Period
to 18 January 2019

The following table provides summary statistics for permanent job vacancies with a requirement for CISA qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 18 January 2019 with a comparison to the same period in the previous 2 years.

ISACA Certified Information Systems Auditor (CISA)
UK
6 months to
18 Jan 2019
Same period 2018 Same period 2017
Rank 519 471 396
Rank change year-on-year -48 -75 +129
Permanent jobs citing CISA 797 1,051 1,357
As % of all permanent IT jobs advertised in the UK 0.53% 0.60% 0.77%
As % of the Qualifications category 2.18% 2.54% 2.96%
Number of salaries quoted 557 866 1,092
UK median annual salary £65,000 £62,500 £62,500
Median salary % change year-on-year +4.00% - +4.17%
10th Percentile £45,000 £41,250 £37,500
90th Percentile £96,250 £100,000 £90,000
UK excluding London median annual salary £60,000 £55,000 £57,000
% change year-on-year +9.09% -3.51% +3.64%

CISA is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 36,519 41,356 45,827
As % of all permanent IT jobs advertised in the UK 24.11% 23.78% 25.85%
Number of salaries quoted 26,706 32,035 36,421
UK median annual salary £50,000 £47,500 £45,000
Median salary % change year-on-year +5.26% +5.56% -
10th Percentile £26,250 £26,250 £26,250
90th Percentile £81,125 £78,750 £77,500
UK excluding London median annual salary £45,000 £42,500 £42,500
% change year-on-year +5.88% - +1.19%

CISA
Job Vacancy Trend

Job postings citing CISA as a percentage of all IT jobs advertised.

Job vacancy trend for CISA in the UK

CISA
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISA.

Salary trend for CISA in the UK

CISA
Salary Histogram

The salary distribution of IT jobs citing CISA over the 6 months to 18 January 2019.

Salary histogram for CISA in the UK

CISA
Top 15 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISA within the UK over the 6 months to 18 January 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -38 778 £65,000 +4.00% 111
UK excluding London +24 421 £60,000 +9.09% 73
London -78 354 £70,000 - 45
South East +25 153 £60,000 - 25
North of England -17 116 £60,000 +23.71% 17
North West +1 66 £60,000 +4.35% 10
Midlands +60 60 £50,000 - 9
East of England +33 43 £62,500 +5.04% 9
Yorkshire -18 41 £55,000 +32.53% 5
South West +59 37 £65,000 +22.64% 6
West Midlands +43 35 £50,000 - 7
East Midlands +32 25 £45,000 -10.00% 2
Scotland +12 11 £75,000 +11.11% 7
North East +6 9 £68,500 +39.09% 2
Wales +9 1 £50,000 +21.21%

For the 6 months to 18 January 2019, IT jobs citing CISA also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISA.

1 667 (83.69%) CISSP
2 590 (74.03%) CISM
3 561 (70.39%) Information Security
4 374 (46.93%) ISO/IEC 27001
5 331 (41.53%) Risk Management
6 325 (40.78%) Cybersecurity
7 301 (37.77%) Finance
8 212 (26.60%) CRISC
9 202 (25.35%) Management Information System
10 170 (21.33%) PCI DSS
11 165 (20.70%) Stakeholder Management
12 158 (19.82%) Degree
13 151 (18.95%) GDPR
14 144 (18.07%) SIEM
15 135 (16.94%) ITIL
16 119 (14.93%) CEH
17 115 (14.43%) IT Audit
18 107 (13.43%) Internal Audit
19 104 (13.05%) Security Management
20 101 (12.67%) Penetration Testing
20 101 (12.67%) Data Protection
21 99 (12.42%) Analytical Skills
22 94 (11.79%) Legal
23 88 (11.04%) Firewall
24 87 (10.92%) Vulnerability Management
25 85 (10.66%) COBIT
25 85 (10.66%) SANS
26 82 (10.29%) Project Management
27 81 (10.16%) Information Security Management
27 81 (10.16%) ISMS

CISA
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 10 (1.25%) Confluence
2 7 (0.88%) IIS
3 6 (0.75%) SharePoint
4 4 (0.50%) MS Exchange
5 2 (0.25%) Apache
5 2 (0.25%) JBoss
5 2 (0.25%) SAS
5 2 (0.25%) Skype for Business
5 2 (0.25%) Tomcat
5 2 (0.25%) WebLogic
Applications
1 9 (1.13%) Microsoft Office
2 6 (0.75%) MS Visio
3 3 (0.38%) Microsoft Excel
4 2 (0.25%) Microsoft PowerPoint
Business Applications
1 10 (1.25%) SAP GRC
2 5 (0.63%) Infor M3
3 3 (0.38%) Oracle EBS R12
4 2 (0.25%) assyst
4 2 (0.25%) Oracle EBS
4 2 (0.25%) SAP ERP
4 2 (0.25%) SAP HR
5 1 (0.13%) Oracle Assets
5 1 (0.13%) Oracle ERP
5 1 (0.13%) Oracle Financials
5 1 (0.13%) Oracle General Ledger
5 1 (0.13%) Oracle Payables
5 1 (0.13%) Oracle Receivables
5 1 (0.13%) Sentinel
Cloud Services
1 33 (4.14%) Amazon AWS
2 26 (3.26%) Microsoft Azure
3 18 (2.26%) Office 365
4 10 (1.25%) SaaS
5 2 (0.25%) Amazon CloudWatch
5 2 (0.25%) Amazon EC2
5 2 (0.25%) Amazon S3
5 2 (0.25%) AWS CloudFormation
5 2 (0.25%) AWS CloudTrail
5 2 (0.25%) CloudFront
5 2 (0.25%) Google Cloud Platform
5 2 (0.25%) Mimecast
5 2 (0.25%) Virtual Private Cloud
6 1 (0.13%) Akamai
6 1 (0.13%) Cloud Computing
6 1 (0.13%) Dropbox
6 1 (0.13%) GitHub
6 1 (0.13%) IaaS
6 1 (0.13%) PaaS
Communications & Networking
1 88 (11.04%) Firewall
2 72 (9.03%) Network Security
3 25 (3.14%) IPsec
4 19 (2.38%) BGP
4 19 (2.38%) Cisco Nexus
4 19 (2.38%) EIGRP
5 18 (2.26%) Intrusion Detection
6 16 (2.01%) Internet
7 13 (1.63%) DMZ
8 12 (1.51%) TCP/IP
9 11 (1.38%) VPN
10 10 (1.25%) Cisco IPT
11 9 (1.13%) Broadband
12 8 (1.00%) LAN
12 8 (1.00%) WAN
13 6 (0.75%) ATM
13 6 (0.75%) SAN
13 6 (0.75%) SSL
13 6 (0.75%) Wireless
14 4 (0.50%) Intranet
Database & Business Intelligence
1 22 (2.76%) Big Data
2 12 (1.51%) DB2
2 12 (1.51%) Hadoop
2 12 (1.51%) SQL Server
3 4 (0.50%) Data Warehouse
4 3 (0.38%) Data Mining
5 2 (0.25%) Amazon RDS
5 2 (0.25%) MySQL
5 2 (0.25%) Oracle Database
5 2 (0.25%) PostgreSQL
5 2 (0.25%) Power BI
6 1 (0.13%) Geospatial Data
6 1 (0.13%) QlikView
6 1 (0.13%) Spotfire
Development Applications
1 10 (1.25%) JIRA
2 9 (1.13%) AppScan
2 9 (1.13%) Metasploit
3 4 (0.50%) Hudson
4 1 (0.13%) Burp Suite
4 1 (0.13%) Git (software)
4 1 (0.13%) Jenkins
4 1 (0.13%) Maven
4 1 (0.13%) Paros
General
1 301 (37.77%) Finance
2 94 (11.79%) Legal
3 66 (8.28%) Banking
4 33 (4.14%) Telecoms
5 22 (2.76%) Law
6 17 (2.13%) Retail
7 10 (1.25%) Investment Banking
8 9 (1.13%) Financial Institution
9 6 (0.75%) Games
10 3 (0.38%) Marketing
11 2 (0.25%) Local Government
11 2 (0.25%) Mandarin Language
11 2 (0.25%) Pharmaceutical
12 1 (0.13%) Advertising
12 1 (0.13%) French Language
12 1 (0.13%) Military
Job Titles
1 177 (22.21%) Analyst
2 151 (18.95%) Security Manager
3 127 (15.93%) Security Analyst
4 123 (15.43%) Information Manager
5 116 (14.55%) Information Security Manager
6 92 (11.54%) Consultant
7 80 (10.04%) Security Consultant
8 57 (7.15%) IT Analyst
9 56 (7.03%) Information Analyst
9 56 (7.03%) Information Security Analyst
10 55 (6.90%) Risk Manager
10 55 (6.90%) Security Engineer
11 54 (6.78%) Architect
11 54 (6.78%) Auditor
11 54 (6.78%) Risk Analyst
12 53 (6.65%) Security Architect
13 52 (6.52%) Security Officer
14 46 (5.77%) Information Security Officer
15 45 (5.65%) IT Risk Analyst
16 44 (5.52%) Head of Security
Libraries, Frameworks & Software Standards
1 24 (3.01%) SailPoint
2 5 (0.63%) Middleware
3 4 (0.50%) LDAP
3 4 (0.50%) Web Services
4 3 (0.38%) .NET
5 2 (0.25%) OLE
5 2 (0.25%) SAML
5 2 (0.25%) SAP Basis
5 2 (0.25%) SPNEGO
5 2 (0.25%) XACML
6 1 (0.13%) Java EE
6 1 (0.13%) OAuth
6 1 (0.13%) Series 60
Miscellaneous
1 202 (25.35%) Management Information System
2 99 (12.42%) Analytical Skills
3 47 (5.90%) Self-Motivation
4 29 (3.64%) CESG
5 27 (3.39%) Distributed Denial-of-Service
6 21 (2.63%) PKI
6 21 (2.63%) Security Operations Centre
7 17 (2.13%) Cyberthreat
7 17 (2.13%) Data Centre
8 15 (1.88%) Cyberattack
9 14 (1.76%) Data Protection Act
10 13 (1.63%) Enterprise Software
11 11 (1.38%) Cyber Kill Chain
12 9 (1.13%) Algorithms
12 9 (1.13%) Hybrid Cloud
13 5 (0.63%) Blog
13 5 (0.63%) Driving Licence
13 5 (0.63%) Mobile App
14 4 (0.50%) Life Science
14 4 (0.50%) Online Banking
Operating Systems
1 51 (6.40%) Windows
2 49 (6.15%) Linux
3 29 (3.64%) Unix
4 11 (1.38%) Windows Server
5 10 (1.25%) Android
5 10 (1.25%) Apple iOS
6 7 (0.88%) Kali Linux
7 2 (0.25%) HPUX
7 2 (0.25%) Solaris
7 2 (0.25%) zOS
8 1 (0.13%) VMS
Processes & Methodologies
1 561 (70.39%) Information Security
2 331 (41.53%) Risk Management
3 325 (40.78%) Cybersecurity
4 165 (20.70%) Stakeholder Management
5 144 (18.07%) SIEM
6 135 (16.94%) ITIL
7 115 (14.43%) IT Audit
8 107 (13.43%) Internal Audit
9 104 (13.05%) Security Management
10 101 (12.67%) Data Protection
10 101 (12.67%) Penetration Testing
11 87 (10.92%) Vulnerability Management
12 82 (10.29%) Project Management
13 81 (10.16%) Information Security Management
13 81 (10.16%) ISMS
14 75 (9.41%) Identity Access Management
14 75 (9.41%) Security Architecture
15 74 (9.28%) Agile Software Development
15 74 (9.28%) Continuous Improvement
16 71 (8.91%) Due Diligence
Programming Languages
1 28 (3.51%) C
2 18 (2.26%) SQL
3 17 (2.13%) Python
4 10 (1.25%) Java
4 10 (1.25%) Ruby
5 9 (1.13%) Perl
6 8 (1.00%) PHP
6 8 (1.00%) Shell Script
7 7 (0.88%) PowerShell
8 5 (0.63%) Go
9 4 (0.50%) C++
10 2 (0.25%) Bash Shell
10 2 (0.25%) C#
10 2 (0.25%) Lua
10 2 (0.25%) VBA
11 1 (0.13%) R
Qualifications
1 667 (83.69%) CISSP
2 590 (74.03%) CISM
3 212 (26.60%) CRISC
4 158 (19.82%) Degree
5 119 (14.93%) CEH
6 85 (10.66%) SANS
7 75 (9.41%) GIAC
8 55 (6.90%) SSCP
9 51 (6.40%) Cisco Certification
10 46 (5.77%) Computer Science Degree
11 39 (4.89%) CREST Certified
12 29 (3.64%) CCNA
13 28 (3.51%) CCNP
13 28 (3.51%) CGEIT
14 27 (3.39%) CompTIA Security+
15 26 (3.26%) Security Cleared
16 25 (3.14%) CCIE
17 24 (3.01%) ISO 27001 Lead Auditor
18 22 (2.76%) OSCP
19 20 (2.51%) CISMP
Quality Assurance & Compliance
1 374 (46.93%) ISO/IEC 27001
2 170 (21.33%) PCI DSS
3 151 (18.95%) GDPR
4 85 (10.66%) COBIT
5 40 (5.02%) Cyber Essentials
6 36 (4.52%) QA
7 33 (4.14%) Sarbanes-Oxley
8 25 (3.14%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
9 17 (2.13%) Cyber Essentials PLUS
10 14 (1.76%) ISO 22301
11 12 (1.51%) HIPAA
12 8 (1.00%) ISO 9001
12 8 (1.00%) NIST 800
13 6 (0.75%) ISO 31000
14 4 (0.50%) GxP
14 4 (0.50%) HMG Security Policy Framework
14 4 (0.50%) ISO/IEC 20000
14 4 (0.50%) ISO/IEC 27005
14 4 (0.50%) RMADS
15 3 (0.38%) COSO
System Software
1 9 (1.13%) VMware Infrastructure
2 8 (1.00%) Active Directory
3 5 (0.63%) Hyper-V
3 5 (0.63%) vSphere
4 3 (0.38%) Docker
5 2 (0.25%) Virtual Machines
6 1 (0.13%) Snort
Systems Management
1 40 (5.02%) Nessus
2 20 (2.51%) McAfee ePO
3 19 (2.38%) SCCM
4 11 (1.38%) CSIRT
5 10 (1.25%) RSA Archer
6 9 (1.13%) HP Fortify
7 8 (1.00%) Ansible
7 8 (1.00%) CASB
7 8 (1.00%) Nmap
7 8 (1.00%) QRadar
8 6 (0.75%) Single Sign-On
9 3 (0.38%) Nagios
9 3 (0.38%) Nexpose
10 2 (0.25%) Core Impact
10 2 (0.25%) OpenVAS
10 2 (0.25%) Opscode Chef
10 2 (0.25%) OSSEC
10 2 (0.25%) Puppet
11 1 (0.13%) Computer Incident Response Team
11 1 (0.13%) Host Intrusion Detection System
Vendors
1 41 (5.14%) Microsoft
2 40 (5.02%) Symantec
3 39 (4.89%) Splunk
4 34 (4.27%) LogRhythm
4 34 (4.27%) Oracle
5 32 (4.02%) Cisco
6 28 (3.51%) McAfee
7 27 (3.39%) Blue Coat
8 24 (3.01%) CheckPoint
9 23 (2.89%) Palo Alto
10 21 (2.63%) Aveksa
11 20 (2.51%) Juniper
12 19 (2.38%) SAP
13 18 (2.26%) FireEye
14 15 (1.88%) IBM
15 14 (1.76%) Qualys
16 11 (1.38%) Sybase
17 9 (1.13%) ArcSight
17 9 (1.13%) VMware
18 8 (1.00%) Sophos