Period
to

The following table provides summary statistics for permanent job vacancies advertised in England with a requirement for GRC skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited GRC over the 6 months to 26 May 2022 with a comparison to the same period in the previous 2 years.

Governance, Risk Management and Compliance (GRC)
UK > England
6 months to
26 May 2022
Same period 2021 Same period 2020
Rank 673 596 667
Rank change year-on-year -77 +71 +69
Permanent jobs citing GRC 513 278 211
As % of all permanent jobs advertised in England 0.37% 0.34% 0.25%
As % of the Quality Assurance & Compliance category 2.23% 2.60% 1.92%
Number of salaries quoted 321 223 168
10th Percentile £42,500 £43,750 £41,250
25th Percentile £47,647 £53,750 £45,250
Median annual salary (50th Percentile) £65,000 £65,000 £65,000
75th Percentile £80,000 £80,000 £81,250
90th Percentile £87,500 £94,200 £88,750
UK median annual salary £65,000 £65,000 £62,500
% change year-on-year - +4.00% -3.85%

GRC is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies advertised in England with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
England
Permanent vacancies with a requirement for quality assurance or compliance skills 23,036 10,687 11,000
As % of all permanent IT jobs advertised in England 16.69% 12.99% 13.04%
Number of salaries quoted 11,901 7,514 8,550
10th Percentile £31,250 £31,250 £30,000
25th Percentile £41,250 £41,250 £40,000
Median annual salary (50th Percentile) £55,000 £55,000 £55,000
Median % change year-on-year - - +10.00%
75th Percentile £73,750 £71,250 £71,250
90th Percentile £90,000 £85,000 £85,000
UK median annual salary £55,000 £53,000 £52,500
% change year-on-year +3.77% +0.95% +5.00%

GRC
Job Vacancy Trend in England

Job postings citing GRC as a proportion of all IT jobs advertised in England.

Job vacancy trend for GRC in England

GRC
Salary Trend in England

3-month moving average salary quoted in jobs citing GRC in England.

Salary trend for GRC in England

GRC
Salary Histogram in England

Salary distribution for jobs citing GRC in England over the 6 months to 26 May 2022.

Salary histogram for GRC in England

GRC
Job Locations in England

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing GRC within the England region over the 6 months to 26 May 2022. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Jobs
London -184 232 £70,000 -6.67% 19
South East -20 130 £75,000 +30.43% 15
North of England -11 88 £50,000 -16.67% 7
North West -20 68 £50,000 -16.67% 5
South West -2 26 £58,750 -7.84% 1
Midlands -80 22 £65,000 +23.81% 1
West Midlands -61 21 £70,000 +35.92% 1
Yorkshire -48 18 £53,188 -9.47% 1
East of England -90 6 £55,000 -26.67% 3
North East -16 2 £35,000 -56.25% 1
East Midlands -25 1 £55,000 -8.33%
GRC
UK

For the 6 months to 26 May 2022, IT jobs citing GRC also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads across the England region with a requirement for GRC.

1 386 (75.24%) Information Security
2 278 (54.19%) ISO/IEC 27001
2 278 (54.19%) Cybersecurity
3 242 (47.17%) Risk Management
4 208 (40.55%) Finance
5 187 (36.45%) CISSP
6 170 (33.14%) NIST
7 148 (28.85%) CISM
8 144 (28.07%) Data Protection
9 138 (26.90%) Degree
10 137 (26.71%) ISMS
11 120 (23.39%) Agile
12 115 (22.42%) Management Information System
13 114 (22.22%) Azure
14 111 (21.64%) Stakeholder Management
15 108 (21.05%) AWS
16 107 (20.86%) CRISC
17 99 (19.30%) SaaS
18 83 (16.18%) DevOps
19 82 (15.98%) PCI DSS
20 81 (15.79%) Retail
21 80 (15.59%) Computer Science
22 77 (15.01%) Manufacturing
23 73 (14.23%) Security Management
23 73 (14.23%) GDPR
24 72 (14.04%) Security Operations
25 71 (13.84%) Social Skills
26 69 (13.45%) Public Sector
26 69 (13.45%) Information Security Management
27 68 (13.26%) Master's Degree

GRC
Co-occurring IT Skills in England by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 10 (1.95%) SharePoint
2 2 (0.39%) Apache
2 2 (0.39%) Confluence
2 2 (0.39%) IIS
2 2 (0.39%) WebLogic
2 2 (0.39%) WebSphere
Applications
1 21 (4.09%) Sketch
2 12 (2.34%) Adobe Creative Suite
2 12 (2.34%) Adobe XD
2 12 (2.34%) InVision
3 9 (1.75%) Zeplin
4 8 (1.56%) Microsoft Office
5 7 (1.36%) MS Visio
6 6 (1.17%) Microsoft Excel
7 5 (0.97%) Microsoft Project
8 1 (0.19%) Microsoft PowerPoint
Business Applications
1 12 (2.34%) SAP GRC
2 5 (0.97%) SAP S/4HANA
3 2 (0.39%) Remedy ITSM
3 2 (0.39%) SAP ERP
4 1 (0.19%) NetSuite
4 1 (0.19%) Oracle EBS
4 1 (0.19%) Oracle ERP
4 1 (0.19%) SAP CO
4 1 (0.19%) SAP ECC
4 1 (0.19%) SAP FI
4 1 (0.19%) SAP FI/CO
4 1 (0.19%) SAP IBP
4 1 (0.19%) SAP MM
4 1 (0.19%) Sentinel
Cloud Services
1 114 (22.22%) Azure
2 108 (21.05%) AWS
3 99 (19.30%) SaaS
4 40 (7.80%) GCP
5 21 (4.09%) Figma
6 19 (3.70%) BrowserStack
6 19 (3.70%) Microsoft 365
6 19 (3.70%) PaaS
6 19 (3.70%) Sauce Labs
7 18 (3.51%) Azure Cosmos DB
8 15 (2.92%) IaaS
9 11 (2.14%) Cloud Computing
10 7 (1.36%) Azure Sentinel
11 4 (0.78%) Azure Active Directory
11 4 (0.78%) Power Platform
11 4 (0.78%) SuccessFactors
11 4 (0.78%) WhatsApp
12 3 (0.58%) Azure Data Factory
12 3 (0.58%) Azure Synapse Analytics
13 2 (0.39%) Serverless
Communications & Networking
1 24 (4.68%) Firewall
2 22 (4.29%) Intrusion Detection
3 12 (2.34%) Internet
4 9 (1.75%) Intranet
4 9 (1.75%) Network Security
5 3 (0.58%) DNS
5 3 (0.58%) HTTP
6 2 (0.39%) HTTPS
6 2 (0.39%) SNMP
6 2 (0.39%) SSL
6 2 (0.39%) TCP/IP
7 1 (0.19%) SMTP
Database & Business Intelligence
1 5 (0.97%) Data Lake
1 5 (0.97%) SAP BW
2 4 (0.78%) Power BI
3 3 (0.58%) Big Data
3 3 (0.58%) Data Warehouse
3 3 (0.58%) InfluxDB
3 3 (0.58%) MongoDB
3 3 (0.58%) NoSQL
3 3 (0.58%) SQL Server Analysis Services
3 3 (0.58%) SQL Server Integration Services
3 3 (0.58%) SQL Server Reporting Services
4 2 (0.39%) DB2
4 2 (0.39%) SQL Server
5 1 (0.19%) BusinessObjects
5 1 (0.19%) SAP HANA
Development Applications
1 19 (3.70%) Cypress.io
1 19 (3.70%) Gatling
1 19 (3.70%) JMeter
1 19 (3.70%) Postman
1 19 (3.70%) Protractor
1 19 (3.70%) Selenium
1 19 (3.70%) SpecFlow
1 19 (3.70%) TestCafe
2 15 (2.92%) Burp Suite
2 15 (2.92%) Log4j
3 6 (1.17%) JIRA
4 5 (0.97%) Git (software)
5 2 (0.39%) ERwin
6 1 (0.19%) Team Foundation Server
General
1 208 (40.55%) Finance
2 81 (15.79%) Retail
3 77 (15.01%) Manufacturing
4 71 (13.84%) Social Skills
5 69 (13.45%) Public Sector
6 59 (11.50%) Legal
7 56 (10.92%) Local Government
8 37 (7.21%) Organisational Skills
9 33 (6.43%) Analytical Skills
10 24 (4.68%) Influencing Skills
11 23 (4.48%) Presentation Skills
12 22 (4.29%) Banking
13 15 (2.92%) Law
14 14 (2.73%) Telecoms
15 13 (2.53%) Automotive
16 6 (1.17%) Games
16 6 (1.17%) Marketing
17 5 (0.97%) Inclusion and Diversity
18 4 (0.78%) Documentation Skills
19 3 (0.58%) Investment Banking
Job Titles
1 113 (22.03%) Analyst
2 110 (21.44%) Security Manager
3 66 (12.87%) Security Analyst
4 48 (9.36%) Consultant
5 38 (7.41%) Information Analyst
5 38 (7.41%) Information Manager
6 37 (7.21%) Information Security Analyst
7 35 (6.82%) Security Officer
8 33 (6.43%) Information Security Manager
9 32 (6.24%) Security Consultant
10 29 (5.65%) Head of Security
11 28 (5.46%) Risk Analyst
12 27 (5.26%) Information Security Officer
13 26 (5.07%) Information Officer
14 25 (4.87%) IT Analyst
15 23 (4.48%) Compliance Analyst
16 22 (4.29%) Architect
17 21 (4.09%) Governance Analyst
17 21 (4.09%) Senior Analyst
18 19 (3.70%) Head of Information Security
Libraries, Frameworks & Software Standards
1 30 (5.85%) React
2 27 (5.26%) .NET
3 21 (4.09%) AngularJS
3 21 (4.09%) REST
4 19 (3.70%) Swagger
5 7 (1.36%) Web Services
6 6 (1.17%) LDAP
6 6 (1.17%) SailPoint
6 6 (1.17%) SAML
7 5 (0.97%) JSON
7 5 (0.97%) XML
8 4 (0.78%) OAuth
8 4 (0.78%) RabbitMQ
9 3 (0.58%) MDX
10 2 (0.39%) EJB
10 2 (0.39%) HTML
10 2 (0.39%) J2EE
10 2 (0.39%) JDBC
10 2 (0.39%) JSP
10 2 (0.39%) ODBC
Miscellaneous
1 115 (22.42%) Management Information System
2 45 (8.77%) Greenfield Project
3 22 (4.29%) Public Cloud
4 21 (4.09%) Cyberthreat
4 21 (4.09%) Enterprise Software
4 21 (4.09%) User Experience
5 20 (3.90%) IoT
6 16 (3.12%) Linux Command Line
7 15 (2.92%) Self-Motivation
8 13 (2.53%) Data Protection Act
8 13 (2.53%) PMI
9 9 (1.75%) Freedom of Information
10 8 (1.56%) Cyberattack
11 7 (1.36%) Cyber Defence
12 6 (1.17%) Data Centre
13 5 (0.97%) Security Operations Centre
14 4 (0.78%) Blockchain
14 4 (0.78%) Cloud Native
14 4 (0.78%) CMDB
14 4 (0.78%) Reinsurance
Operating Systems
1 11 (2.14%) Windows
2 9 (1.75%) Linux
3 2 (0.39%) Unix
Processes & Methodologies
1 386 (75.24%) Information Security
2 278 (54.19%) Cybersecurity
3 242 (47.17%) Risk Management
4 144 (28.07%) Data Protection
5 137 (26.71%) ISMS
6 120 (23.39%) Agile
7 111 (21.64%) Stakeholder Management
8 83 (16.18%) DevOps
9 80 (15.59%) Computer Science
10 73 (14.23%) Security Management
11 72 (14.04%) Security Operations
12 69 (13.45%) Information Security Management
13 60 (11.70%) Artificial Intelligence
13 60 (11.70%) Biology
13 60 (11.70%) Chemistry
13 60 (11.70%) Informatics
13 60 (11.70%) Machine Learning
14 57 (11.11%) Incident Management
15 54 (10.53%) Vulnerability Assessment
16 52 (10.14%) Security Architecture
Programming Languages
1 45 (8.77%) SQL
2 36 (7.02%) C#
3 24 (4.68%) JavaScript
4 22 (4.29%) PowerShell
5 19 (3.70%) T-SQL
5 19 (3.70%) TypeScript
6 17 (3.31%) Bash
7 8 (1.56%) Python
8 4 (0.78%) C
8 4 (0.78%) VB.NET
9 3 (0.58%) Data Analysis Expressions (DAX)
10 2 (0.39%) Java
Qualifications
1 187 (36.45%) CISSP
2 148 (28.85%) CISM
3 138 (26.90%) Degree
4 107 (20.86%) CRISC
5 68 (13.26%) Master's Degree
6 66 (12.87%) Computer Science Degree
7 56 (10.92%) CISA
8 28 (5.46%) (ISC)2 CCSP
8 28 (5.46%) Cisco Certification
9 23 (4.48%) SANS
9 23 (4.48%) Security Cleared
10 22 (4.29%) CCSK
10 22 (4.29%) SSCP
11 21 (4.09%) CCSP
12 17 (3.31%) CASP
12 17 (3.31%) CompTIA CySA+
12 17 (3.31%) PMI Certification
12 17 (3.31%) SC Cleared
13 14 (2.73%) CISMP
14 12 (2.34%) ISO 27001 Lead Auditor
Quality Assurance & Compliance
1 278 (54.19%) ISO/IEC 27001
2 170 (33.14%) NIST
3 82 (15.98%) PCI DSS
4 73 (14.23%) GDPR
5 59 (11.50%) Cyber Essentials
6 42 (8.19%) COBIT
7 27 (5.26%) Cyber Essentials PLUS
8 20 (3.90%) QA
9 17 (3.31%) SOC 2
10 10 (1.95%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
11 9 (1.75%) PMO
11 9 (1.75%) Sarbanes-Oxley
12 6 (1.17%) NCSC
13 5 (0.97%) ISO/IEC 27005
14 4 (0.78%) Actionable Recommendations
14 4 (0.78%) HIPAA
14 4 (0.78%) ISO 31000
14 4 (0.78%) NIST 800
15 2 (0.39%) Accessibility
15 2 (0.39%) ITGC
System Software
1 10 (1.95%) Active Directory
2 2 (0.39%) NDS
Systems Management
1 16 (3.12%) Kubernetes
2 15 (2.92%) FortiGate
2 15 (2.92%) Nessus
2 15 (2.92%) Trend Micro Deep Security
3 14 (2.73%) RSA Archer
4 8 (1.56%) Terraform
5 5 (0.97%) Single Sign-On
6 3 (0.58%) EMC NetWorker
7 2 (0.39%) Active Directory Federation Services
7 2 (0.39%) Ansible
7 2 (0.39%) CASB
7 2 (0.39%) CSIRT
7 2 (0.39%) MIIS
7 2 (0.39%) NetIQ Identity Manager
8 1 (0.19%) Computer Emergency Response Teams
Vendors
1 56 (10.92%) Microsoft
2 36 (7.02%) Google
3 28 (5.46%) Twitter
4 18 (3.51%) OneTrust
5 17 (3.31%) IBM
5 17 (3.31%) Okta
6 16 (3.12%) CrowdStrike
7 15 (2.92%) Forcepoint
7 15 (2.92%) Fortinet
7 15 (2.92%) Qualys
7 15 (2.92%) Sophos
7 15 (2.92%) Tanium
8 13 (2.53%) SAP
9 12 (2.34%) Adobe
10 10 (1.95%) ServiceNow
11 9 (1.75%) Ariba
12 6 (1.17%) ForgeRock
13 4 (0.78%) Concur
13 4 (0.78%) Facebook
14 3 (0.58%) AlienVault