Period
to 26 September 2021

The following table provides summary statistics for permanent job vacancies with a requirement for CISA qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 26 September 2021 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Systems Auditor (CISA)
UK
6 months to
26 Sep 2021
Same period 2020 Same period 2019
Rank 658 485 563
Rank change year-on-year -173 +78 -86
Permanent jobs citing CISA 381 219 654
As % of all permanent jobs advertised in the UK 0.31% 0.45% 0.47%
As % of the Qualifications category 1.46% 2.06% 1.99%
Number of salaries quoted 296 196 528
10th Percentile £42,500 £42,500 £41,425
25th Percentile £52,500 £46,250 £50,000
Median annual salary (50th Percentile) £64,618 £60,000 £65,000
Median % change year-on-year +7.70% -7.69% -
75th Percentile £78,750 £82,500 £80,000
90th Percentile £89,375 £90,750 £100,000
UK excluding London median annual salary £60,000 £55,453 £56,000
% change year-on-year +8.20% -0.98% -6.67%

CISA is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 26,171 10,635 32,936
As % of all permanent IT jobs advertised in the UK 21.54% 22.05% 23.45%
Number of salaries quoted 14,627 8,116 24,336
10th Percentile £31,250 £31,250 £26,750
25th Percentile £40,500 £41,000 £35,000
Median annual salary (50th Percentile) £55,000 £55,000 £50,000
Median % change year-on-year - +10.00% -
75th Percentile £72,500 £71,250 £66,250
90th Percentile £87,500 £87,500 £82,500
UK excluding London median annual salary £47,500 £48,500 £45,000
% change year-on-year -2.06% +7.78% -

CISA
Job Vacancy Trend

Job postings citing CISA as a proportion of all IT jobs advertised.

Job vacancy trend for CISA in the UK

CISA
Salary Trend

3-month moving average salary quoted in jobs citing CISA.

Salary trend for CISA in the UK

CISA
Salary Histogram

Salary distribution for jobs citing CISA over the 6 months to 26 September 2021.

Salary histogram for CISA in the UK

CISA
Top 14 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISA within the UK over the 6 months to 26 September 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -215 314 £65,000 +8.33% 65
London -178 168 £70,000 - 38
UK excluding London -193 166 £60,000 +8.20% 30
Work from Home -216 91 £70,000 +27.27% 14
South East -132 67 £62,500 +26.26% 8
North of England -132 23 £55,000 -2.22% 8
Scotland -86 21 £57,500 +21.05% 3
East of England -89 18 £77,500 +29.17% 4
South West -96 16 £46,625 -28.27% 2
Midlands -131 13 £62,500 +4.17% 5
Yorkshire -94 12 £55,000 -4.35% 6
West Midlands -100 12 £62,500 +4.17% 4
North West -102 11 £55,000 -2.22% 1
Wales -32 8 £37,000 -40.80%

For the 6 months to 26 September 2021, IT jobs citing CISA also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISA.

1 312 (81.89%) CISSP
2 290 (76.12%) CISM
3 247 (64.83%) Information Security
4 204 (53.54%) ISO/IEC 27001
5 195 (51.18%) Cybersecurity
6 152 (39.90%) Risk Management
7 125 (32.81%) Finance
8 122 (32.02%) Social Skills
9 110 (28.87%) NIST
10 97 (25.46%) Management Information System
11 92 (24.15%) SIEM
12 90 (23.62%) CRISC
13 82 (21.52%) Degree
13 82 (21.52%) Security Management
14 80 (21.00%) GDPR
15 78 (20.47%) ITIL
16 72 (18.90%) Analytical Skills
17 69 (18.11%) Firewall
18 64 (16.80%) Penetration Testing
19 59 (15.49%) Vulnerability Management
19 59 (15.49%) IT Audit
20 55 (14.44%) Internal Audit
21 52 (13.65%) Continuous Improvement
22 50 (13.12%) COBIT
22 50 (13.12%) Network Security
23 49 (12.86%) AWS
24 48 (12.60%) Security Architecture
25 46 (12.07%) Security Operations
26 45 (11.81%) Azure
26 45 (11.81%) Data Privacy

CISA
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 18 (4.72%) IIS
2 4 (1.05%) SharePoint
3 2 (0.52%) Elasticsearch
4 1 (0.26%) Appian
Applications
1 3 (0.79%) Microsoft Office
1 3 (0.79%) Microsoft PowerPoint
Business Applications
1 2 (0.52%) Sentinel
2 1 (0.26%) NetSuite
2 1 (0.26%) Oracle ERP
2 1 (0.26%) Oracle Financials
2 1 (0.26%) Oracle Procure-to-Pay
2 1 (0.26%) SAP BPC
2 1 (0.26%) SAP GRC
2 1 (0.26%) SAP Oil and Gas
Cloud Services
1 49 (12.86%) AWS
2 45 (11.81%) Azure
3 17 (4.46%) Microsoft 365
4 12 (3.15%) Cloud Computing
5 8 (2.10%) GCP
5 8 (2.10%) PaaS
5 8 (2.10%) SaaS
5 8 (2.10%) Serverless
6 7 (1.84%) IaaS
7 6 (1.57%) Akamai
8 5 (1.31%) Azure Active Directory
9 4 (1.05%) Azure Sentinel
10 2 (0.52%) Amazon CloudWatch
10 2 (0.52%) Amazon GuardDuty
10 2 (0.52%) Google Workspace
10 2 (0.52%) Power Platform
10 2 (0.52%) PowerApps
11 1 (0.26%) Amazon EC2
11 1 (0.26%) Amazon S3
11 1 (0.26%) Azure Service Bus
Communications & Networking
1 69 (18.11%) Firewall
2 50 (13.12%) Network Security
3 29 (7.61%) Intrusion Detection
4 21 (5.51%) VPN
5 17 (4.46%) TCP/IP
6 13 (3.41%) DNS
7 9 (2.36%) HTTP
7 9 (2.36%) Internet
7 9 (2.36%) Wireless
7 9 (2.36%) Wireless Security
8 8 (2.10%) GSM
9 7 (1.84%) DHCP
9 7 (1.84%) SSL
10 6 (1.57%) DMZ
11 5 (1.31%) Intranet
11 5 (1.31%) LAN
11 5 (1.31%) SD-WAN
11 5 (1.31%) WAN
12 4 (1.05%) BGP
12 4 (1.05%) VoIP
Database & Business Intelligence
1 9 (2.36%) MySQL
2 7 (1.84%) Relational Database
2 7 (1.84%) SQL Server
3 6 (1.57%) Oracle Database
3 6 (1.57%) RDBMS
4 3 (0.79%) Blockchain
5 2 (0.52%) Tableau
6 1 (0.26%) Azure SQL Database
6 1 (0.26%) Data Warehouse
6 1 (0.26%) Oracle Reports
6 1 (0.26%) Power BI
6 1 (0.26%) SAP HANA
Development Applications
1 10 (2.62%) JIRA
2 6 (1.57%) SoapUI
3 4 (1.05%) Rational DOORS
3 4 (1.05%) SonarQube
3 4 (1.05%) Visual Studio
4 1 (0.26%) AppScan
4 1 (0.26%) Burp Suite
4 1 (0.26%) Eclipse
General
1 125 (32.81%) Finance
2 122 (32.02%) Social Skills
3 72 (18.90%) Analytical Skills
4 36 (9.45%) Presentation Skills
5 28 (7.35%) Legal
6 22 (5.77%) Influencing Skills
7 17 (4.46%) Law
8 16 (4.20%) Inclusion and Diversity
8 16 (4.20%) Public Sector
9 12 (3.15%) Banking
9 12 (3.15%) French Language
10 10 (2.62%) Local Government
10 10 (2.62%) Telecoms
11 8 (2.10%) Advertising
11 8 (2.10%) Back Office
11 8 (2.10%) Documentation Skills
11 8 (2.10%) Retail
12 5 (1.31%) Marketing
13 4 (1.05%) Pharmaceutical
14 2 (0.52%) Publishing
Job Titles
1 68 (17.85%) Security Manager
2 66 (17.32%) Analyst
3 54 (14.17%) Security Analyst
4 45 (11.81%) Consultant
5 34 (8.92%) Architect
6 33 (8.66%) Security Architect
6 33 (8.66%) Security Consultant
7 31 (8.14%) Information Manager
7 31 (8.14%) Information Security Manager
8 30 (7.87%) IT Analyst
9 26 (6.82%) Auditor
10 25 (6.56%) IT Auditor
10 25 (6.56%) IT Manager
10 25 (6.56%) IT Security Analyst
11 24 (6.30%) Security Officer
12 21 (5.51%) Cybersecurity Consultant
13 20 (5.25%) Information Analyst
13 20 (5.25%) Information Security Analyst
14 19 (4.99%) Security Engineer
15 15 (3.94%) Senior Security Consultant
Libraries, Frameworks & Software Standards
1 7 (1.84%) SOAP
2 6 (1.57%) SAML
3 5 (1.31%) ISPF
3 5 (1.31%) Web Services
4 4 (1.05%) .NET
5 3 (0.79%) OAuth
5 3 (0.79%) SailPoint
6 2 (0.52%) ASP.NET
6 2 (0.52%) J2EE
6 2 (0.52%) LDAP
6 2 (0.52%) OpenID
7 1 (0.26%) JSP
7 1 (0.26%) Oracle Fusion
7 1 (0.26%) REST
Miscellaneous
1 97 (25.46%) Management Information System
2 17 (4.46%) Cyberthreat
3 14 (3.67%) Public Cloud
4 13 (3.41%) Distributed Denial-of-Service
5 10 (2.62%) Data Centre
5 10 (2.62%) Self-Motivation
6 9 (2.36%) Cyberattack
6 9 (2.36%) Data Protection Act
6 9 (2.36%) Security Operations Centre
7 7 (1.84%) Cyber Kill Chain
8 6 (1.57%) Digital Media
8 6 (1.57%) Virtual Team
9 5 (1.31%) Cloud Native
9 5 (1.31%) Clustering
9 5 (1.31%) PKI
9 5 (1.31%) Robotics
10 4 (1.05%) Driving Licence
10 4 (1.05%) Mobile Payment
10 4 (1.05%) Smartcard
10 4 (1.05%) Smartphone
Operating Systems
1 40 (10.50%) Linux
1 40 (10.50%) Windows
2 13 (3.41%) Windows Server
3 12 (3.15%) Mac OS
4 10 (2.62%) Solaris
5 9 (2.36%) Unix
6 2 (0.52%) Windows 10
Processes & Methodologies
1 247 (64.83%) Information Security
2 195 (51.18%) Cybersecurity
3 152 (39.90%) Risk Management
4 92 (24.15%) SIEM
5 82 (21.52%) Security Management
6 78 (20.47%) ITIL
7 64 (16.80%) Penetration Testing
8 59 (15.49%) IT Audit
8 59 (15.49%) Vulnerability Management
9 55 (14.44%) Internal Audit
10 52 (13.65%) Continuous Improvement
11 48 (12.60%) Security Architecture
12 46 (12.07%) Security Operations
13 45 (11.81%) Data Privacy
14 42 (11.02%) Data Protection
14 42 (11.02%) Risk Assessment
15 39 (10.24%) Stakeholder Management
16 35 (9.19%) ISMS
17 33 (8.66%) Business Continuity
17 33 (8.66%) Risk Analysis
Programming Languages
1 16 (4.20%) SQL
2 11 (2.89%) C
2 11 (2.89%) Python
3 10 (2.62%) Go
4 6 (1.57%) Java
5 5 (1.31%) C#
6 4 (1.05%) PowerShell
7 2 (0.52%) VB.NET
7 2 (0.52%) VBScript
8 1 (0.26%) C++
8 1 (0.26%) PHP
8 1 (0.26%) R
Qualifications
1 312 (81.89%) CISSP
2 290 (76.12%) CISM
3 90 (23.62%) CRISC
4 82 (21.52%) Degree
5 43 (11.29%) CEH
6 37 (9.71%) Cisco Certification
7 34 (8.92%) CompTIA Security+
8 25 (6.56%) CISMP
8 25 (6.56%) SANS
9 24 (6.30%) SSCP
10 21 (5.51%) ISO 27001 Lead Auditor
10 21 (5.51%) Security Cleared
11 20 (5.25%) CCNA
11 20 (5.25%) OSCP
12 19 (4.99%) CGEIT
13 17 (4.46%) (ISC)2 CCSP
13 17 (4.46%) SC Cleared
14 15 (3.94%) IISP
15 14 (3.67%) GIAC
16 12 (3.15%) CREST Certified
Quality Assurance & Compliance
1 204 (53.54%) ISO/IEC 27001
2 110 (28.87%) NIST
3 80 (21.00%) GDPR
4 50 (13.12%) COBIT
5 39 (10.24%) PCI DSS
6 31 (8.14%) GRC
7 29 (7.61%) Cyber Essentials
8 26 (6.82%) Sarbanes-Oxley
9 20 (5.25%) ITGC
10 19 (4.99%) NCSC
11 15 (3.94%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
12 12 (3.15%) ISO 22301
13 11 (2.89%) ISO 9001
14 10 (2.62%) SOC 2
15 7 (1.84%) IASME
15 7 (1.84%) PSD2
15 7 (1.84%) QA
16 6 (1.57%) HIPAA
17 5 (1.31%) ISO/IEC 27005
18 4 (1.05%) ISO/IEC 20000
System Software
1 14 (3.67%) Active Directory
2 7 (1.84%) VMware Infrastructure
3 4 (1.05%) Hyper-V
3 4 (1.05%) ISA Server
4 2 (0.52%) BitLocker
Systems Management
1 21 (5.51%) QRadar
2 10 (2.62%) Kibana
3 9 (2.36%) Nessus
4 7 (1.84%) HP Fortify
4 7 (1.84%) WebInspect
5 6 (1.57%) HP ALM
5 6 (1.57%) Single Sign-On
6 5 (1.31%) CASB
7 4 (1.05%) Trend Micro Deep Security
8 3 (0.79%) RSA Archer
9 2 (0.52%) EnCase
9 2 (0.52%) FTK
9 2 (0.52%) Jamf Pro
10 1 (0.26%) Active Directory Federation Services
10 1 (0.26%) Puppet
Vendors
1 36 (9.45%) Microsoft
2 24 (6.30%) Splunk
3 21 (5.51%) Oracle
4 11 (2.89%) Cisco
4 11 (2.89%) Qualys
5 10 (2.62%) AlienVault
5 10 (2.62%) Tripwire
6 8 (2.10%) ArcSight
6 8 (2.10%) VMware
7 7 (1.84%) Google
7 7 (1.84%) Okta
8 6 (1.57%) Black Duck
8 6 (1.57%) HP
8 6 (1.57%) Micro Focus
8 6 (1.57%) OneTrust
8 6 (1.57%) Sonatype
9 5 (1.31%) CheckPoint
9 5 (1.31%) Palo Alto
10 4 (1.05%) Fortinet
10 4 (1.05%) Meraki