 27001
UK
6 months to
17 Feb 2020
Same period 2019 Same period 2018
Rank 300 346 273
Rank change year-on-year +46 -73 +109
Contract jobs citing ISO/IEC 27001 565 716 955
As % of all contract IT jobs advertised in the UK 0.82% 0.73% 0.95%
As % of the Quality Assurance & Compliance category 8.17% 6.74% 7.36%
Number of daily rates quoted 385 457 564
UK median daily rate £500 £525 £475
Median daily rate % change year-on-year -4.76% +10.53% +5.56%
10th Percentile £325 £350 £310
90th Percentile £700 £725 £675
UK excluding London median daily rate £475 £500 £450
% change year-on-year -5.00% +11.11% -
Number of hourly rates quoted 2 4 10
UK median hourly rate £31.08 £35.00 £50.00
Median hourly rate % change year-on-year -11.20% -30.00% +33.33%
10th Percentile £19.34 £35.00 £20.95
90th Percentile £44.51 £62.13 £58.00
UK excluding London median hourly rate £17.16 £35.00 £48.75
% change year-on-year -50.97% -28.21% +30.00%

ISO/IEC 27001 is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Contract vacancies with a requirement for quality assurance or compliance skills 6,916 10,626 12,970
As % of all contract IT jobs advertised in the UK 10.09% 10.88% 12.89%
Number of daily rates quoted 4,235 6,645 8,470
UK median daily rate £450 £450 £441
Median daily rate % change year-on-year - +1.98% +3.82%
10th Percentile £225 £256 £256
90th Percentile £627 £638 £638
UK excluding London median daily rate £424 £425 £400
% change year-on-year -0.24% +6.25% -
Number of hourly rates quoted 297 371 359
UK median hourly rate £24.00 £20.60 £21.50
Median hourly rate % change year-on-year +16.50% -4.19% -
10th Percentile £12.93 £11.00 £11.95
90th Percentile £53.30 £47.50 £57.50
UK excluding London median hourly rate £23.68 £20.25 £23.42
% change year-on-year +16.94% -13.57% +4.33%

ISO/IEC 27001
Job Vacancy Trend

Job postings citing ISO/IEC 27001 as a percentage of all IT jobs advertised.

Job vacancy trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Contractor Daily Rate Trend

This chart provides the 3-month moving average for daily rates quoted in contract jobs citing ISO/IEC 27001.

Contractor daily rate trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Contractor Daily Rate Histogram

The daily rate distribution of IT jobs citing ISO/IEC 27001 over the 6 months to 17 February 2020.

Contractor daily rate histogram for ISO/IEC 27001 in the UK

ISO/IEC 27001
Contractor Hourly Rate Trend

This chart provides the 3-month moving average for contractor hourly rates quoted in IT jobs citing ISO/IEC 27001.

Contractor hourly rate trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Contractor Hourly Rate Histogram

The hourly rate distribution of IT jobs citing ISO/IEC 27001 over the 6 months to 17 February 2020.

Contractor hourly rate histogram for ISO/IEC 27001 in the UK

ISO/IEC 27001
Top 16 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing ISO/IEC 27001 within the UK over the 6 months to 17 February 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Past 6 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +45 483 £500 -4.76% 379
UK excluding London +54 374 £475 -5.00% 318
London +32 173 £525 -8.70% 85
South East +26 106 £484 -3.25% 73
North of England +32 64 £500 - 87
Scotland +47 57 £475 +8.57% 7
South West +40 55 £463 +2.78% 41
Midlands +61 49 £500 -6.98% 54
North West +25 34 £500 - 44
West Midlands +49 33 £538 -10.42% 38
East of England +40 33 £375 -9.09% 39
Yorkshire +36 23 £488 +8.33% 42
East Midlands +42 15 £450 +16.05% 16
Wales +26 9 £600 +26.32% 16
North East +13 6 £450 +5.88% 1
Northern Ireland +4 1 £140 -67.06% 1

For the 6 months to 17 February 2020, IT contractor jobs citing ISO/IEC 27001 also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all contract job ads with a requirement for ISO/IEC 27001.

1 318 (56.28%) Information Security
2 195 (34.51%) CISSP
3 143 (25.31%) NIST
4 140 (24.78%) CISM
5 132 (23.36%) Risk Management
6 131 (23.19%) Cybersecurity
7 119 (21.06%) PCI DSS
8 106 (18.76%) ITIL
9 98 (17.35%) AWS
10 97 (17.17%) Firewall
10 97 (17.17%) Finance
11 94 (16.64%) Azure
12 90 (15.93%) GDPR
13 89 (15.75%) Security Management
14 84 (14.87%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
15 80 (14.16%) Security Architecture
15 80 (14.16%) Management Information System
15 80 (14.16%) Security Cleared
16 74 (13.10%) Windows
17 69 (12.21%) ISMS
18 68 (12.04%) Microsoft
19 67 (11.86%) SIEM
20 64 (11.33%) Information Security Management
20 64 (11.33%) Stakeholder Management
21 63 (11.15%) CISA
22 61 (10.80%) Active Directory
22 61 (10.80%) Network Security
22 61 (10.80%) Public Sector
23 55 (9.73%) Linux
24 52 (9.20%) Data Protection

ISO/IEC 27001
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 23 (4.07%) SharePoint
2 12 (2.12%) IIS
3 11 (1.95%) MS Exchange
4 5 (0.88%) OpenStack
4 5 (0.88%) Skype for Business
5 4 (0.71%) Apache
5 4 (0.71%) Confluence
6 3 (0.53%) Exchange Server 2010
6 3 (0.53%) Exchange Server 2013
7 2 (0.35%) ColdFusion
7 2 (0.35%) nginx
8 1 (0.18%) Apache Spark
8 1 (0.18%) Commerce Server
8 1 (0.18%) SharePoint 2010
8 1 (0.18%) SharePoint 2013
Applications
1 18 (3.19%) Microsoft Office
2 4 (0.71%) Microsoft Excel
3 3 (0.53%) Microsoft PowerPoint
3 3 (0.53%) Microsoft Project
4 2 (0.35%) MS Visio
5 1 (0.18%) AutoCAD
5 1 (0.18%) Spreadsheet
Business Applications
1 3 (0.53%) Carpe Diem
1 3 (0.53%) Dynamics CRM
1 3 (0.53%) Elite 3E
2 2 (0.35%) Dynamics GP
2 2 (0.35%) FLEXCUBE
3 1 (0.18%) Dynamics NAV
Cloud Services
1 98 (17.35%) AWS
2 94 (16.64%) Azure
3 43 (7.61%) SaaS
4 41 (7.26%) Office 365
5 25 (4.42%) PaaS
6 20 (3.54%) IaaS
7 17 (3.01%) GCP
8 8 (1.42%) AWS CloudFormation
8 8 (1.42%) GitHub
9 7 (1.24%) Mimecast
10 6 (1.06%) Azure Active Directory
10 6 (1.06%) Cloud Computing
11 4 (0.71%) Akamai
11 4 (0.71%) Azure ExpressRoute
11 4 (0.71%) Serverless
12 3 (0.53%) Amazon EC2
12 3 (0.53%) Amazon S3
13 2 (0.35%) Amazon ECS
13 2 (0.35%) AWS CloudTrail
13 2 (0.35%) Route 53
Communications & Networking
1 97 (17.17%) Firewall
2 61 (10.80%) Network Security
3 31 (5.49%) VPN
4 25 (4.42%) Intrusion Detection
4 25 (4.42%) TCP/IP
5 22 (3.89%) Internet
5 22 (3.89%) WAN
6 18 (3.19%) DNS
7 14 (2.48%) LAN
7 14 (2.48%) VLAN
8 12 (2.12%) MPLS
8 12 (2.12%) Wireless
8 12 (2.12%) X.509
9 11 (1.95%) HTTP
10 10 (1.77%) OSPF
11 9 (1.59%) SAN
11 9 (1.59%) SMTP
11 9 (1.59%) VoIP
12 7 (1.24%) Cisco Firepower
12 7 (1.24%) Cisco IOS
Database & Business Intelligence
1 19 (3.36%) SQL Server
2 4 (0.71%) Relational Database
3 3 (0.53%) Azure SQL Data Warehouse
3 3 (0.53%) Azure SQL Database
3 3 (0.53%) Data Warehouse
4 2 (0.35%) Big Data
4 2 (0.35%) Oracle Database
4 2 (0.35%) RDBMS
4 2 (0.35%) SQL Server Reporting Services
5 1 (0.18%) Amazon RDS
5 1 (0.18%) Apache Hive
5 1 (0.18%) Hadoop
5 1 (0.18%) HBase
5 1 (0.18%) MySQL
5 1 (0.18%) Power BI
5 1 (0.18%) Sqoop
Development Applications
1 11 (1.95%) Burp Suite
1 11 (1.95%) Jenkins
2 6 (1.06%) JIRA
3 2 (0.35%) Bitbucket
3 2 (0.35%) GitLab
3 2 (0.35%) Metasploit
4 1 (0.18%) git-flow
4 1 (0.18%) Selenium
General
1 97 (17.17%) Finance
2 61 (10.80%) Public Sector
3 46 (8.14%) Legal
4 26 (4.60%) Banking
5 25 (4.42%) Retail
5 25 (4.42%) Telecoms
6 15 (2.65%) Manufacturing
7 10 (1.77%) Law
8 9 (1.59%) Police
9 8 (1.42%) Electronics
9 8 (1.42%) Marketing
10 4 (0.71%) Local Government
11 3 (0.53%) Aerospace
11 3 (0.53%) Automotive
12 2 (0.35%) French Language
12 2 (0.35%) Military
13 1 (0.18%) Czech Language
13 1 (0.18%) Front Office
13 1 (0.18%) Investment Banking
13 1 (0.18%) Russian Language
Job Titles
1 96 (16.99%) Analyst
2 88 (15.58%) Architect
3 85 (15.04%) Consultant
4 73 (12.92%) Security Architect
5 68 (12.04%) Security Consultant
6 61 (10.80%) Security Analyst
7 55 (9.73%) Security Manager
8 42 (7.43%) Information Manager
9 39 (6.90%) Security Engineer
10 30 (5.31%) Information Security Manager
11 29 (5.13%) Information Security Consultant
12 25 (4.42%) Information Analyst
12 25 (4.42%) Security Officer
13 24 (4.25%) Head of Security
13 24 (4.25%) Information Security Analyst
14 23 (4.07%) Information Security Officer
15 21 (3.72%) Information Officer
16 19 (3.36%) Cloud Architect
17 18 (3.19%) Cloud Engineer
18 17 (3.01%) Project Manager
Libraries, Frameworks & Software Standards
1 21 (3.72%) Web Services
2 11 (1.95%) SAML
3 8 (1.42%) JSON
4 3 (0.53%) Elastic Stack
4 3 (0.53%) J2EE
4 3 (0.53%) Node.js
4 3 (0.53%) OAuth
4 3 (0.53%) REST
5 2 (0.35%) .NET
5 2 (0.35%) EJB
5 2 (0.35%) LDAP
5 2 (0.35%) OAuth2
5 2 (0.35%) OpenID
5 2 (0.35%) YAML
6 1 (0.18%) .NET Framework
6 1 (0.18%) OLE
6 1 (0.18%) SailPoint
6 1 (0.18%) Spring
Miscellaneous
1 80 (14.16%) Management Information System
2 38 (6.73%) Data Centre
3 36 (6.37%) Analytical Skills
4 19 (3.36%) PKI
5 16 (2.83%) CESG
6 13 (2.30%) Cyberthreat
7 11 (1.95%) Self-Motivation
8 9 (1.59%) Data Protection Act
8 9 (1.59%) Public Cloud
9 8 (1.42%) Distributed Denial-of-Service
10 7 (1.24%) Cyber Defence
10 7 (1.24%) Enterprise Cloud
10 7 (1.24%) Hybrid Cloud
10 7 (1.24%) Virtual Team
11 6 (1.06%) Clustering
11 6 (1.06%) Security Operations Centre
11 6 (1.06%) Smartphone
12 5 (0.88%) Cloud Native
12 5 (0.88%) Linux Command Line
12 5 (0.88%) Video Conferencing
Operating Systems
1 74 (13.10%) Windows
2 55 (9.73%) Linux
3 23 (4.07%) Windows Server
4 14 (2.48%) Red Hat Enterprise Linux
5 11 (1.95%) Unix
5 11 (1.95%) Windows 10
6 9 (1.59%) Windows Server 2008
6 9 (1.59%) Windows Server 2012
7 4 (0.71%) CentOS
8 3 (0.53%) VMS
8 3 (0.53%) Windows 7
9 2 (0.35%) Android
9 2 (0.35%) Debian
9 2 (0.35%) Mac OS X
10 1 (0.18%) Mac OS
10 1 (0.18%) Ubuntu
Processes & Methodologies
1 318 (56.28%) Information Security
2 132 (23.36%) Risk Management
3 131 (23.19%) Cybersecurity
4 106 (18.76%) ITIL
5 89 (15.75%) Security Management
6 80 (14.16%) Security Architecture
7 69 (12.21%) ISMS
8 67 (11.86%) SIEM
9 64 (11.33%) Information Security Management
9 64 (11.33%) Stakeholder Management
10 52 (9.20%) Data Protection
11 51 (9.03%) DevOps
11 51 (9.03%) Vulnerability Management
12 49 (8.67%) Agile Software Development
13 47 (8.32%) Project Management
14 46 (8.14%) Penetration Testing
15 43 (7.61%) Risk Assessment
16 42 (7.43%) Security Operations
17 38 (6.73%) Problem-Solving
17 38 (6.73%) Security Testing
Programming Languages
1 19 (3.36%) PowerShell
1 19 (3.36%) Python
2 15 (2.65%) Bash Shell
3 14 (2.48%) C
4 11 (1.95%) Java
4 11 (1.95%) Ruby
5 10 (1.77%) SQL
6 9 (1.59%) Perl
7 5 (0.88%) C#
8 3 (0.53%) Go
8 3 (0.53%) JavaScript
8 3 (0.53%) VBScript
9 2 (0.35%) C++
9 2 (0.35%) PHP
9 2 (0.35%) VB.NET
10 1 (0.18%) Shell Script
Qualifications
1 195 (34.51%) CISSP
2 140 (24.78%) CISM
3 80 (14.16%) Security Cleared
4 63 (11.15%) CISA
5 46 (8.14%) SC Cleared
6 44 (7.79%) Degree
7 41 (7.26%) Cisco Certification
8 32 (5.66%) CESG Certified Professional
8 32 (5.66%) GIAC
9 27 (4.78%) CRISC
10 25 (4.42%) ISO 27001 Lead Auditor
10 25 (4.42%) SANS
11 23 (4.07%) CLAS
12 22 (3.89%) CEH
13 21 (3.72%) (ISC)2 CCSP
14 19 (3.36%) DV Cleared
15 17 (3.01%) CISMP
16 16 (2.83%) CompTIA Security+
17 15 (2.65%) CCSP
17 15 (2.65%) ISO 27001 Lead Implementer
Quality Assurance & Compliance
1 143 (25.31%) NIST
2 119 (21.06%) PCI DSS
3 90 (15.93%) GDPR
4 84 (14.87%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
5 48 (8.50%) COBIT
6 42 (7.43%) NCSC
7 38 (6.73%) Cyber Essentials
8 35 (6.19%) Sarbanes-Oxley
9 19 (3.36%) ISO 22301
9 19 (3.36%) ISO 9001
10 18 (3.19%) ISO/IEC 20000
11 16 (2.83%) HMG Security Policy Framework
12 15 (2.65%) SLA
13 13 (2.30%) ISO/IEC 27005
14 11 (1.95%) Cyber Essentials PLUS
14 11 (1.95%) PMO
15 10 (1.77%) JSP 440
15 10 (1.77%) NIST 800
16 7 (1.24%) ISO 31000
17 6 (1.06%) QA
System Software
1 61 (10.80%) Active Directory
2 27 (4.78%) VMware Infrastructure
3 18 (3.19%) Hyper-V
4 16 (2.83%) Docker
5 8 (1.42%) Virtual Machines
6 5 (0.88%) VMware NSX
6 5 (0.88%) vSphere
7 3 (0.53%) Virtual Desktop
8 2 (0.35%) Firmware
8 2 (0.35%) Snort
8 2 (0.35%) XenApp
9 1 (0.18%) Citrix Hypervisor
9 1 (0.18%) HDFS
9 1 (0.18%) Microsoft App-V
9 1 (0.18%) VMware ESXi
9 1 (0.18%) XenDesktop
Systems Management
1 20 (3.54%) Nessus
2 13 (2.30%) Puppet
3 12 (2.12%) Opscode Chef
4 10 (1.77%) Ansible
4 10 (1.77%) Terraform
5 8 (1.42%) SCCM
5 8 (1.42%) Single Sign-On
6 7 (1.24%) Kubernetes
6 7 (1.24%) Network Intrusion Detection System
6 7 (1.24%) QRadar
6 7 (1.24%) Suricata
7 6 (1.06%) SCOM
8 5 (0.88%) CASB
8 5 (0.88%) RSA Archer
8 5 (0.88%) vCenter Server
8 5 (0.88%) vRealize
9 4 (0.71%) Computer Emergency Response Teams
9 4 (0.71%) McAfee ePO
9 4 (0.71%) Microsoft Intune
9 4 (0.71%) SELinux
Vendors
1 68 (12.04%) Microsoft
2 44 (7.79%) Cisco
3 39 (6.90%) VMware
4 27 (4.78%) Qualys
5 26 (4.60%) Splunk
6 17 (3.01%) McAfee
7 14 (2.48%) Citrix
8 13 (2.30%) Oracle
9 10 (1.77%) Google
10 9 (1.59%) Palo Alto
10 9 (1.59%) Rapid7
10 9 (1.59%) SAP
11 8 (1.42%) Symantec
12 7 (1.24%) F5
13 6 (1.06%) CheckPoint
13 6 (1.06%) HP
13 6 (1.06%) Incapsula
13 6 (1.06%) Meraki
13 6 (1.06%) MobileIron
13 6 (1.06%) Red Hat