Period
to 9 December 2019

The following table provides summary statistics for permanent job vacancies with a requirement for CISSP qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 9 December 2019 with a comparison to the same period in the previous 2 years.

(ISC)² Certified Information Systems Security Professional (ISC2 CISSP)
UK
6 months to
9 Dec 2019
Same period 2018 Same period 2017
Rank 226 191 223
Rank change year-on-year -35 +32 -23
Permanent jobs citing CISSP 1,982 2,888 2,822
As % of all permanent IT jobs advertised in the UK 1.48% 1.82% 1.58%
As % of the Qualifications category 6.63% 7.66% 6.58%
Number of salaries quoted 1,479 2,180 2,170
UK median annual salary £62,500 £62,500 £60,000
Median salary % change year-on-year - +4.17% -4.00%
10th Percentile £42,500 £40,500 £40,000
90th Percentile £93,750 £92,500 £90,000
UK excluding London median annual salary £58,500 £57,500 £53,000
% change year-on-year +1.74% +8.49% -3.64%

CISSP is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 29,886 37,710 42,913
As % of all permanent IT jobs advertised in the UK 22.35% 23.73% 24.04%
Number of salaries quoted 22,159 27,736 32,991
UK median annual salary £50,000 £50,000 £47,500
Median salary % change year-on-year - +5.26% +5.56%
10th Percentile £27,500 £26,250 £26,250
90th Percentile £82,500 £81,250 £77,500
UK excluding London median annual salary £45,000 £45,000 £42,500
% change year-on-year - +5.88% -

CISSP
Job Vacancy Trend

Job postings citing CISSP as a percentage of all IT jobs advertised.

Job vacancy trend for CISSP in the UK

CISSP
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CISSP.

Salary trend for CISSP in the UK

CISSP
Salary Histogram

The salary distribution of IT jobs citing CISSP over the 6 months to 9 December 2019.

Salary histogram for CISSP in the UK

CISSP
Top 16 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISSP within the UK over the 6 months to 9 December 2019. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -40 1,793 £62,500 - 207
UK excluding London -29 1,139 £58,500 +1.74% 136
London -45 758 £72,500 +3.57% 79
South East -17 359 £65,000 +8.33% 39
Midlands +84 279 £52,945 -7.92% 36
West Midlands +71 232 £52,945 -7.92% 32
North of England -95 185 £55,000 - 23
South West -14 125 £55,000 - 17
North West -124 101 £55,000 - 17
East of England -81 77 £60,000 -7.69% 14
Yorkshire +7 70 £58,500 +11.43% 6
Scotland +27 58 £58,500 +11.43% 6
Wales +36 49 £52,500 +26.19% 2
East Midlands +29 46 £55,000 -8.33% 3
North East +11 12 £54,500 -5.22%
Northern Ireland +6 7 £55,000 -12.00%

For the 6 months to 9 December 2019, IT jobs citing CISSP also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISSP.

1 1,286 (64.88%) Information Security
2 1,227 (61.91%) CISM
3 1,095 (55.25%) Cybersecurity
4 864 (43.59%) ISO/IEC 27001
5 539 (27.19%) Degree
6 536 (27.04%) CISA
7 491 (24.77%) Finance
8 423 (21.34%) Management Information System
9 420 (21.19%) Risk Management
10 417 (21.04%) SIEM
11 380 (19.17%) NIST
12 379 (19.12%) Firewall
13 349 (17.61%) Security Architecture
14 307 (15.49%) PCI DSS
15 298 (15.04%) ITIL
16 295 (14.88%) GDPR
17 294 (14.83%) Security Operations
18 268 (13.52%) Penetration Testing
19 261 (13.17%) Agile Software Development
19 261 (13.17%) Vulnerability Management
20 255 (12.87%) Cisco Certification
21 239 (12.06%) Azure
22 230 (11.60%) AWS
23 226 (11.40%) Windows
23 226 (11.40%) Network Security
24 216 (10.90%) Security Cleared
25 215 (10.85%) CEH
25 215 (10.85%) Security Management
26 212 (10.70%) CRISC
27 210 (10.60%) Linux

CISSP
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 100 (5.05%) IIS
2 29 (1.46%) OpenStack
3 22 (1.11%) Apache Spark
3 22 (1.11%) Elasticsearch
4 14 (0.71%) SharePoint
5 4 (0.20%) MediaWiki
5 4 (0.20%) Skype for Business
6 3 (0.15%) Apache
6 3 (0.15%) Tomcat
7 2 (0.10%) MS Exchange
8 1 (0.050%) Cloud Foundry
Applications
1 35 (1.77%) Microsoft Office
2 30 (1.51%) Microsoft Excel
3 23 (1.16%) Microsoft PowerPoint
4 2 (0.10%) MS Visio
5 1 (0.050%) Spreadsheet
Business Applications
1 3 (0.15%) Sparx Enterprise Architect
2 2 (0.10%) Dynamics CRM
2 2 (0.10%) Dynamics NAV
3 1 (0.050%) NetSuite
3 1 (0.050%) RESILIA
3 1 (0.050%) SAP GRC
3 1 (0.050%) SAP S/4HANA
Cloud Services
1 239 (12.06%) Azure
2 230 (11.60%) AWS
3 110 (5.55%) Office 365
4 81 (4.09%) GCP
5 47 (2.37%) SaaS
6 46 (2.32%) Cloud Computing
7 44 (2.22%) PaaS
8 42 (2.12%) IaaS
9 34 (1.72%) Azure Active Directory
10 21 (1.06%) OpenShift
11 8 (0.40%) Amazon EC2
11 8 (0.40%) AWS CloudTrail
11 8 (0.40%) Virtual Private Cloud
12 6 (0.30%) Serverless
13 3 (0.15%) Dynamics 365
13 3 (0.15%) G Suite
13 3 (0.15%) Mimecast
13 3 (0.15%) Power Platform
14 2 (0.10%) Microsoft Flow
Communications & Networking
1 379 (19.12%) Firewall
2 226 (11.40%) Network Security
3 92 (4.64%) TCP/IP
4 80 (4.04%) Intrusion Detection
5 76 (3.83%) Internet
6 58 (2.93%) LAN
7 53 (2.67%) WAN
8 48 (2.42%) VPN
9 37 (1.87%) DNS
9 37 (1.87%) SSL
10 27 (1.36%) HTTP
11 26 (1.31%) HTTPS
12 24 (1.21%) Wireless
13 21 (1.06%) IPsec
14 16 (0.81%) BGP
14 16 (0.81%) EIGRP
14 16 (0.81%) OSPF
14 16 (0.81%) SAN
15 15 (0.76%) IPv4
15 15 (0.76%) IPv6
Database & Business Intelligence
1 40 (2.02%) Big Data
2 15 (0.76%) SQL Server
3 12 (0.61%) Maltego
4 5 (0.25%) GIS
5 4 (0.20%) Azure SQL Database
5 4 (0.20%) Data Lake
5 4 (0.20%) Geospatial Data
5 4 (0.20%) Relational Database
6 2 (0.10%) DB2
6 2 (0.10%) MongoDB
6 2 (0.10%) Power BI
7 1 (0.050%) Apache Hive
7 1 (0.050%) Blockchain
7 1 (0.050%) Impala
7 1 (0.050%) MySQL
Development Applications
1 28 (1.41%) JIRA
2 25 (1.26%) Git (software)
3 22 (1.11%) Bitbucket
3 22 (1.11%) git-flow
4 17 (0.86%) Metasploit
5 12 (0.61%) Burp Suite
6 5 (0.25%) Maven
7 4 (0.20%) Appium
7 4 (0.20%) Calabash
7 4 (0.20%) Cucumber
7 4 (0.20%) Jenkins
7 4 (0.20%) JMeter
7 4 (0.20%) monkeyrunner
7 4 (0.20%) Octopus Deploy
7 4 (0.20%) Postman
7 4 (0.20%) Robot Framework
7 4 (0.20%) Robotium
7 4 (0.20%) Selenium
8 3 (0.15%) AppScan
8 3 (0.15%) TestRail
General
1 491 (24.77%) Finance
2 138 (6.96%) Retail
3 130 (6.56%) Public Sector
4 114 (5.75%) Legal
5 101 (5.10%) Banking
6 88 (4.44%) Law
7 45 (2.27%) Telecoms
8 34 (1.72%) Marketing
9 27 (1.36%) Aerospace
10 26 (1.31%) Manufacturing
11 23 (1.16%) Financial Institution
12 20 (1.01%) Games
13 14 (0.71%) Electronics
13 14 (0.71%) Investment Banking
14 13 (0.66%) Advertising
15 12 (0.61%) Multimedia
16 11 (0.55%) Military
17 8 (0.40%) Billing
18 5 (0.25%) Local Government
19 4 (0.20%) International Banking
Job Titles
1 362 (18.26%) Consultant
2 346 (17.46%) Security Manager
3 319 (16.09%) Analyst
4 294 (14.83%) Security Consultant
5 253 (12.76%) Security Analyst
6 210 (10.60%) Architect
7 202 (10.19%) Security Architect
8 191 (9.64%) Information Manager
8 191 (9.64%) Information Security Manager
9 184 (9.28%) Security Engineer
10 152 (7.67%) Information Analyst
10 152 (7.67%) Information Security Analyst
11 123 (6.21%) Cybersecurity Consultant
12 102 (5.15%) Security Specialist
13 82 (4.14%) Security Officer
14 71 (3.58%) Cybersecurity Manager
15 69 (3.48%) Information Security Consultant
16 67 (3.38%) IT Manager
17 66 (3.33%) Information Security Officer
18 65 (3.28%) Head of Security
Libraries, Frameworks & Software Standards
1 59 (2.98%) SailPoint
2 40 (2.02%) .NET
3 28 (1.41%) Spring
4 23 (1.16%) ASP.NET
4 23 (1.16%) REST
5 22 (1.11%) Kafka
6 21 (1.06%) AngularJS
6 21 (1.06%) GraphQL
6 21 (1.06%) Node.js
6 21 (1.06%) React
6 21 (1.06%) Spring MVC
6 21 (1.06%) Vue.js
6 21 (1.06%) Web Services
7 13 (0.66%) OAuth
8 11 (0.55%) LDAP
9 8 (0.40%) SAML
10 7 (0.35%) Apache Camel
10 7 (0.35%) Hibernate
10 7 (0.35%) Regular Expression
10 7 (0.35%) RESTful
Miscellaneous
1 423 (21.34%) Management Information System
2 119 (6.00%) Analytical Skills
3 93 (4.69%) Cyberthreat
4 82 (4.14%) Security Operations Centre
5 71 (3.58%) Self-Motivation
6 63 (3.18%) Cyberattack
7 57 (2.88%) Data Centre
8 46 (2.32%) CESG
9 44 (2.22%) PKI
10 42 (2.12%) Data Protection Act
11 30 (1.51%) Distributed Denial-of-Service
12 27 (1.36%) Cyber Defence
13 22 (1.11%) Cyber Kill Chain
14 21 (1.06%) Greenfield Project
15 17 (0.86%) BYOD
15 17 (0.86%) User Experience
16 15 (0.76%) Mobile Computing
17 14 (0.71%) Cloud Native
17 14 (0.71%) Reinsurance
18 13 (0.66%) Enterprise Software
Operating Systems
1 226 (11.40%) Windows
2 210 (10.60%) Linux
3 62 (3.13%) Windows Server
4 51 (2.57%) Unix
5 39 (1.97%) Apple iOS
6 36 (1.82%) Android
7 23 (1.16%) Windows 10
8 12 (0.61%) Windows Server 2012
9 6 (0.30%) Kali Linux
10 5 (0.25%) Mac OS
11 3 (0.15%) Solaris
12 1 (0.050%) Mac OS X
12 1 (0.050%) Windows Mobile
12 1 (0.050%) Windows Server 2008
Processes & Methodologies
1 1,286 (64.88%) Information Security
2 1,095 (55.25%) Cybersecurity
3 420 (21.19%) Risk Management
4 417 (21.04%) SIEM
5 349 (17.61%) Security Architecture
6 298 (15.04%) ITIL
7 294 (14.83%) Security Operations
8 268 (13.52%) Penetration Testing
9 261 (13.17%) Agile Software Development
9 261 (13.17%) Vulnerability Management
10 215 (10.85%) Security Management
11 195 (9.84%) Stakeholder Management
12 194 (9.79%) Data Protection
13 190 (9.59%) Identity Access Management
14 187 (9.43%) TOGAF
15 170 (8.58%) Risk Assessment
16 164 (8.27%) Incident Management
17 154 (7.77%) SABSA
18 151 (7.62%) Threat Intelligence
19 143 (7.21%) Continuous Improvement
Programming Languages
1 73 (3.68%) Java
2 72 (3.63%) C
3 64 (3.23%) Python
4 46 (2.32%) SQL
5 43 (2.17%) C++
6 37 (1.87%) PowerShell
7 16 (0.81%) JavaScript
8 15 (0.76%) C#
9 14 (0.71%) Shell Script
10 12 (0.61%) RPG
10 12 (0.61%) VB.NET
11 10 (0.50%) TypeScript
12 8 (0.40%) Perl
13 7 (0.35%) Bash Shell
13 7 (0.35%) PHP
14 4 (0.20%) Apple Swift
14 4 (0.20%) Kotlin
15 3 (0.15%) Objective-C
16 2 (0.10%) Scala
17 1 (0.050%) R
Qualifications
1 1,227 (61.91%) CISM
2 539 (27.19%) Degree
3 536 (27.04%) CISA
4 255 (12.87%) Cisco Certification
5 216 (10.90%) Security Cleared
6 215 (10.85%) CEH
7 212 (10.70%) CRISC
8 172 (8.68%) CESG Certified Professional
9 171 (8.63%) GIAC
10 144 (7.27%) SC Cleared
11 119 (6.00%) (ISC)2 CCSP
12 118 (5.95%) SANS
13 106 (5.35%) CompTIA Security+
14 96 (4.84%) IISP
15 90 (4.54%) SSCP
16 82 (4.14%) CCSP
17 75 (3.78%) CCNA
18 71 (3.58%) CREST Certified
18 71 (3.58%) Microsoft Certification
19 70 (3.53%) CISMP
Quality Assurance & Compliance
1 864 (43.59%) ISO/IEC 27001
2 380 (19.17%) NIST
3 307 (15.49%) PCI DSS
4 295 (14.88%) GDPR
5 130 (6.56%) COBIT
6 110 (5.55%) Cyber Essentials
7 108 (5.45%) NCSC
8 90 (4.54%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
9 60 (3.03%) HMG Security Policy Framework
10 53 (2.67%) Sarbanes-Oxley
11 44 (2.22%) SLA
12 37 (1.87%) NIST 800
13 34 (1.72%) RMADS
14 28 (1.41%) Cyber Essentials PLUS
14 28 (1.41%) QA
15 24 (1.21%) ISO 22301
16 17 (0.86%) ISO 9001
16 17 (0.86%) JSP 440
17 15 (0.76%) HIPAA
18 14 (0.71%) ISO/IEC 27005
System Software
1 95 (4.79%) Active Directory
2 30 (1.51%) Docker
3 21 (1.06%) VMware Infrastructure
4 5 (0.25%) Hyper-V
4 5 (0.25%) Virtual Machines
5 4 (0.20%) BitLocker
6 2 (0.10%) VMware ESXi
7 1 (0.050%) ACF2
7 1 (0.050%) Apache Flume
7 1 (0.050%) KVM
7 1 (0.050%) LXC
7 1 (0.050%) ProxySG
7 1 (0.050%) Shibboleth
7 1 (0.050%) Squid
7 1 (0.050%) vSphere
7 1 (0.050%) Xen
Systems Management
1 79 (3.99%) Nessus
2 31 (1.56%) McAfee ePO
3 29 (1.46%) QRadar
4 28 (1.41%) SCCM
5 27 (1.36%) Kubernetes
6 26 (1.31%) CASB
7 21 (1.06%) Single Sign-On
8 20 (1.01%) Microsoft Intune
8 20 (1.01%) Nmap
9 16 (0.81%) Norton AntiVirus
10 12 (0.61%) OpenVAS
11 11 (0.55%) CSIRT
11 11 (0.55%) FortiGate
12 5 (0.25%) WSUS
13 4 (0.20%) Forefront Identity Manager
14 3 (0.15%) Ansible
14 3 (0.15%) Oracle Identity Management
14 3 (0.15%) Stealthwatch
14 3 (0.15%) Terraform
15 2 (0.10%) Computer Emergency Response Teams
Vendors
1 154 (7.77%) Microsoft
2 132 (6.66%) Cisco
3 102 (5.15%) Splunk
4 82 (4.14%) Palo Alto
5 77 (3.88%) Google
6 69 (3.48%) McAfee
7 52 (2.62%) CheckPoint
8 46 (2.32%) Qualys
9 40 (2.02%) LogRhythm
10 39 (1.97%) ArcSight
11 38 (1.92%) Symantec
11 38 (1.92%) VMware
12 32 (1.61%) Juniper
13 29 (1.46%) CyberArk
13 29 (1.46%) SolarWinds
14 27 (1.36%) Aveksa
15 25 (1.26%) Blue Coat
16 24 (1.21%) Forcepoint
17 23 (1.16%) CA
17 23 (1.16%) Fortinet