Period
to 4 April 2020

The following table provides summary statistics for contract job vacancies with a requirement for ISO/IEC 27001 skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited ISO/IEC 27001 over the 6 months to 4 April 2020 with a comparison to the same period in the previous 2 years.

Note that daily and hourly rates are treated separately in these statistics. When calculating contractor rate percentiles, daily rates are never derived from quoted hourly rates or vice versa.

ISO/IEC 27001
UK
6 months to
4 Apr 2020
Same period 2019 Same period 2018
Rank 273 331 299
Rank change year-on-year +58 -32 +71
Contract jobs citing ISO/IEC 27001 555 781 852
As % of all contract jobs advertised in the UK 0.90% 0.81% 0.84%
As % of the Quality Assurance & Compliance category 8.95% 7.53% 6.65%
Number of daily rates quoted 377 515 534
Median daily rate £500 £525 £475
Median daily rate % change year-on-year -4.76% +10.53% -
10th Percentile £325 £337 £325
90th Percentile £700 £725 £704
UK excluding London median daily rate £500 £500 £450
% change year-on-year - +11.11% -3.23%
Number of hourly rates quoted 1 6 10
Median hourly rate £17.16 £35.00 £50.34
Median hourly rate % change year-on-year -50.97% -30.47% +83.04%
10th Percentile £16.77 £24.38 £20.95
90th Percentile £17.55 £54.38 £62.78
UK excluding London median hourly rate £17.16 £31.25 £50.00
% change year-on-year -45.09% -37.50% +81.82%

ISO/IEC 27001 is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Contract vacancies with a requirement for quality assurance or compliance skills 6,199 10,377 12,819
As % of all contract IT jobs advertised in the UK 10.07% 10.77% 12.61%
Number of daily rates quoted 3,752 6,482 8,248
Median daily rate £450 £450 £450
10th Percentile £219 £250 £259
90th Percentile £638 £650 £638
UK excluding London median daily rate £425 £425 £400
% change year-on-year - +6.25% -
Number of hourly rates quoted 288 352 361
Median hourly rate £24.44 £21.88 £22.50
Median hourly rate % change year-on-year +11.68% -2.76% +3.45%
10th Percentile £13.56 £11.00 £12.25
90th Percentile £52.33 £48.75 £57.50
Median hourly rate £22.52 £20.25 £25.00
% change year-on-year +11.25% -19.02% +16.28%

ISO/IEC 27001
Job Vacancy Trend

Job postings citing ISO/IEC 27001 as a proportion of all IT jobs advertised.

Job vacancy trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Contractor Daily Rate Trend

3-month moving average daily rate quoted in jobs citing ISO/IEC 27001.

Daily rate trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Daily Rate Histogram

Daily rate distribution for jobs citing ISO/IEC 27001 over the 6 months to 4 April 2020.

Daily rate histogram for ISO/IEC 27001 in the UK

ISO/IEC 27001
Contractor Hourly Rate Trend

3-month moving average hourly rates quoted in jobs citing ISO/IEC 27001.

Hourly rate trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Top 16 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing ISO/IEC 27001 within the UK over the 6 months to 4 April 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Past 6 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +42 475 £500 -4.76% 187
UK excluding London +61 371 £500 - 147
London +50 177 £525 -8.70% 46
South East +28 104 £500 -2.44% 30
South West +50 69 £488 +8.33% 24
Scotland +56 62 £485 -7.62% 2
North of England +34 58 £511 +2.25% 40
Midlands +41 38 £525 -8.70% 25
North West +25 35 £525 +3.65% 27
East of England +27 32 £290 -31.76% 22
West Midlands +39 25 £544 -9.38% 20
Yorkshire +38 18 £475 +5.56% 12
Work from Home -1 18 £550 +33.33% 5
East Midlands +37 12 £450 +20.00% 5
Wales +27 10 £550 +15.79% 4
North East +18 4 £481 +13.24% 1

For the 6 months to 4 April 2020, IT contractor jobs citing ISO/IEC 27001 also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all contract job ads with a requirement for ISO/IEC 27001.

1 324 (58.38%) Information Security
2 193 (34.77%) CISSP
3 175 (31.53%) Cybersecurity
4 150 (27.03%) NIST
4 150 (27.03%) Risk Management
5 139 (25.05%) CISM
6 101 (18.20%) PCI DSS
7 97 (17.48%) ITIL
7 97 (17.48%) GDPR
8 96 (17.30%) Firewall
9 91 (16.40%) Azure
10 88 (15.86%) AWS
11 84 (15.14%) Management Information System
12 83 (14.95%) Security Management
12 83 (14.95%) Finance
13 81 (14.59%) Security Cleared
14 80 (14.41%) Security Architecture
15 78 (14.05%) Public Sector
16 76 (13.69%) SIEM
17 67 (12.07%) Risk Assessment
18 65 (11.71%) NCSC
19 64 (11.53%) Active Directory
20 62 (11.17%) CISA
21 61 (10.99%) Network Security
22 60 (10.81%) Windows
23 57 (10.27%) Information Security Management
23 57 (10.27%) Stakeholder Management
24 56 (10.09%) Degree
25 55 (9.91%) Penetration Testing
25 55 (9.91%) SC Cleared

ISO/IEC 27001
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 21 (3.78%) SharePoint
2 8 (1.44%) IIS
2 8 (1.44%) MS Exchange
3 3 (0.54%) BizTalk Server
3 3 (0.54%) Confluence
3 3 (0.54%) OpenStack
3 3 (0.54%) Skype for Business
4 2 (0.36%) Apache
4 2 (0.36%) ColdFusion
5 1 (0.18%) Apache Spark
5 1 (0.18%) CICS
5 1 (0.18%) Commerce Server
5 1 (0.18%) nginx
5 1 (0.18%) SharePoint 2010
5 1 (0.18%) SharePoint 2013
Applications
1 18 (3.24%) Microsoft Office
2 3 (0.54%) Microsoft Excel
2 3 (0.54%) Microsoft PowerPoint
3 2 (0.36%) Microsoft Project
3 2 (0.36%) MS Visio
4 1 (0.18%) AutoCAD
4 1 (0.18%) Spreadsheet
Business Applications
1 3 (0.54%) Carpe Diem
1 3 (0.54%) Elite 3E
2 2 (0.36%) FLEXCUBE
3 1 (0.18%) Dynamics CRM
3 1 (0.18%) Dynamics NAV
3 1 (0.18%) SAP GRC
3 1 (0.18%) SAP S/4HANA
Cloud Services
1 91 (16.40%) Azure
2 88 (15.86%) AWS
3 47 (8.47%) SaaS
4 34 (6.13%) Office 365
5 20 (3.60%) PaaS
6 16 (2.88%) IaaS
7 14 (2.52%) GCP
8 5 (0.90%) Mimecast
9 4 (0.72%) Azure Active Directory
9 4 (0.72%) Cloud Computing
9 4 (0.72%) Dynamics 365
10 3 (0.54%) Akamai
10 3 (0.54%) AWS CloudFormation
10 3 (0.54%) Serverless
11 2 (0.36%) Amazon EC2
11 2 (0.36%) Amazon ECS
11 2 (0.36%) Amazon S3
11 2 (0.36%) AWS CloudTrail
11 2 (0.36%) OneDrive
11 2 (0.36%) Route 53
Communications & Networking
1 96 (17.30%) Firewall
2 61 (10.99%) Network Security
3 25 (4.50%) Intrusion Detection
3 25 (4.50%) X.509
4 24 (4.32%) WAN
5 20 (3.60%) Internet
5 20 (3.60%) TCP/IP
6 17 (3.06%) LAN
6 17 (3.06%) VPN
7 13 (2.34%) DNS
8 12 (2.16%) MPLS
9 11 (1.98%) HTTP
10 10 (1.80%) Wireless
11 9 (1.62%) SMTP
12 7 (1.26%) Radio Access Network
12 7 (1.26%) VLAN
12 7 (1.26%) VoIP
13 6 (1.08%) 5G
14 5 (0.90%) SAN
14 5 (0.90%) Skype
Database & Business Intelligence
1 12 (2.16%) SQL Server
2 3 (0.54%) Oracle Database
2 3 (0.54%) Relational Database
3 2 (0.36%) RDBMS
4 1 (0.18%) Apache Hive
4 1 (0.18%) Big Data
4 1 (0.18%) DB2
4 1 (0.18%) GIS
4 1 (0.18%) Hadoop
4 1 (0.18%) HBase
4 1 (0.18%) SQL Server Reporting Services
4 1 (0.18%) Sqoop
Development Applications
1 10 (1.80%) Burp Suite
2 5 (0.90%) JIRA
3 1 (0.18%) GitLab
3 1 (0.18%) Jenkins
3 1 (0.18%) Metasploit
3 1 (0.18%) Selenium
3 1 (0.18%) SonarQube
General
1 83 (14.95%) Finance
2 78 (14.05%) Public Sector
3 46 (8.29%) Legal
4 31 (5.59%) Banking
5 29 (5.23%) Telecoms
6 25 (4.50%) Retail
7 18 (3.24%) Manufacturing
8 12 (2.16%) Law
8 12 (2.16%) Marketing
9 11 (1.98%) Electronics
9 11 (1.98%) Police
10 7 (1.26%) Local Government
11 3 (0.54%) Aerospace
11 3 (0.54%) Automotive
12 2 (0.36%) Back Office
12 2 (0.36%) Military
13 1 (0.18%) Front Office
13 1 (0.18%) Russian Language
Job Titles
1 119 (21.44%) Consultant
2 105 (18.92%) Architect
3 100 (18.02%) Security Consultant
4 91 (16.40%) Analyst
5 83 (14.95%) Security Architect
6 62 (11.17%) Security Analyst
7 42 (7.57%) Information Security Consultant
8 41 (7.39%) Security Manager
9 32 (5.77%) Security Engineer
10 30 (5.41%) Information Manager
11 27 (4.86%) Security Officer
12 25 (4.50%) Information Security Officer
13 24 (4.32%) Information Security Manager
14 23 (4.14%) Information Analyst
15 22 (3.96%) Information Security Analyst
16 19 (3.42%) IT Analyst
16 19 (3.42%) IT Security Analyst
17 18 (3.24%) Cybersecurity Consultant
17 18 (3.24%) Information Officer
18 16 (2.88%) Security Specialist
Libraries, Frameworks & Software Standards
1 24 (4.32%) SAML
2 8 (1.44%) Web Services
3 2 (0.36%) .NET
3 2 (0.36%) EJB
3 2 (0.36%) Elastic Stack
3 2 (0.36%) J2EE
3 2 (0.36%) LDAP
3 2 (0.36%) OAuth
4 1 (0.18%) .NET Framework
4 1 (0.18%) Java EE
4 1 (0.18%) OAuth2
4 1 (0.18%) OLE
4 1 (0.18%) OpenID
4 1 (0.18%) REST
4 1 (0.18%) SailPoint
4 1 (0.18%) YAML
Miscellaneous
1 84 (15.14%) Management Information System
2 36 (6.49%) Analytical Skills
3 26 (4.68%) Data Centre
4 21 (3.78%) Public Cloud
5 17 (3.06%) Cyberthreat
6 14 (2.52%) PKI
7 13 (2.34%) Data Protection Act
8 11 (1.98%) Hybrid Cloud
8 11 (1.98%) Self-Motivation
9 10 (1.80%) Distributed Denial-of-Service
10 9 (1.62%) Security Operations Centre
11 7 (1.26%) CESG
12 6 (1.08%) Smartphone
13 5 (0.90%) Cyber Defence
13 5 (0.90%) Enterprise Software
13 5 (0.90%) Freedom of Information
13 5 (0.90%) Freedom of Information Act
13 5 (0.90%) Private Cloud
13 5 (0.90%) Video Conferencing
13 5 (0.90%) Virtual Team
Operating Systems
1 60 (10.81%) Windows
2 37 (6.67%) Linux
3 21 (3.78%) Windows Server
4 9 (1.62%) Windows Server 2008
5 8 (1.44%) Windows 10
5 8 (1.44%) Windows Server 2012
6 7 (1.26%) Windows Server 2016
7 5 (0.90%) Red Hat Enterprise Linux
7 5 (0.90%) Unix
8 3 (0.54%) Windows 7
9 2 (0.36%) CentOS
9 2 (0.36%) Mac OS X
10 1 (0.18%) Android
10 1 (0.18%) Apple iOS
10 1 (0.18%) Debian
10 1 (0.18%) Mac OS
10 1 (0.18%) Ubuntu
Processes & Methodologies
1 324 (58.38%) Information Security
2 175 (31.53%) Cybersecurity
3 150 (27.03%) Risk Management
4 97 (17.48%) ITIL
5 83 (14.95%) Security Management
6 80 (14.41%) Security Architecture
7 76 (13.69%) SIEM
8 67 (12.07%) Risk Assessment
9 57 (10.27%) Information Security Management
9 57 (10.27%) Stakeholder Management
10 55 (9.91%) Penetration Testing
11 52 (9.37%) ISMS
12 50 (9.01%) Data Protection
13 41 (7.39%) Security Testing
13 41 (7.39%) Vulnerability Management
14 40 (7.21%) Agile Software Development
15 38 (6.85%) Service Management
16 35 (6.31%) DevOps
16 35 (6.31%) Security Operations
17 34 (6.13%) OWASP
Programming Languages
1 12 (2.16%) C
2 11 (1.98%) PowerShell
3 6 (1.08%) Java
3 6 (1.08%) Python
4 4 (0.72%) SQL
5 3 (0.54%) Bash Shell
6 2 (0.36%) JavaScript
6 2 (0.36%) Perl
6 2 (0.36%) VB.NET
7 1 (0.18%) C#
7 1 (0.18%) C++
7 1 (0.18%) PHP
7 1 (0.18%) Ruby
7 1 (0.18%) Shell Script
Qualifications
1 193 (34.77%) CISSP
2 139 (25.05%) CISM
3 81 (14.59%) Security Cleared
4 62 (11.17%) CISA
5 56 (10.09%) Degree
6 55 (9.91%) SC Cleared
7 44 (7.93%) GIAC
8 39 (7.03%) Cisco Certification
9 27 (4.86%) CLAS
10 25 (4.50%) CEH
10 25 (4.50%) CESG Certified Professional
11 24 (4.32%) (ISC)2 CCSP
12 23 (4.14%) DV Cleared
13 21 (3.78%) ISO 27001 Lead Auditor
14 20 (3.60%) CRISC
15 18 (3.24%) SANS
16 17 (3.06%) CompTIA Security+
17 16 (2.88%) ISACA
18 14 (2.52%) CCSP
19 13 (2.34%) ISO 27001 Lead Implementer
Quality Assurance & Compliance
1 150 (27.03%) NIST
2 101 (18.20%) PCI DSS
3 97 (17.48%) GDPR
4 65 (11.71%) NCSC
5 55 (9.91%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
6 45 (8.11%) Cyber Essentials
7 31 (5.59%) COBIT
8 27 (4.86%) HMG Security Policy Framework
9 21 (3.78%) Sarbanes-Oxley
10 17 (3.06%) ISO 22301
10 17 (3.06%) ISO/IEC 20000
11 15 (2.70%) SLA
12 14 (2.52%) Cyber Essentials PLUS
12 14 (2.52%) ISO 9001
13 12 (2.16%) ISO/IEC 27005
13 12 (2.16%) PMO
14 9 (1.62%) JSP 440
15 6 (1.08%) ISAE 3402
15 6 (1.08%) QA
15 6 (1.08%) RMADS
System Software
1 64 (11.53%) Active Directory
2 18 (3.24%) VMware Infrastructure
3 10 (1.80%) Hyper-V
4 4 (0.72%) Docker
4 4 (0.72%) VMware NSX
5 3 (0.54%) Virtual Desktop
5 3 (0.54%) Virtual Machines
5 3 (0.54%) vSphere
5 3 (0.54%) XenApp
6 2 (0.36%) Firmware
6 2 (0.36%) XenDesktop
7 1 (0.18%) HDFS
7 1 (0.18%) Microsoft App-V
7 1 (0.18%) Snort
Systems Management
1 18 (3.24%) Nessus
2 12 (2.16%) Network Intrusion Detection System
3 9 (1.62%) SCCM
4 7 (1.26%) Single Sign-On
4 7 (1.26%) Terraform
5 6 (1.08%) Computer Emergency Response Teams
5 6 (1.08%) SCOM
6 5 (0.90%) Ansible
6 5 (0.90%) Microsoft Intune
6 5 (0.90%) RSA Archer
7 4 (0.72%) QRadar
8 3 (0.54%) Kubernetes
8 3 (0.54%) Norton AntiVirus
8 3 (0.54%) Puppet
8 3 (0.54%) vCenter Server
8 3 (0.54%) vRealize
9 2 (0.36%) HP Quality Center
9 2 (0.36%) Nagios
9 2 (0.36%) Nexpose
9 2 (0.36%) OpenVAS
Vendors
1 52 (9.37%) Microsoft
2 31 (5.59%) Cisco
3 29 (5.23%) VMware
4 14 (2.52%) Citrix
4 14 (2.52%) McAfee
4 14 (2.52%) Oracle
4 14 (2.52%) Qualys
4 14 (2.52%) Splunk
5 13 (2.34%) SAP
6 9 (1.62%) Rapid7
7 7 (1.26%) Fortinet
7 7 (1.26%) Google
7 7 (1.26%) Juniper
7 7 (1.26%) MobileIron
7 7 (1.26%) Palo Alto
8 6 (1.08%) Symantec
9 5 (0.90%) HP
10 4 (0.72%) CA
10 4 (0.72%) Mitel
10 4 (0.72%) Red Hat