Period
to 11 April 2021

The following table provides summary statistics for contract job vacancies with a requirement for ISO/IEC 27001 skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited ISO/IEC 27001 over the 6 months to 11 April 2021 with a comparison to the same period in the previous 2 years.

Note that daily and hourly rates are treated separately in these statistics. When calculating contractor rate percentiles, daily rates are never derived from quoted hourly rates or vice versa.

ISO/IEC 27001
UK
6 months to
11 Apr 2021
Same period 2020 Same period 2019
Rank 283 281 323
Rank change year-on-year -2 +42 -14
Contract jobs citing ISO/IEC 27001 444 537 782
As % of all contract jobs advertised in the UK 0.84% 0.90% 0.81%
As % of the Quality Assurance & Compliance category 7.67% 8.84% 7.50%
Number of daily rates quoted 301 355 505
10th Percentile £350 £325 £344
25th Percentile £412 £408 £413
Median daily rate (50th Percentile) £500 £500 £525
Median % change year-on-year - -4.76% +7.97%
75th Percentile £625 £599 £650
90th Percentile £680 £708 £745
UK excluding London median daily rate £469 £475 £500
% change year-on-year -1.32% -5.00% +11.11%
Number of hourly rates quoted 3 1 3
10th Percentile £26.60 " £23.25
25th Percentile £26.74 £16.77 £24.38
Median hourly rate £26.96 £17.16 £27.50
Median % change year-on-year +57.11% -37.60% -45.00%
75th Percentile £33.93 £17.55 £51.25
90th Percentile £38.11 " £64.75
UK excluding London median hourly rate £26.96 £17.16 £25.25
% change year-on-year +57.11% -32.04% -48.21%

ISO/IEC 27001 is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Contract vacancies with a requirement for quality assurance or compliance skills 5,787 6,074 10,433
As % of all contract IT jobs advertised in the UK 11.01% 10.18% 10.81%
Number of daily rates quoted 3,837 3,858 6,672
10th Percentile £263 £225 £250
25th Percentile £363 £350 £350
Median daily rate (50th Percentile) £475 £450 £450
Median % change year-on-year +5.56% - -
75th Percentile £575 £552 £556
90th Percentile £650 £638 £650
UK excluding London median daily rate £425 £425 £425
Number of hourly rates quoted 275 269 332
10th Percentile £11.36 £13.48 £10.75
25th Percentile £14.25 £17.27 £13.00
Median hourly rate £21.00 £22.55 £20.24
Median % change year-on-year -6.85% +11.42% -6.38%
75th Percentile £38.38 £47.50 £39.00
90th Percentile £51.40 £52.60 £48.70
UK excluding London median hourly rate £20.80 £22.50 £20.00
% change year-on-year -7.56% +12.50% -8.21%

ISO/IEC 27001
Job Vacancy Trend

Job postings citing ISO/IEC 27001 as a proportion of all IT jobs advertised.

Job vacancy trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Contractor Daily Rate Trend

3-month moving average daily rate quoted in jobs citing ISO/IEC 27001.

Daily rate trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Daily Rate Histogram

Daily rate distribution for jobs citing ISO/IEC 27001 over the 6 months to 11 April 2021.

Daily rate histogram for ISO/IEC 27001 in the UK

ISO/IEC 27001
Contractor Hourly Rate Trend

3-month moving average hourly rates quoted in jobs citing ISO/IEC 27001.

Hourly rate trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Top 17 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing ISO/IEC 27001 within the UK over the 6 months to 11 April 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Past 6 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +13 361 £500 - 207
UK excluding London -5 219 £469 -1.32% 160
London +12 164 £550 +4.76% 59
Work from Home -164 105 £500 -9.09% 31
South East +51 77 £483 -5.85% 39
North of England +43 37 £500 -0.99% 42
South West +30 31 £434 -8.71% 26
Scotland -26 31 £425 -10.53% 8
North West +27 30 £500 -4.76% 24
Midlands +14 23 £370 -29.52% 31
West Midlands +8 16 £425 -21.84% 20
Wales +23 13 £563 +2.27% 4
East Midlands +22 7 £270 -36.47% 9
Yorkshire +26 6 £500 +33.33% 12
East of England +19 6 £600 +106.90% 9
North East +28 1 £325 -32.47% 6
Channel Islands - 1 £550 -

For the 6 months to 11 April 2021, IT contractor jobs citing ISO/IEC 27001 also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all contract job ads with a requirement for ISO/IEC 27001.

1 252 (56.76%) Information Security
2 216 (48.65%) Cybersecurity
3 160 (36.04%) CISSP
4 131 (29.50%) NIST
5 129 (29.05%) Risk Management
6 112 (25.23%) CISM
7 95 (21.40%) Security Cleared
8 86 (19.37%) PCI DSS
9 79 (17.79%) GDPR
10 78 (17.57%) Azure
11 77 (17.34%) CESG Certified Professional
12 75 (16.89%) Security Management
13 73 (16.44%) Microsoft
14 68 (15.32%) Management Information System
14 68 (15.32%) Security Architecture
15 67 (15.09%) Finance
16 64 (14.41%) ITIL
17 61 (13.74%) SC Cleared
17 61 (13.74%) Information Assurance
18 56 (12.61%) Degree
18 56 (12.61%) SIEM
19 52 (11.71%) Firewall
19 52 (11.71%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
20 51 (11.49%) HMG Security Policy Framework
20 51 (11.49%) Agile Software Development
21 50 (11.26%) AWS
22 49 (11.04%) Stakeholder Management
23 48 (10.81%) CISA
23 48 (10.81%) CRISC
24 47 (10.59%) Information Security Management

ISO/IEC 27001
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 17 (3.83%) IIS
2 8 (1.80%) SharePoint
3 5 (1.13%) Confluence
4 3 (0.68%) MS Exchange
Applications
1 6 (1.35%) Microsoft Office
2 3 (0.68%) Microsoft Excel
3 2 (0.45%) Microsoft PowerPoint
3 2 (0.45%) Microsoft Project
4 1 (0.23%) MS Visio
Business Applications
1 2 (0.45%) SAP Oil and Gas
Cloud Services
1 78 (17.57%) Azure
2 50 (11.26%) AWS
3 37 (8.33%) SaaS
4 30 (6.76%) Microsoft 365
5 28 (6.31%) IaaS
6 23 (5.18%) Cloud Computing
6 23 (5.18%) PaaS
7 21 (4.73%) GCP
8 9 (2.03%) Azure Active Directory
9 8 (1.80%) Serverless
10 6 (1.35%) Amazon CloudWatch
11 5 (1.13%) Amazon EC2
11 5 (1.13%) Amazon S3
12 4 (0.90%) Azure Functions
12 4 (0.90%) GitHub
13 3 (0.68%) AWS CloudFormation
13 3 (0.68%) OneDrive
14 2 (0.45%) IBM Cloud
14 2 (0.45%) Power Platform
15 1 (0.23%) PowerApps
Communications & Networking
1 52 (11.71%) Firewall
2 22 (4.95%) Network Security
3 14 (3.15%) Intrusion Detection
3 14 (3.15%) WAN
4 12 (2.70%) Internet
4 12 (2.70%) LAN
5 9 (2.03%) NAS
6 7 (1.58%) VPN
7 5 (1.13%) DNS
7 5 (1.13%) SAN
8 4 (0.90%) SD-WAN
8 4 (0.90%) TCP/IP
9 3 (0.68%) DHCP
9 3 (0.68%) SSL
9 3 (0.68%) VoIP
9 3 (0.68%) Wireless
10 2 (0.45%) HTTP
10 2 (0.45%) MPLS
10 2 (0.45%) WLAN
10 2 (0.45%) X.509
Database & Business Intelligence
1 9 (2.03%) SQL Server
2 4 (0.90%) Azure SQL Database
3 3 (0.68%) Data Vault
3 3 (0.68%) SQL Server 2008
4 1 (0.23%) Data Warehouse
4 1 (0.23%) NoSQL
4 1 (0.23%) Oracle Database
4 1 (0.23%) Oracle Database 11g
4 1 (0.23%) Power BI
Development Applications
1 11 (2.48%) JIRA
2 5 (1.13%) Jenkins
3 4 (0.90%) Atlassian Bamboo
4 3 (0.68%) Selenium
4 3 (0.68%) SonarQube
4 3 (0.68%) Visual Studio
5 1 (0.23%) GitLab
5 1 (0.23%) Oracle Forms
5 1 (0.23%) Snyk
General
1 67 (15.09%) Finance
2 42 (9.46%) Public Sector
3 37 (8.33%) Banking
3 37 (8.33%) Legal
4 21 (4.73%) Telecoms
5 14 (3.15%) Manufacturing
6 11 (2.48%) Marketing
7 7 (1.58%) Local Government
8 6 (1.35%) Electronics
8 6 (1.35%) Financial Institution
8 6 (1.35%) Investment Banking
8 6 (1.35%) Law
8 6 (1.35%) Retail
9 3 (0.68%) Back Office
9 3 (0.68%) Billing
9 3 (0.68%) International Banking
10 2 (0.45%) Advertising
10 2 (0.45%) Games
11 1 (0.23%) French Language
11 1 (0.23%) Pharmaceutical
Job Titles
1 111 (25.00%) Consultant
2 86 (19.37%) Security Consultant
3 70 (15.77%) Architect
4 62 (13.96%) Security Architect
5 56 (12.61%) Security Manager
6 45 (10.14%) Analyst
7 34 (7.66%) Information Security Consultant
8 30 (6.76%) Security Analyst
9 28 (6.31%) Security Engineer
10 21 (4.73%) Cybersecurity Manager
11 17 (3.83%) Project Manager
11 17 (3.83%) Risk Manager
12 16 (3.60%) Information Manager
13 15 (3.38%) Cybersecurity Consultant
14 14 (3.15%) IT Manager
14 14 (3.15%) Security Advisor
15 13 (2.93%) Cloud Architect
16 12 (2.70%) Information Assurance Consultant
16 12 (2.70%) IT Consultant
16 12 (2.70%) Security Project Manager
Libraries, Frameworks & Software Standards
1 13 (2.93%) SAML
2 12 (2.70%) .NET
3 7 (1.58%) ModSecurity
3 7 (1.58%) Web Services
4 5 (1.13%) .NET Core
4 5 (1.13%) Node.js
4 5 (1.13%) React
5 4 (0.90%) AngularJS
5 4 (0.90%) XML
6 3 (0.68%) ASP.NET
6 3 (0.68%) CSS
6 3 (0.68%) EDI
6 3 (0.68%) HTML
6 3 (0.68%) HTML5
6 3 (0.68%) jQuery
6 3 (0.68%) Middleware
7 2 (0.45%) OAuth
7 2 (0.45%) REST
7 2 (0.45%) SOAP
8 1 (0.23%) DOM
Miscellaneous
1 68 (15.32%) Management Information System
2 39 (8.78%) Analytical Skills
3 36 (8.11%) CESG
4 14 (3.15%) Data Centre
5 12 (2.70%) Virtual Team
6 11 (2.48%) Cloud Native
6 11 (2.48%) Cyberthreat
7 9 (2.03%) PKI
7 9 (2.03%) Security Operations Centre
8 7 (1.58%) Data Protection Act
8 7 (1.58%) NHS
8 7 (1.58%) User Experience
9 6 (1.35%) CESG CLAS
9 6 (1.35%) Cyberattack
9 6 (1.35%) Public Cloud
10 5 (1.13%) AS400
10 5 (1.13%) Internet of Things
10 5 (1.13%) Self-Motivation
11 4 (0.90%) Hybrid Cloud
12 3 (0.68%) Distributed Denial-of-Service
Operating Systems
1 45 (10.14%) Windows
2 28 (6.31%) Linux
3 19 (4.28%) Windows Server
4 9 (2.03%) Unix
4 9 (2.03%) Windows 10
5 5 (1.13%) Solaris
6 3 (0.68%) Android
6 3 (0.68%) Apple iOS
6 3 (0.68%) Red Hat Enterprise Linux
7 2 (0.45%) MVS
8 1 (0.23%) HPUX
8 1 (0.23%) Mac OS X
8 1 (0.23%) SUSE
8 1 (0.23%) Windows 7
8 1 (0.23%) Windows Server 2012
Processes & Methodologies
1 252 (56.76%) Information Security
2 216 (48.65%) Cybersecurity
3 129 (29.05%) Risk Management
4 75 (16.89%) Security Management
5 68 (15.32%) Security Architecture
6 64 (14.41%) ITIL
7 61 (13.74%) Information Assurance
8 56 (12.61%) SIEM
9 51 (11.49%) Agile Software Development
10 49 (11.04%) Stakeholder Management
11 47 (10.59%) Information Security Management
12 41 (9.23%) Risk Assessment
13 39 (8.78%) ISMS
13 39 (8.78%) TOGAF
14 37 (8.33%) SABSA
15 35 (7.88%) Threat Modelling
16 34 (7.66%) Data Protection
17 32 (7.21%) Data Security
18 29 (6.53%) Project Delivery
19 28 (6.31%) DevOps
Programming Languages
1 10 (2.25%) C
1 10 (2.25%) C#
2 9 (2.03%) JavaScript
3 8 (1.80%) C++
3 8 (1.80%) Java
3 8 (1.80%) Python
4 7 (1.58%) PowerShell
5 6 (1.35%) SQL
6 3 (0.68%) PHP
6 3 (0.68%) VB.NET
7 1 (0.23%) Bash Shell
7 1 (0.23%) PL/SQL
7 1 (0.23%) Shell Script
7 1 (0.23%) TypeScript
7 1 (0.23%) VBScript
Qualifications
1 160 (36.04%) CISSP
2 112 (25.23%) CISM
3 95 (21.40%) Security Cleared
4 77 (17.34%) CESG Certified Professional
5 61 (13.74%) SC Cleared
6 56 (12.61%) Degree
7 48 (10.81%) CISA
7 48 (10.81%) CRISC
8 32 (7.21%) DV Cleared
9 28 (6.31%) Cisco Certification
10 19 (4.28%) (ISC)2 CCSP
10 19 (4.28%) CCSP
11 18 (4.05%) IISP
11 18 (4.05%) ISO 27001 Lead Auditor
11 18 (4.05%) Microsoft Certification
12 16 (3.60%) FFIEC
13 14 (3.15%) CEH
14 12 (2.70%) GIAC
15 11 (2.48%) SANS
16 10 (2.25%) CLAS
Quality Assurance & Compliance
1 131 (29.50%) NIST
2 86 (19.37%) PCI DSS
3 79 (17.79%) GDPR
4 52 (11.71%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
5 51 (11.49%) HMG Security Policy Framework
6 42 (9.46%) Cyber Essentials
7 39 (8.78%) COBIT
7 39 (8.78%) NCSC
8 27 (6.08%) GRC
8 27 (6.08%) NIST 800
9 24 (5.41%) RMADS
10 23 (5.18%) JSP 440
11 18 (4.05%) QA
12 17 (3.83%) ISO/IEC 27005
13 15 (3.38%) ISO 9001
13 15 (3.38%) SLA
14 13 (2.93%) ISO/IEC 20000
15 12 (2.70%) Sarbanes-Oxley
16 9 (2.03%) Cyber Essentials PLUS
17 8 (1.80%) ISO 22301
System Software
1 36 (8.11%) Active Directory
2 15 (3.38%) VMware Infrastructure
3 5 (1.13%) Virtual Machines
4 4 (0.90%) Docker
5 3 (0.68%) Hyper-V
5 3 (0.68%) Virtual Desktop
6 1 (0.23%) Virtual Servers
6 1 (0.23%) VMware NSX
6 1 (0.23%) XenApp
6 1 (0.23%) XenDesktop
Systems Management
1 9 (2.03%) Computer Emergency Response Teams
2 8 (1.80%) Kubernetes
2 8 (1.80%) Network Intrusion Detection System
2 8 (1.80%) Terraform
3 5 (1.13%) HP ALM
3 5 (1.13%) HP Fortify
4 4 (0.90%) Microsoft Intune
4 4 (0.90%) Nessus
5 3 (0.68%) IBM Guardium
5 3 (0.68%) Nexpose
5 3 (0.68%) QRadar
5 3 (0.68%) RSA Archer
5 3 (0.68%) Trend Micro Deep Security
6 2 (0.45%) Ansible
6 2 (0.45%) SCCM
6 2 (0.45%) SCOM
6 2 (0.45%) Single Sign-On
6 2 (0.45%) WebInspect
7 1 (0.23%) Data Guard
7 1 (0.23%) WSUS
Vendors
1 73 (16.44%) Microsoft
2 20 (4.50%) Cisco
2 20 (4.50%) VMware
3 19 (4.28%) Google
4 13 (2.93%) CheckPoint
4 13 (2.93%) Qualys
4 13 (2.93%) SAP
4 13 (2.93%) Splunk
5 10 (2.25%) HP
6 9 (2.03%) Oracle
7 8 (1.80%) ArcSight
7 8 (1.80%) Tripwire
8 7 (1.58%) Okta
9 6 (1.35%) LogRhythm
9 6 (1.35%) McAfee
9 6 (1.35%) Remedy
10 5 (1.13%) Citrix
10 5 (1.13%) IBM
10 5 (1.13%) Juniper
10 5 (1.13%) Micro Focus