Period
to 29 May 2020

The following table provides summary statistics for permanent job vacancies with a requirement for CISSP qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 29 May 2020 with a comparison to the same period in the previous 2 years.

(ISC)² Certified Information Systems Security Professional (ISC2 CISSP)
UK
6 months to
29 May 2020
Same period 2019 Same period 2018
Rank 219 230 205
Rank change year-on-year +11 -25 +25
Permanent jobs citing CISSP 1,373 2,138 2,936
As % of all permanent jobs advertised in the UK 1.53% 1.49% 1.70%
As % of the Qualifications category 7.11% 6.02% 7.18%
Number of salaries quoted 1,116 1,674 2,413
Median annual salary £65,000 £65,000 £60,000
Median salary % change year-on-year - +8.33% -4.00%
10th Percentile £45,000 £42,500 £40,369
90th Percentile £92,500 £95,000 £95,000
UK excluding London median annual salary £60,000 £60,000 £57,500
% change year-on-year - +4.35% +4.55%

CISSP is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 19,311 35,509 40,870
As % of all permanent IT jobs advertised in the UK 21.52% 24.69% 23.69%
Number of salaries quoted 14,122 25,354 30,896
Median annual salary £52,500 £50,000 £49,000
Median salary % change year-on-year +5.00% +2.04% +8.89%
10th Percentile £28,750 £26,250 £26,250
90th Percentile £83,750 £81,250 £80,000
UK excluding London median annual salary £47,500 £45,000 £44,500
% change year-on-year +5.56% +1.12% +5.95%

CISSP
Job Vacancy Trend

Job postings citing CISSP as a proportion of all IT jobs advertised.

Job vacancy trend for CISSP in the UK

CISSP
Salary Trend

3-month moving average salary quoted in jobs citing CISSP.

Salary trend for CISSP in the UK

CISSP
Salary Histogram

Salary distribution for jobs citing CISSP over the 6 months to 29 May 2020.

Salary histogram for CISSP in the UK

CISSP
Top 17 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CISSP within the UK over the 6 months to 29 May 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +14 1,297 £65,000 - 58
UK excluding London +5 705 £60,000 - 43
London +38 644 £70,000 -6.67% 18
South East +30 231 £65,000 +8.33% 10
Midlands +52 156 £55,000 -5.17% 9
West Midlands +51 136 £55,000 -5.17% 7
North of England -1 136 £60,000 - 7
North West 0 89 £57,000 -5.00% 5
South West +20 79 £57,500 +15.00% 9
Work from Home -13 63 £65,000 -7.14% 2
East of England -20 56 £61,250 -4.30% 5
Yorkshire +39 46 £60,000 +3.45% 1
Scotland +61 35 £52,500 +1.94% 3
East Midlands +33 17 £65,000 +8.33% 2
Wales -7 14 £53,750 -23.21%
Northern Ireland +26 3 £50,000 +33.33%
North East +4 1 £65,000 +10.64% 1

For the 6 months to 29 May 2020, IT jobs citing CISSP also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CISSP.

1 931 (67.81%) Information Security
2 771 (56.15%) CISM
3 700 (50.98%) Cybersecurity
4 555 (40.42%) ISO/IEC 27001
5 355 (25.86%) Risk Management
6 343 (24.98%) CISA
6 343 (24.98%) Finance
7 326 (23.74%) SIEM
8 320 (23.31%) Firewall
9 287 (20.90%) Management Information System
10 283 (20.61%) Cisco Certification
11 239 (17.41%) Security Architecture
12 236 (17.19%) Security Operations
13 235 (17.12%) Degree
14 229 (16.68%) GDPR
15 221 (16.10%) Azure
16 202 (14.71%) AWS
17 191 (13.91%) Vulnerability Management
18 190 (13.84%) Security Cleared
19 189 (13.77%) NIST
20 188 (13.69%) Security Management
21 184 (13.40%) PCI DSS
22 172 (12.53%) ITIL
23 171 (12.45%) Windows
24 168 (12.24%) CEH
24 168 (12.24%) Penetration Testing
25 156 (11.36%) CRISC
26 155 (11.29%) Agile Software Development
27 150 (10.92%) Identity Access Management
28 143 (10.42%) Linux

CISSP
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 77 (5.61%) IIS
2 15 (1.09%) SharePoint
3 6 (0.44%) Confluence
4 4 (0.29%) Apache Spark
4 4 (0.29%) Elasticsearch
5 3 (0.22%) Apache
5 3 (0.22%) Tomcat
6 2 (0.15%) OpenStack
7 1 (0.073%) JBoss
7 1 (0.073%) MS Exchange
7 1 (0.073%) WebLogic
7 1 (0.073%) WebSphere
Applications
1 32 (2.33%) Microsoft Office
2 29 (2.11%) Microsoft Excel
3 13 (0.95%) Microsoft PowerPoint
4 7 (0.51%) MS Visio
5 2 (0.15%) Gephi
6 1 (0.073%) Microsoft Project
6 1 (0.073%) Spreadsheet
Business Applications
1 5 (0.36%) Sentinel
2 2 (0.15%) Remedy ITSM
Cloud Services
1 221 (16.10%) Azure
2 202 (14.71%) AWS
3 128 (9.32%) Office 365
4 41 (2.99%) SaaS
5 35 (2.55%) PaaS
6 34 (2.48%) IaaS
7 31 (2.26%) Azure Active Directory
8 24 (1.75%) Cloud Computing
9 16 (1.17%) Serverless
10 13 (0.95%) GCP
11 12 (0.87%) Mimecast
11 12 (0.87%) Virtual Private Cloud
12 11 (0.80%) Amazon GuardDuty
13 10 (0.73%) AWS CloudFormation
13 10 (0.73%) OpenShift
14 9 (0.66%) Amazon EC2
14 9 (0.66%) Amazon S3
14 9 (0.66%) AWS Lambda
15 7 (0.51%) G Suite
15 7 (0.51%) Power Platform
Communications & Networking
1 320 (23.31%) Firewall
2 115 (8.38%) Network Security
3 101 (7.36%) Intrusion Detection
4 59 (4.30%) TCP/IP
5 41 (2.99%) Internet
6 38 (2.77%) VPN
7 35 (2.55%) DNS
8 34 (2.48%) LAN
9 28 (2.04%) WAN
10 20 (1.46%) SSL
11 19 (1.38%) HTTP
12 16 (1.17%) DHCP
13 14 (1.02%) SAN
14 13 (0.95%) Wireshark
15 11 (0.80%) SMTP
15 11 (0.80%) SNMP
15 11 (0.80%) Wi-Fi
16 10 (0.73%) Wireless
17 8 (0.58%) Cisco ASA
17 8 (0.58%) MPLS
Database & Business Intelligence
1 23 (1.68%) Big Data
2 9 (0.66%) Azure SQL Database
2 9 (0.66%) Data Lake
2 9 (0.66%) SQL Server
3 6 (0.44%) Power BI
4 2 (0.15%) Apache Hive
4 2 (0.15%) Impala
4 2 (0.15%) MySQL
5 1 (0.073%) Amazon RDS
5 1 (0.073%) Data Warehouse
5 1 (0.073%) DB2
5 1 (0.073%) Hadoop
5 1 (0.073%) Informix
5 1 (0.073%) MongoDB
5 1 (0.073%) PostgreSQL
Development Applications
1 16 (1.17%) Metasploit
2 13 (0.95%) JIRA
3 9 (0.66%) Burp Suite
4 7 (0.51%) WinDbg
5 5 (0.36%) Git (software)
6 4 (0.29%) Bitbucket
6 4 (0.29%) git-flow
6 4 (0.29%) Jenkins
7 3 (0.22%) Bitbucket Server
8 1 (0.073%) AppScan
8 1 (0.073%) Snyk
8 1 (0.073%) SonarQube
8 1 (0.073%) Sonatype Nexus
8 1 (0.073%) Subversion
8 1 (0.073%) Team Foundation Server
General
1 343 (24.98%) Finance
2 118 (8.59%) Legal
3 72 (5.24%) Public Sector
4 61 (4.44%) Law
5 45 (3.28%) Retail
6 36 (2.62%) Telecoms
7 33 (2.40%) Banking
8 13 (0.95%) Marketing
9 9 (0.66%) Back Office
10 8 (0.58%) Aerospace
10 8 (0.58%) Games
11 7 (0.51%) Advertising
12 6 (0.44%) Financial Institution
13 4 (0.29%) French Language
13 4 (0.29%) Local Government
13 4 (0.29%) Manufacturing
13 4 (0.29%) Military
13 4 (0.29%) Pharmaceutical
13 4 (0.29%) Police
14 2 (0.15%) Retail Banking
Job Titles
1 323 (23.53%) Analyst
2 264 (19.23%) Security Analyst
3 211 (15.37%) Security Manager
4 182 (13.26%) Consultant
5 177 (12.89%) Security Engineer
6 149 (10.85%) Security Consultant
7 127 (9.25%) Architect
7 127 (9.25%) Information Analyst
7 127 (9.25%) Information Security Analyst
8 124 (9.03%) Security Architect
9 109 (7.94%) Information Security Manager
10 101 (7.36%) Information Manager
11 85 (6.19%) Cybersecurity Consultant
12 82 (5.97%) Security Specialist
13 55 (4.01%) Senior Analyst
14 54 (3.93%) Cybersecurity Analyst
15 53 (3.86%) Cybersecurity Manager
16 52 (3.79%) Security Officer
17 49 (3.57%) IT Analyst
18 46 (3.35%) Cybersecurity Engineer
Libraries, Frameworks & Software Standards
1 83 (6.05%) SailPoint
2 66 (4.81%) SAML
3 63 (4.59%) OAuth
4 58 (4.22%) OpenID
5 11 (0.80%) Middleware
6 9 (0.66%) Web Services
7 8 (0.58%) LDAP
7 8 (0.58%) Regular Expression
8 6 (0.44%) Kafka
9 5 (0.36%) ModSecurity
9 5 (0.36%) Node.js
10 4 (0.29%) .NET
10 4 (0.29%) REST
11 3 (0.22%) Elastic Stack
12 2 (0.15%) AngularJS
12 2 (0.15%) ASP.NET
12 2 (0.15%) GraphQL
12 2 (0.15%) React
12 2 (0.15%) TensorFlow
12 2 (0.15%) Vue.js
Miscellaneous
1 287 (20.90%) Management Information System
2 129 (9.40%) Analytical Skills
3 86 (6.26%) Cyberthreat
4 53 (3.86%) Security Operations Centre
5 43 (3.13%) Self-Motivation
6 40 (2.91%) Public Cloud
7 39 (2.84%) Cyberattack
8 30 (2.18%) Data Centre
9 29 (2.11%) PKI
10 26 (1.89%) CESG
11 24 (1.75%) Data Protection Act
12 20 (1.46%) User Experience
13 19 (1.38%) Cyber Defence
14 16 (1.17%) Enterprise Storage
15 15 (1.09%) Cyber Kill Chain
16 14 (1.02%) Virtual Team
17 13 (0.95%) Mobile App
18 12 (0.87%) Cloud Native
18 12 (0.87%) Hybrid Cloud
19 11 (0.80%) Greenfield Project
Operating Systems
1 171 (12.45%) Windows
2 143 (10.42%) Linux
3 48 (3.50%) Unix
4 43 (3.13%) Windows Server
5 21 (1.53%) Windows 10
6 16 (1.17%) CentOS
6 16 (1.17%) Fedora
6 16 (1.17%) Red Hat Enterprise Linux
6 16 (1.17%) Ubuntu
7 12 (0.87%) Windows Server 2012
8 9 (0.66%) Kali Linux
9 8 (0.58%) Apple iOS
10 7 (0.51%) Android
11 5 (0.36%) Mac OS
12 4 (0.29%) Windows 7
12 4 (0.29%) Windows Server 2008
13 2 (0.15%) Solaris
14 1 (0.073%) AIX
14 1 (0.073%) Mac OS X
14 1 (0.073%) Windows Server 2016
Processes & Methodologies
1 931 (67.81%) Information Security
2 700 (50.98%) Cybersecurity
3 355 (25.86%) Risk Management
4 326 (23.74%) SIEM
5 239 (17.41%) Security Architecture
6 236 (17.19%) Security Operations
7 191 (13.91%) Vulnerability Management
8 188 (13.69%) Security Management
9 172 (12.53%) ITIL
10 168 (12.24%) Penetration Testing
11 155 (11.29%) Agile Software Development
12 150 (10.92%) Identity Access Management
13 131 (9.54%) Data Protection
14 119 (8.67%) Risk Assessment
15 112 (8.16%) ISMS
16 111 (8.08%) Information Security Management
17 110 (8.01%) Threat Intelligence
18 102 (7.43%) Information Assurance
19 100 (7.28%) Analytics
20 89 (6.48%) Incident Management
Programming Languages
1 110 (8.01%) Python
2 90 (6.55%) PowerShell
3 65 (4.73%) Bash Shell
4 64 (4.66%) SQL
5 58 (4.22%) Perl
6 42 (3.06%) C
7 19 (1.38%) Ruby
8 15 (1.09%) Java
9 14 (1.02%) C#
10 10 (0.73%) PHP
11 9 (0.66%) Go
12 7 (0.51%) VBScript
13 4 (0.29%) R
14 3 (0.22%) JavaScript
15 2 (0.15%) Julia
15 2 (0.15%) MATLAB
15 2 (0.15%) Scala
16 1 (0.073%) C++
Qualifications
1 771 (56.15%) CISM
2 343 (24.98%) CISA
3 283 (20.61%) Cisco Certification
4 235 (17.12%) Degree
5 190 (13.84%) Security Cleared
6 168 (12.24%) CEH
7 156 (11.36%) CRISC
8 124 (9.03%) CCNA
9 121 (8.81%) GIAC
10 117 (8.52%) CESG Certified Professional
11 116 (8.45%) SC Cleared
12 112 (8.16%) (ISC)2 CCSP
13 110 (8.01%) CCNP
14 99 (7.21%) SANS
15 85 (6.19%) CCSP
16 80 (5.83%) IISP
17 78 (5.68%) CompTIA Security+
18 72 (5.24%) DV Cleared
19 68 (4.95%) SSCP
20 52 (3.79%) OSCP
Quality Assurance & Compliance
1 555 (40.42%) ISO/IEC 27001
2 229 (16.68%) GDPR
3 189 (13.77%) NIST
4 184 (13.40%) PCI DSS
5 93 (6.77%) Cyber Essentials
6 62 (4.52%) NCSC
7 57 (4.15%) Sarbanes-Oxley
8 56 (4.08%) COBIT
9 48 (3.50%) JSP 440
10 36 (2.62%) HMG Security Policy Framework
10 36 (2.62%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
11 29 (2.11%) SLA
12 28 (2.04%) RMADS
13 26 (1.89%) QA
14 20 (1.46%) NIST 800
15 18 (1.31%) ISO 22301
16 13 (0.95%) ISO 9001
17 11 (0.80%) Cyber Essentials PLUS
17 11 (0.80%) ISO/IEC 27005
18 7 (0.51%) HIPAA
System Software
1 85 (6.19%) Active Directory
2 39 (2.84%) VMware Infrastructure
3 30 (2.18%) Docker
4 16 (1.17%) NFS
4 16 (1.17%) Samba
4 16 (1.17%) VirtualBox
4 16 (1.17%) VMware ESXi
4 16 (1.17%) Xen
5 9 (0.66%) Hyper-V
6 2 (0.15%) Apache Flume
6 2 (0.15%) Microsoft Virtual Server
6 2 (0.15%) ProxySG
6 2 (0.15%) Virtual Servers
6 2 (0.15%) vSphere
7 1 (0.073%) Firmware
7 1 (0.073%) NDS
7 1 (0.073%) Snort
7 1 (0.073%) Virtual Desktop
7 1 (0.073%) Virtual Machines
Systems Management
1 62 (4.52%) Nessus
2 34 (2.48%) Kubernetes
3 23 (1.68%) Ansible
4 22 (1.60%) Puppet
5 21 (1.53%) Microsoft Intune
6 18 (1.31%) QRadar
7 17 (1.24%) Nmap
8 16 (1.17%) Docker Swarm
8 16 (1.17%) Nagios
8 16 (1.17%) OpenNMS
8 16 (1.17%) vCenter Server
8 16 (1.17%) ZABBIX
9 14 (1.02%) Single Sign-On
10 9 (0.66%) CASB
10 9 (0.66%) CSIRT
11 6 (0.44%) Terraform
12 5 (0.36%) McAfee ePO
13 4 (0.29%) Host Intrusion Detection System
13 4 (0.29%) Opscode Chef
14 3 (0.22%) IBM Guardium
Vendors
1 122 (8.89%) Microsoft
2 100 (7.28%) CyberArk
3 98 (7.14%) Splunk
4 73 (5.32%) Qualys
5 60 (4.37%) Cisco
6 54 (3.93%) ForgeRock
7 52 (3.79%) ArcSight
7 52 (3.79%) VMware
8 38 (2.77%) Sun
9 34 (2.48%) Aveksa
9 34 (2.48%) McAfee
10 27 (1.97%) LogRhythm
11 23 (1.68%) Citrix
11 23 (1.68%) Dell
11 23 (1.68%) Palo Alto
12 22 (1.60%) Sophos
13 19 (1.38%) SolarWinds
14 18 (1.31%) EMC
15 17 (1.24%) NetApp
16 16 (1.17%) Red Hat