ISO/IEC 27001 Contracts, Co-occurring Skills & Contractor Rates

ISO/IEC 27001
UK

The following table provides summary statistics for contract job vacancies with a requirement for ISO/IEC 27001 skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited ISO/IEC 27001 over the 6 months to 17 May 2024 with a comparison to the same period in the previous 2 years.

Location	6 months to 17 May 2024	Same period 2023	Same period 2022
Rank	216	230	301
Rank change year-on-year	+14	+71	+12
Contract jobs citing ISO/IEC 27001	453	664	803
As % of all contract jobs advertised in the UK	1.06%	1.17%	0.92%
As % of the Quality Assurance & Compliance category	7.51%	8.73%	6.91%
Number of daily rates quoted	344	475	606
10^th Percentile	£363	£425	£363
25^th Percentile	£459	£500	£463
Median daily rate (50^th Percentile)	£575	£600	£550
Median % change year-on-year	-4.17%	+9.09%	+7.32%
75^th Percentile	£667	£700	£675
90^th Percentile	£759	£795	£763
UK excluding London median daily rate	£550	£600	£550
% change year-on-year	-8.33%	+9.09%	+22.22%
Number of hourly rates quoted	1	16	9
10^th Percentile	-	£44.38	£43.21
25^th Percentile	-	£45.94	£43.95
Median hourly rate	£83.41	£67.07	£54.96
Median % change year-on-year	+24.36%	+22.05%	-13.46%
75^th Percentile	-	£74.11	£69.83
90^th Percentile	-	£78.63	£76.86
UK excluding London median hourly rate	£83.41	£70.00	£54.69
% change year-on-year	+19.16%	+27.99%	-13.87%

All Quality Assurance and Compliance Skills
UK

ISO/IEC 27001 is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for quality assurance or compliance skills.

Contract vacancies with a requirement for quality assurance or compliance skills	6,033	7,604	11,616
As % of all contract IT jobs advertised in the UK	14.16%	13.37%	13.28%
Number of daily rates quoted	3,834	5,199	7,955
10^th Percentile	£281	£281	£300
25^th Percentile	£405	£413	£405
Median daily rate (50^th Percentile)	£510	£525	£515
Median % change year-on-year	-2.86%	+1.94%	+8.42%
75^th Percentile	£625	£638	£625
90^th Percentile	£750	£743	£713
UK excluding London median daily rate	£483	£480	£450
% change year-on-year	+0.73%	+6.56%	+5.88%
Number of hourly rates quoted	380	238	305
10^th Percentile	£10.95	£13.29	£12.02
25^th Percentile	£13.18	£18.71	£16.50
Median hourly rate	£21.06	£35.00	£31.00
Median % change year-on-year	-39.84%	+12.90%	+47.62%
75^th Percentile	£45.00	£61.50	£50.00
90^th Percentile	£68.75	£77.50	£69.05
UK excluding London median hourly rate	£18.27	£32.50	£22.29
% change year-on-year	-43.78%	+45.81%	+6.14%

ISO/IEC 27001
Job Vacancy Trend

Job postings citing ISO/IEC 27001 as a proportion of all IT jobs advertised.

Job vacancy trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Contractor Daily Rate Trend

3-month moving average daily rate quoted in jobs citing ISO/IEC 27001.

Daily rate trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Daily Rate Histogram

Daily rate distribution for jobs citing ISO/IEC 27001 over the 6 months to 17 May 2024.

Daily rate histogram for ISO/IEC 27001 in the UK

ISO/IEC 27001
Contractor Hourly Rate Trend

3-month moving average hourly rates quoted in jobs citing ISO/IEC 27001.

Hourly rate trend for ISO/IEC 27001 in the UK

ISO/IEC 27001
Top 16 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing ISO/IEC 27001 within the UK over the 6 months to 17 May 2024. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Contract IT Job Ads	Median Daily Rate Past 6 Months	Median Daily Rate % Change on Same Period Last Year	Live Jobs
England	+7	381	£575	-4.17%	367
UK excluding London	+1	205	£550	-8.33%	254
London	+9	204	£585	-7.41%	112
Work from Home	+24	177	£575	-4.17%	178
North of England	+41	52	£575	+21.05%	64
South West	+3	47	£600	-4.00%	34
North West	+39	43	£600	+33.33%	29
Scotland	+45	40	£563	-3.68%	13
South East	-46	32	£413	-34.00%	60
Midlands	-2	22	£450	-21.74%	49
West Midlands	-11	15	£525	-8.70%	31
East of England	+16	11	£365	-33.94%	28
East Midlands	+17	7	£363	-48.21%	18
Yorkshire	+3	7	£550	-15.38%	26
North East	-	2	£525	-	9
Wales	+16	1	£638	+10.87%	4

ISO/IEC 27001
Top 30 Co-occurring Skills and Capabilities

For the 6 months to 17 May 2024, contractor job vacancies citing ISO/IEC 27001 also mentioned the following skills and capabilities in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all contract job ads with a requirement for ISO/IEC 27001.

1	220 (48.57%)	NIST
2	218 (48.12%)	Cybersecurity
3	188 (41.50%)	Information Security
4	128 (28.26%)	CISSP
5	127 (28.04%)	Risk Management
6	110 (24.28%)	Security Cleared
7	100 (22.08%)	Social Skills
8	93 (20.53%)	SC Cleared
9	92 (20.31%)	CISM
10	87 (19.21%)	Microsoft
11	85 (18.76%)	Finance
11	85 (18.76%)	Azure
11	85 (18.76%)	Public Sector
12	74 (16.34%)	SIEM
13	72 (15.89%)	GDPR

14	71 (15.67%)	Security Architecture
15	69 (15.23%)	Management Information System
16	65 (14.35%)	AWS
17	64 (14.13%)	PCI DSS
18	60 (13.25%)	Cloud Security
19	58 (12.80%)	Firewall
20	53 (11.70%)	CISA
21	52 (11.48%)	Risk Assessment
22	51 (11.26%)	Penetration Testing
22	51 (11.26%)	Data Protection
22	51 (11.26%)	Network Security
22	51 (11.26%)	Vulnerability Management
23	49 (10.82%)	Linux
24	48 (10.60%)	Stakeholder Management
25	46 (10.15%)	Incident Response

ISO/IEC 27001
Co-occurring Skills and Capabilities by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same employment type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
Applications
Business Applications
Cloud Services
Communications & Networking
Database & Business Intelligence
Development Applications
General
Job Titles
Libraries, Frameworks & Software Standards
Miscellaneous
Operating Systems
Processes & Methodologies
Programming Languages
Qualifications
Quality Assurance & Compliance
System Software
Systems Management
Vendors

Application Platforms
1	10 (2.21%)	SharePoint
2	9 (1.99%)	Microsoft Exchange
3	8 (1.77%)	nginx
4	4 (0.88%)	Apache Solr
4	4 (0.88%)	CMS
4	4 (0.88%)	Skype for Business
5	2 (0.44%)	Confluence
5	2 (0.44%)	IIS
5	2 (0.44%)	Jupyter
6	1 (0.22%)	IBM Notes
6	1 (0.22%)	SharePoint Server

Applications
1	12 (2.65%)	Microsoft Office
2	5 (1.10%)	Microsoft Excel
3	4 (0.88%)	Microsoft PowerPoint
4	3 (0.66%)	MS Visio
4	3 (0.66%)	Spreadsheet

Business Applications
1	8 (1.77%)	Sparx Enterprise Architect
2	1 (0.22%)	Remedy ITSM

Cloud Services
1	85 (18.76%)	Azure
2	65 (14.35%)	AWS
3	26 (5.74%)	Azure Sentinel
4	24 (5.30%)	Microsoft 365
5	17 (3.75%)	GCP
6	11 (2.43%)	Entra ID
7	9 (1.99%)	Amazon CloudWatch
7	9 (1.99%)	SaaS
8	8 (1.77%)	Cloud Computing
9	7 (1.55%)	AWS CloudFormation
9	7 (1.55%)	AWS CloudTrail
9	7 (1.55%)	AWS Lambda
9	7 (1.55%)	Azure DevOps
9	7 (1.55%)	Serverless
10	6 (1.32%)	GitHub
11	5 (1.10%)	Amazon GuardDuty
11	5 (1.10%)	Amazon S3
12	4 (0.88%)	Azure Monitor
12	4 (0.88%)	IaaS
12	4 (0.88%)	Microsoft Purview

Communications & Networking
1	58 (12.80%)	Firewall
2	51 (11.26%)	Network Security
3	20 (4.42%)	WAN
4	13 (2.87%)	DNS
4	13 (2.87%)	Intrusion Detection
4	13 (2.87%)	SD-WAN
5	12 (2.65%)	TCP/IP
6	10 (2.21%)	VPN
7	7 (1.55%)	Internet
8	6 (1.32%)	LAN
9	5 (1.10%)	HTTPS
9	5 (1.10%)	IPsec
10	4 (0.88%)	Intranet
10	4 (0.88%)	SCCP
10	4 (0.88%)	Skype
11	3 (0.66%)	Broadband
11	3 (0.66%)	Wi-Fi
11	3 (0.66%)	Wireless
12	2 (0.44%)	DHCP
12	2 (0.44%)	HTTP

Database & Business Intelligence
1	7 (1.55%)	MySQL
1	7 (1.55%)	NoSQL
2	4 (0.88%)	Big Data
2	4 (0.88%)	Couchbase
2	4 (0.88%)	Data Lake
2	4 (0.88%)	SQL Server
3	3 (0.66%)	DynamoDB
4	2 (0.44%)	Amazon Athena
4	2 (0.44%)	Amazon RDS
4	2 (0.44%)	Amazon Redshift
4	2 (0.44%)	Data Warehouse
4	2 (0.44%)	Hadoop
4	2 (0.44%)	MongoDB
4	2 (0.44%)	Relational Database
4	2 (0.44%)	Snowflake Schema

Development Applications
1	10 (2.21%)	Jenkins
2	5 (1.10%)	Git
2	5 (1.10%)	JIRA
3	3 (0.66%)	SonarQube
4	2 (0.44%)	CircleCI
4	2 (0.44%)	Cypress.io
4	2 (0.44%)	GitLab
4	2 (0.44%)	Mocha
4	2 (0.44%)	Octopus Deploy
4	2 (0.44%)	RStudio
5	1 (0.22%)	Burp Suite

General
1	100 (22.08%)	Social Skills
2	85 (18.76%)	Finance
2	85 (18.76%)	Public Sector
3	46 (10.15%)	Legal
4	33 (7.28%)	Analytical Skills
5	23 (5.08%)	Banking
6	18 (3.97%)	Manufacturing
7	13 (2.87%)	Telecoms
8	10 (2.21%)	Local Government
9	8 (1.77%)	Retail
10	7 (1.55%)	Inclusion and Diversity
11	5 (1.10%)	Electronics
11	5 (1.10%)	Financial Institution
11	5 (1.10%)	German Language
11	5 (1.10%)	Law
11	5 (1.10%)	Marketing
11	5 (1.10%)	Organisational Skills
12	4 (0.88%)	French Language
12	4 (0.88%)	Influencing Skills
12	4 (0.88%)	Investment Banking

Job Titles
1	87 (19.21%)	Architect
2	72 (15.89%)	Analyst
3	65 (14.35%)	Consultant
4	61 (13.47%)	Security Architect
5	50 (11.04%)	Security Consultant
6	47 (10.38%)	Senior
7	33 (7.28%)	Security Analyst
7	33 (7.28%)	Security Engineer
8	30 (6.62%)	Lead
9	28 (6.18%)	Security Manager
10	17 (3.75%)	Security Specialist
10	17 (3.75%)	SOC Analyst
11	16 (3.53%)	Cybersecurity Analyst
12	15 (3.31%)	Information Security Consultant
12	15 (3.31%)	Project Manager
13	14 (3.09%)	Senior Analyst
14	13 (2.87%)	Security Advisor
15	12 (2.65%)	Cybersecurity Manager
15	12 (2.65%)	Information Manager
15	12 (2.65%)	IT Manager

Libraries, Frameworks & Software Standards
1	8 (1.77%)	RabbitMQ
2	7 (1.55%)	YAML
3	5 (1.10%)	JSON
3	5 (1.10%)	Kafka
4	4 (0.88%)	LEMP Stack
4	4 (0.88%)	OAuth
5	3 (0.66%)	.NET
5	3 (0.66%)	JWT
5	3 (0.66%)	OAuth2
6	2 (0.44%)	AngularJS
6	2 (0.44%)	Express.js
6	2 (0.44%)	GraphQL
6	2 (0.44%)	MEAN Stack
6	2 (0.44%)	MERN Stack
6	2 (0.44%)	NestJS
6	2 (0.44%)	Node.js
6	2 (0.44%)	OpenAPI
6	2 (0.44%)	React
6	2 (0.44%)	SAML
6	2 (0.44%)	Web Services

Miscellaneous
1	69 (15.23%)	Management Information System
2	31 (6.84%)	Security Posture
3	26 (5.74%)	Cyber Threat
4	16 (3.53%)	Data Protection Act
5	14 (3.09%)	Cloud Native
6	13 (2.87%)	PKI
7	9 (1.99%)	CCTV
7	9 (1.99%)	Onboarding
8	8 (1.77%)	CESG
8	8 (1.77%)	Data Centre
8	8 (1.77%)	Public Cloud
9	7 (1.55%)	Greenfield Project
9	7 (1.55%)	Product Ownership
10	6 (1.32%)	Freedom of Information
10	6 (1.32%)	Hybrid Cloud
11	5 (1.10%)	Cyberattack
11	5 (1.10%)	Operational Technology
11	5 (1.10%)	Security Operations Centre
12	4 (0.88%)	Cyber Kill Chain
12	4 (0.88%)	Virtual Team

Operating Systems
1	49 (10.82%)	Linux
2	36 (7.95%)	Windows
3	12 (2.65%)	Windows Server
4	10 (2.21%)	Mac OS X
5	6 (1.32%)	Unix
6	4 (0.88%)	CentOS
7	3 (0.66%)	Windows 10
7	3 (0.66%)	Windows Server 2016
7	3 (0.66%)	zOS
8	2 (0.44%)	Windows Server 2012
8	2 (0.44%)	Windows Server 2019
9	1 (0.22%)	Mac OS
9	1 (0.22%)	Oracle Linux

Processes & Methodologies
1	218 (48.12%)	Cybersecurity
2	188 (41.50%)	Information Security
3	127 (28.04%)	Risk Management
4	74 (16.34%)	SIEM
5	71 (15.67%)	Security Architecture
6	60 (13.25%)	Cloud Security
7	52 (11.48%)	Risk Assessment
8	51 (11.26%)	Data Protection
8	51 (11.26%)	Penetration Testing
8	51 (11.26%)	Vulnerability Management
9	48 (10.60%)	Stakeholder Management
10	46 (10.15%)	Incident Response
11	44 (9.71%)	Problem-Solving
12	43 (9.49%)	Identity Access Management
13	41 (9.05%)	Incident Management
14	36 (7.95%)	Security Management
15	35 (7.73%)	Agile
15	35 (7.73%)	DevOps
15	35 (7.73%)	ISMS
16	33 (7.28%)	Threat Modelling

Programming Languages
1	20 (4.42%)	PowerShell
2	15 (3.31%)	Python
3	12 (2.65%)	Kusto Query Language
4	10 (2.21%)	Bash
5	9 (1.99%)	C#
5	9 (1.99%)	C++
6	7 (1.55%)	SQL
7	4 (0.88%)	PHP
8	3 (0.66%)	Go
8	3 (0.66%)	Java
8	3 (0.66%)	JavaScript
9	2 (0.44%)	Kotlin
9	2 (0.44%)	R
9	2 (0.44%)	TypeScript
10	1 (0.22%)	Ruby

Qualifications
1	128 (28.26%)	CISSP
2	110 (24.28%)	Security Cleared
3	93 (20.53%)	SC Cleared
4	92 (20.31%)	CISM
5	53 (11.70%)	CISA
6	37 (8.17%)	Degree
7	29 (6.40%)	Cisco Certification
8	24 (5.30%)	DV Cleared
9	21 (4.64%)	CRISC
10	20 (4.42%)	(ISC)2 CCSP
11	18 (3.97%)	CompTIA Security+
12	15 (3.31%)	CEH
12	15 (3.31%)	CISMP
13	14 (3.09%)	ISO 27001 Lead Auditor
14	12 (2.65%)	ISO 27001 Lead Implementer
15	11 (2.43%)	CREST Certified
16	10 (2.21%)	CCSK
16	10 (2.21%)	CLAS
17	9 (1.99%)	CESG Certified Professional
17	9 (1.99%)	TOGAF Certification

Quality Assurance & Compliance
1	220 (48.57%)	NIST
2	72 (15.89%)	GDPR
3	64 (14.13%)	PCI DSS
4	45 (9.93%)	GRC
5	41 (9.05%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
6	40 (8.83%)	Cyber Essentials
7	33 (7.28%)	COBIT
8	30 (6.62%)	HIPAA
8	30 (6.62%)	NCSC
9	20 (4.42%)	ISO 9001
10	14 (3.09%)	ISO 22301
11	12 (2.65%)	ISO/IEC 20000
12	11 (2.43%)	California Consumer Privacy Act
13	10 (2.21%)	JSP 440
13	10 (2.21%)	QA
14	9 (1.99%)	HMG Security Policy Framework
14	9 (1.99%)	Sarbanes-Oxley
15	8 (1.77%)	RMADS
16	7 (1.55%)	Disclosure Scotland
17	6 (1.32%)	SOC 2

System Software
1	21 (4.64%)	Active Directory
2	11 (2.43%)	Docker
3	3 (0.66%)	Virtual Machines
3	3 (0.66%)	VMware Infrastructure
4	2 (0.44%)	Firmware
4	2 (0.44%)	Hyper-V
4	2 (0.44%)	Squid

Systems Management
1	26 (5.74%)	Terraform
2	20 (4.42%)	Kubernetes
3	13 (2.87%)	Ansible
4	4 (0.88%)	Nessus
4	4 (0.88%)	Trend Micro Deep Security
5	3 (0.66%)	CASB
5	3 (0.66%)	Grafana
5	3 (0.66%)	HP Fortify
5	3 (0.66%)	Prometheus
5	3 (0.66%)	SCCM
5	3 (0.66%)	Single Sign-On
6	2 (0.44%)	HAProxy
6	2 (0.44%)	Kibana
6	2 (0.44%)	logstash
6	2 (0.44%)	Microsoft Intune
6	2 (0.44%)	Nmap
6	2 (0.44%)	Packer
6	2 (0.44%)	SCOrch
7	1 (0.22%)	Active Directory Federation Services
7	1 (0.22%)	IBM BigFix

Vendors
1	87 (19.21%)	Microsoft
2	22 (4.86%)	Cisco
3	11 (2.43%)	ServiceNow
3	11 (2.43%)	Splunk
4	9 (1.99%)	Google
5	8 (1.77%)	Sparx
6	7 (1.55%)	Qualys
6	7 (1.55%)	Rapid7
7	6 (1.32%)	Darktrace
7	6 (1.32%)	Palo Alto
7	6 (1.32%)	SAP
8	5 (1.10%)	Citrix
8	5 (1.10%)	CrowdStrike
8	5 (1.10%)	VMware
9	4 (0.88%)	Becrypt
9	4 (0.88%)	Netskope
10	3 (0.66%)	Atlassian
10	3 (0.66%)	BiZZdesign
10	3 (0.66%)	F5
10	3 (0.66%)	Fortinet

ISO/IEC 27001UK

All Quality Assurance and Compliance SkillsUK

ISO/IEC 27001Job Vacancy Trend

ISO/IEC 27001Contractor Daily Rate Trend

ISO/IEC 27001Daily Rate Histogram

ISO/IEC 27001Contractor Hourly Rate Trend

ISO/IEC 27001Top 16 Contract Locations

ISO/IEC 27001Top 30 Co-occurring Skills and Capabilities

ISO/IEC 27001Co-occurring Skills and Capabilities by Category