Period
to 23 September 2019

The following table provides summary statistics for permanent job vacancies with a requirement for CISA qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 23 September 2019 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Systems Auditor (CISA)
UK
6 months to
23 Sep 2019
Same period 2018 Same period 2017
Rank 546 473 478
Rank change year-on-year -73 +5 -62
Permanent jobs citing CISA 662 1,043 1,074
As % of all permanent IT jobs advertised in the UK 0.47% 0.63% 0.61%
As % of the Qualifications category 2.02% 2.67% 2.49%
Number of salaries quoted 529 718 855
UK median annual salary £65,000 £65,000 £63,250
Median salary % change year-on-year - +2.77% +1.20%
10th Percentile £41,900 £42,500 £42,000
90th Percentile £100,000 £95,375 £95,000
UK excluding London median annual salary £57,500 £60,000 £55,000
% change year-on-year -4.17% +9.09% -

CISA is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 32,821 39,001 43,055
As % of all permanent IT jobs advertised in the UK 23.44% 23.59% 24.51%
Number of salaries quoted 23,835 28,921 33,066
UK median annual salary £50,000 £50,000 £46,000
Median salary % change year-on-year - +8.70% +2.22%
10th Percentile £26,750 £26,250 £26,000
90th Percentile £82,500 £80,000 £77,500
UK excluding London median annual salary £45,000 £45,000 £42,500
% change year-on-year - +5.88% -

CISA
Job Vacancy Trend

Job postings citing CISA as a percentage of all IT jobs advertised.

Job vacancy trend for CISA in the UK

CISA
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISA.

Salary trend for CISA in the UK

CISA
Salary Histogram

The salary distribution of IT jobs citing CISA over the 6 months to 23 September 2019.

Salary histogram for CISA in the UK

CISA
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISA within the UK over the 6 months to 23 September 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -87 624 £65,000 - 72
UK excluding London -94 327 £57,500 -4.17% 38
London -42 309 £70,000 -6.67% 35
South East -26 107 £65,000 +8.33% 9
North of England -39 85 £47,500 -13.64% 12
Midlands +31 60 £48,000 -17.24% 10
North West -8 56 £40,000 -27.27% 7
South West +32 37 £62,500 -1.96% 6
West Midlands +6 32 £48,000 -16.52% 10
East Midlands +47 28 £71,250 +13.10%
Yorkshire -31 24 £75,000 +30.43% 4
East of England -26 20 £67,500 -3.57%
Scotland +20 11 £48,750 -35.00% 1
Wales +13 7 £39,000 -12.36%
North East +27 5 £50,000 +25.00% 1

For the 6 months to 23 September 2019, IT jobs citing CISA also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISA.

1 561 (84.74%) CISSP
2 498 (75.23%) CISM
3 451 (68.13%) Information Security
4 327 (49.40%) ISO/IEC 27001
5 305 (46.07%) Cybersecurity
6 227 (34.29%) Degree
7 219 (33.08%) Finance
8 190 (28.70%) NIST
9 169 (25.53%) Management Information System
10 158 (23.87%) CRISC
11 155 (23.41%) Risk Management
12 151 (22.81%) PCI DSS
13 133 (20.09%) ITIL
14 131 (19.79%) SIEM
15 112 (16.92%) Security Architecture
16 106 (16.01%) Vulnerability Management
17 99 (14.95%) GDPR
18 96 (14.50%) Penetration Testing
18 96 (14.50%) Security Management
19 87 (13.14%) Stakeholder Management
20 86 (12.99%) Linux
21 81 (12.24%) Risk Assessment
21 81 (12.24%) Internal Audit
22 78 (11.78%) Firewall
23 75 (11.33%) Microsoft
23 75 (11.33%) Analytical Skills
23 75 (11.33%) COBIT
24 71 (10.73%) Data Protection
24 71 (10.73%) Security Cleared
25 66 (9.97%) CEH

CISA
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 24 (3.63%) IIS
2 15 (2.27%) SharePoint
3 1 (0.15%) MS Exchange
3 1 (0.15%) Skype for Business
Applications
1 22 (3.32%) Microsoft Excel
1 22 (3.32%) Microsoft PowerPoint
2 6 (0.91%) Microsoft Office
3 2 (0.30%) MS Visio
Business Applications
1 7 (1.06%) Sparx Enterprise Architect
2 1 (0.15%) SAP ERP
2 1 (0.15%) SAP S/4HANA
Cloud Services
1 53 (8.01%) Azure
2 49 (7.40%) AWS
3 28 (4.23%) GCP
4 14 (2.11%) Cloud Computing
5 10 (1.51%) Office 365
6 9 (1.36%) Power Platform
6 9 (1.36%) SaaS
7 6 (0.91%) Azure Active Directory
8 5 (0.76%) Microsoft Flow
9 2 (0.30%) Mimecast
9 2 (0.30%) PaaS
10 1 (0.15%) Amazon CloudWatch
10 1 (0.15%) Amazon EC2
10 1 (0.15%) Amazon S3
10 1 (0.15%) AWS CloudFormation
10 1 (0.15%) AWS CloudTrail
10 1 (0.15%) CloudFront
10 1 (0.15%) IaaS
10 1 (0.15%) IBM Cloud
10 1 (0.15%) Virtual Private Cloud
Communications & Networking
1 78 (11.78%) Firewall
2 33 (4.98%) Network Security
3 19 (2.87%) Intrusion Detection
4 16 (2.42%) VPN
5 14 (2.11%) TCP/IP
6 12 (1.81%) Internet
6 12 (1.81%) LAN
7 7 (1.06%) DNS
8 5 (0.76%) WAN
8 5 (0.76%) Wireless
9 4 (0.60%) IPsec
9 4 (0.60%) RTP
9 4 (0.60%) SSL
10 3 (0.45%) Broadband
10 3 (0.45%) Kerberos
10 3 (0.45%) tcpdump
10 3 (0.45%) Wireshark
11 2 (0.30%) HTTP
11 2 (0.30%) SMTP
12 1 (0.15%) SNMP
Database & Business Intelligence
1 14 (2.11%) Big Data
2 5 (0.76%) Power BI
3 2 (0.30%) Data Lake
3 2 (0.30%) GIS
4 1 (0.15%) Amazon RDS
4 1 (0.15%) Data Warehouse
4 1 (0.15%) MySQL
4 1 (0.15%) Oracle Database
4 1 (0.15%) PostgreSQL
4 1 (0.15%) SAP HANA
4 1 (0.15%) SQL Server
Development Applications
1 6 (0.91%) JIRA
1 6 (0.91%) SonarQube
1 6 (0.91%) Visual Studio
2 3 (0.45%) IDA Disassembler
3 2 (0.30%) AppScan
General
1 219 (33.08%) Finance
2 50 (7.55%) Banking
3 47 (7.10%) Public Sector
4 46 (6.95%) Legal
5 23 (3.47%) Retail
6 13 (1.96%) Games
7 12 (1.81%) Financial Institution
7 12 (1.81%) Law
8 11 (1.66%) Telecoms
9 6 (0.91%) Aerospace
9 6 (0.91%) Back Office
10 5 (0.76%) Marketing
11 3 (0.45%) Manufacturing
12 2 (0.30%) Military
13 1 (0.15%) Greek Language
13 1 (0.15%) International Banking
13 1 (0.15%) Local Government
13 1 (0.15%) Spanish Language
Job Titles
1 108 (16.31%) Security Manager
2 93 (14.05%) Analyst
3 89 (13.44%) Consultant
4 83 (12.54%) Security Consultant
5 79 (11.93%) Security Analyst
6 65 (9.82%) Architect
7 64 (9.67%) Security Architect
8 57 (8.61%) Information Analyst
9 56 (8.46%) Information Manager
9 56 (8.46%) Information Security Manager
10 55 (8.31%) Information Security Analyst
11 50 (7.55%) Auditor
12 39 (5.89%) Information Security Consultant
13 38 (5.74%) Security Specialist
14 37 (5.59%) Head of Security
15 36 (5.44%) IT Auditor
15 36 (5.44%) Security Engineer
16 32 (4.83%) Security Officer
17 31 (4.68%) Cybersecurity Consultant
18 29 (4.38%) Head of Information
Libraries, Frameworks & Software Standards
1 33 (4.98%) SailPoint
2 7 (1.06%) Web Services
3 5 (0.76%) SAML
4 3 (0.45%) OAuth
4 3 (0.45%) OLE
5 2 (0.30%) LDAP
6 1 (0.15%) Middleware
Miscellaneous
1 169 (25.53%) Management Information System
2 75 (11.33%) Analytical Skills
3 27 (4.08%) Cyberthreat
4 21 (3.17%) Data Centre
5 19 (2.87%) Self-Motivation
6 18 (2.72%) PMI
7 17 (2.57%) Security Operations Centre
8 14 (2.11%) Distributed Denial-of-Service
9 12 (1.81%) Cyber Kill Chain
9 12 (1.81%) Social Media
10 11 (1.66%) Data Protection Act
11 10 (1.51%) Client/Server
12 9 (1.36%) CESG
12 9 (1.36%) Mobile Computing
13 8 (1.21%) Blog
13 8 (1.21%) CESG CLAS
13 8 (1.21%) Cyberattack
13 8 (1.21%) Driving Licence
13 8 (1.21%) PKI
14 7 (1.06%) Hybrid Cloud
Operating Systems
1 86 (12.99%) Linux
2 64 (9.67%) Windows
3 19 (2.87%) Unix
4 10 (1.51%) Windows Server
5 6 (0.91%) Solaris
6 3 (0.45%) Mac OS X
7 1 (0.15%) Android
7 1 (0.15%) Apple iOS
7 1 (0.15%) Mac OS
Processes & Methodologies
1 451 (68.13%) Information Security
2 305 (46.07%) Cybersecurity
3 155 (23.41%) Risk Management
4 133 (20.09%) ITIL
5 131 (19.79%) SIEM
6 112 (16.92%) Security Architecture
7 106 (16.01%) Vulnerability Management
8 96 (14.50%) Penetration Testing
8 96 (14.50%) Security Management
9 87 (13.14%) Stakeholder Management
10 81 (12.24%) Internal Audit
10 81 (12.24%) Risk Assessment
11 71 (10.73%) Data Protection
12 64 (9.67%) Identity Access Management
12 64 (9.67%) Security Operations
13 61 (9.21%) Agile Software Development
13 61 (9.21%) Problem-Solving
14 58 (8.76%) Information Security Management
15 51 (7.70%) Continuous Improvement
16 49 (7.40%) IT Audit
Programming Languages
1 42 (6.34%) Python
2 34 (5.14%) Java
3 22 (3.32%) C++
4 16 (2.42%) C
5 14 (2.11%) SQL
6 13 (1.96%) PowerShell
7 10 (1.51%) Perl
8 8 (1.21%) C#
9 6 (0.91%) Go
10 5 (0.76%) Bourne shell
10 5 (0.76%) Korn
10 5 (0.76%) Ruby
11 4 (0.60%) Bash Shell
12 2 (0.30%) JavaScript
12 2 (0.30%) PHP
12 2 (0.30%) Scala
12 2 (0.30%) Shell Script
Qualifications
1 561 (84.74%) CISSP
2 498 (75.23%) CISM
3 227 (34.29%) Degree
4 158 (23.87%) CRISC
5 71 (10.73%) Security Cleared
6 66 (9.97%) CEH
7 65 (9.82%) Cisco Certification
8 47 (7.10%) (ISC)2 CCSP
9 46 (6.95%) GIAC
10 44 (6.65%) SANS
11 40 (6.04%) CESG Certified Professional
12 33 (4.98%) SC Cleared
13 30 (4.53%) SSCP
14 28 (4.23%) CCSP
15 27 (4.08%) CompTIA Security+
15 27 (4.08%) ISO 27001 Lead Implementer
16 25 (3.78%) ISSMP
17 24 (3.63%) CREST Certified
18 23 (3.47%) IISP
18 23 (3.47%) OSCP
Quality Assurance & Compliance
1 327 (49.40%) ISO/IEC 27001
2 190 (28.70%) NIST
3 151 (22.81%) PCI DSS
4 99 (14.95%) GDPR
5 75 (11.33%) COBIT
6 45 (6.80%) Cyber Essentials
7 39 (5.89%) Sarbanes-Oxley
8 35 (5.29%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
9 27 (4.08%) NCSC
10 24 (3.63%) ISAE 3402
11 14 (2.11%) HMG Security Policy Framework
11 14 (2.11%) ISO 31000
12 13 (1.96%) ISO/IEC 27005
13 12 (1.81%) COSO
14 11 (1.66%) ISO 9001
14 11 (1.66%) NIST 800
15 10 (1.51%) ISO 22301
15 10 (1.51%) MiFID
15 10 (1.51%) SLA
16 9 (1.36%) ITGC
System Software
1 19 (2.87%) Active Directory
2 6 (0.91%) Docker
2 6 (0.91%) ISA Server
3 4 (0.60%) Virtual Machines
4 3 (0.45%) Snort
5 1 (0.15%) VMware Infrastructure
Systems Management
1 45 (6.80%) Nessus
2 34 (5.14%) McAfee ePO
3 20 (3.02%) SCCM
4 7 (1.06%) Single Sign-On
5 6 (0.91%) IBM Guardium
5 6 (0.91%) Kubernetes
5 6 (0.91%) Terraform
5 6 (0.91%) Trend Micro Deep Security
6 4 (0.60%) Computer Emergency Response Teams
6 4 (0.60%) CSIRT
7 3 (0.45%) QRadar
8 2 (0.30%) Microsoft Intune
9 1 (0.15%) Ansible
9 1 (0.15%) Nagios
9 1 (0.15%) Opscode Chef
9 1 (0.15%) Puppet
Vendors
1 75 (11.33%) Microsoft
2 54 (8.16%) Splunk
3 48 (7.25%) McAfee
4 32 (4.83%) Qualys
5 29 (4.38%) Aveksa
5 29 (4.38%) Palo Alto
6 27 (4.08%) Cisco
7 20 (3.02%) CyberArk
7 20 (3.02%) LogRhythm
7 20 (3.02%) SolarWinds
8 19 (2.87%) Google
8 19 (2.87%) Symantec
9 15 (2.27%) Progress
10 14 (2.11%) CA
11 11 (1.66%) Oracle
12 9 (1.36%) ArcSight
12 9 (1.36%) CheckPoint
12 9 (1.36%) IBM
12 9 (1.36%) Okta
12 9 (1.36%) Trend Micro