Period
to 16 January 2018

The following table provides summary statistics for permanent job vacancies with a requirement for CRAMM skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited CRAMM over the 6 months to 16 January 2018 with a comparison to the same period in the previous 2 years.

CCTA Risk Analysis and Method Management (CRAMM)
UK
6 months to
16 Jan 2018
Same period 2017 Same period 2016
Rank 1140 1193 1261
Rank change year-on-year +53 +68 +32
Permanent jobs citing CRAMM 34 3 16
As % of all permanent IT jobs advertised in the UK 0.020% 0.002% 0.008%
As % of the Processes & Methodologies category 0.022% 0.002% 0.009%
Number of salaries quoted 33 3 16
UK median annual salary £57,500 £50,000 £46,500
Median salary % change year-on-year +15.00% +7.53% -22.50%
10th Percentile £51,250 £47,500 £40,250
90th Percentile £64,750 £52,500 £60,625
UK excluding London median annual salary £57,500 £50,000 £46,500
% change year-on-year +15.00% +7.53% -22.50%

CRAMM is in the Processes and Methodologies category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for process or methodology skills.

All Process and Methodology Skills
UK
Permanent vacancies with a requirement for process or methodology skills 155,871 157,999 183,963
As % of all permanent IT jobs advertised in the UK 89.87% 89.53% 88.86%
Number of salaries quoted 125,016 130,615 152,469
UK median annual salary £50,000 £49,000 £47,500
Median salary % change year-on-year +2.04% +3.16% +5.56%
10th Percentile £28,750 £28,250 £27,500
90th Percentile £80,000 £79,000 £77,500
UK excluding London median annual salary £45,000 £42,500 £42,500
% change year-on-year +5.88% - +6.25%

CRAMM
Job Vacancy Trend

Job postings citing CRAMM as a percentage of all IT jobs advertised.

Job vacancy trend for CRAMM in the UK

CRAMM
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CRAMM.

Salary trend for CRAMM in the UK

CRAMM
Salary Histogram

The salary distribution of IT jobs citing CRAMM over the 6 months to 16 January 2018.

Salary histogram for CRAMM in the UK

CRAMM
Top 7 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CRAMM within the UK over the 6 months to 16 January 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +39 34 £57,500 +15.00%
UK excluding London +52 31 £57,500 +15.00%
South East +38 23 £57,500 +15.00%
North of England - 7 £55,000 -
Yorkshire - 7 £55,000 -
London - 3 £85,000 -
East of England - 1 £105,000 -

For the 6 months to 16 January 2018, IT jobs citing CRAMM also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads with a requirement for CRAMM.

1 34 (100.00%) Information Security
2 32 (94.12%) Risk Management
2 32 (94.12%) Risk Assessment
2 32 (94.12%) ISO/IEC 27001
3 31 (91.18%) Finance
3 31 (91.18%) CISSP
4 30 (88.24%) ISO/IEC 27005
5 16 (47.06%) CISM
6 15 (44.12%) ITIL
6 15 (44.12%) PRINCE2
6 15 (44.12%) OWASP
7 13 (38.24%) Waterfall
7 13 (38.24%) Remediation Plan
7 13 (38.24%) Agile Software Development
8 5 (14.71%) Management Information System
8 5 (14.71%) Penetration Testing
9 4 (11.76%) GDPR
10 3 (8.82%) Investment Management
11 2 (5.88%) Performance Management
11 2 (5.88%) Data Protection
11 2 (5.88%) PCI DSS
11 2 (5.88%) Information Assurance
11 2 (5.88%) Cybersecurity
11 2 (5.88%) DevOps
11 2 (5.88%) Analytical Skills
11 2 (5.88%) Public Cloud
11 2 (5.88%) Security Architecture
11 2 (5.88%) Stakeholder Engagement
11 2 (5.88%) HMG Security Policy Framework
11 2 (5.88%) IT Strategy

CRAMM
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

General
1 31 (91.18%) Finance
2 2 (5.88%) Marketing
2 2 (5.88%) Publishing
Job Titles
1 28 (82.35%) Consultant
2 26 (76.47%) Security Consultant
3 20 (58.82%) Information Security Consultant
4 2 (5.88%) Chief Information Officer
4 2 (5.88%) Chief Information Security Officer
4 2 (5.88%) Chief Security Officer
4 2 (5.88%) CIO
4 2 (5.88%) Head of Technology
4 2 (5.88%) Information Assurance Manager
4 2 (5.88%) Information Manager
4 2 (5.88%) Information Security Manager
4 2 (5.88%) Information Security Officer
4 2 (5.88%) Security Assurance Manager
4 2 (5.88%) Security Manager
4 2 (5.88%) Security Officer
5 1 (2.94%) Digital Transformation
5 1 (2.94%) Head of Digital
5 1 (2.94%) Head of Digital Transformation
5 1 (2.94%) Information Assurance Consultant
Miscellaneous
1 5 (14.71%) Management Information System
2 2 (5.88%) Analytical Skills
2 2 (5.88%) CESG
2 2 (5.88%) Data Protection Act
2 2 (5.88%) Public Cloud
3 1 (2.94%) CESG CLAS
Processes & Methodologies
1 34 (100.00%) Information Security
2 32 (94.12%) Risk Assessment
2 32 (94.12%) Risk Management
3 15 (44.12%) ITIL
3 15 (44.12%) OWASP
3 15 (44.12%) PRINCE2
4 13 (38.24%) Agile Software Development
4 13 (38.24%) Remediation Plan
4 13 (38.24%) Waterfall
5 5 (14.71%) Penetration Testing
6 3 (8.82%) Investment Management
7 2 (5.88%) Cybersecurity
7 2 (5.88%) Data Protection
7 2 (5.88%) DevOps
7 2 (5.88%) Information Assurance
7 2 (5.88%) Performance Management
7 2 (5.88%) Security Architecture
7 2 (5.88%) Service Delivery
7 2 (5.88%) Stakeholder Engagement
7 2 (5.88%) Stakeholder Management
Qualifications
1 31 (91.18%) CISSP
2 16 (47.06%) CISM
3 1 (2.94%) CESG Certified Professional
3 1 (2.94%) CISA
3 1 (2.94%) CLAS
Quality Assurance & Compliance
1 32 (94.12%) ISO/IEC 27001
2 30 (88.24%) ISO/IEC 27005
3 4 (11.76%) GDPR
4 2 (5.88%) HMG Security Policy Framework
4 2 (5.88%) ISO 9001
4 2 (5.88%) PCI DSS
5 1 (2.94%) Cyber Essentials