Period
to 24 June 2018

The following table provides summary statistics for permanent job vacancies with a requirement for CREST Certified qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 24 June 2018 with a comparison to the same period in the previous 2 years.

CREST Certification
UK
6 months to
24 Jun 2018
Same period 2017 Same period 2016
Rank 902 925 832
Rank change year-on-year +23 -93 +259
Permanent jobs citing CREST Certified 285 277 475
As % of all permanent IT jobs advertised in the UK 0.16% 0.16% 0.24%
As % of the Qualifications category 0.69% 0.64% 0.86%
Number of salaries quoted 215 201 321
UK median annual salary £62,500 £55,000 £57,500
Median salary % change year-on-year +13.64% -4.35% +4.55%
10th Percentile £41,250 £33,750 £33,750
90th Percentile £100,000 £85,000 £78,750
UK excluding London median annual salary £60,000 £45,000 £57,500
% change year-on-year +33.33% -21.74% +7.48%

CREST Certified is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 41,230 43,036 55,218
As % of all permanent IT jobs advertised in the UK 23.72% 24.87% 27.41%
Number of salaries quoted 30,970 33,696 44,439
UK median annual salary £49,817 £45,000 £45,000
Median salary % change year-on-year +10.70% - -
10th Percentile £26,250 £26,250 £26,250
90th Percentile £80,000 £77,500 £76,250
UK excluding London median annual salary £45,000 £42,500 £42,500
% change year-on-year +5.88% - +6.25%

CREST Certified
Job Vacancy Trend

Job postings citing CREST Certified as a percentage of all IT jobs advertised.

Job vacancy trend for CREST Certified in the UK

CREST Certified
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CREST Certified.

Salary trend for CREST Certified in the UK

CREST Certified
Salary Histogram

The salary distribution of IT jobs citing CREST Certified over the 6 months to 24 June 2018.

Salary histogram for CREST Certified in the UK

CREST Certified
Top 14 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CREST Certified within the UK over the 6 months to 24 June 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +13 267 £60,000 +9.09% 36
London +22 149 £65,000 +4.00% 17
UK excluding London -21 113 £60,000 +33.33% 21
South East +2 41 £65,000 +36.84% 11
East of England +34 38 £50,000 +42.86% 1
North of England +17 20 £52,500 - 6
North West +6 16 £52,500 -16.00% 4
Midlands -15 5 £55,000 +4.76%
Yorkshire +23 4 £47,500 +7.88% 2
West Midlands -12 3 £45,000 -14.29%
South West -31 3 £80,000 +88.24%
Scotland -40 2 £62,500 +66.67% 1
Wales - 2 - - 2
Northern Ireland - 2 £66,250 -

For the 6 months to 24 June 2018, IT jobs citing CREST Certified also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CREST Certified.

1 169 (59.30%) Penetration Testing
2 137 (48.07%) Cybersecurity
3 102 (35.79%) OSCP
4 99 (34.74%) CISSP
5 94 (32.98%) Information Security
6 78 (27.37%) Finance
7 62 (21.75%) Firewall
8 61 (21.40%) CISM
9 59 (20.70%) Degree
9 59 (20.70%) SIEM
10 58 (20.35%) Ethical Hacking
11 54 (18.95%) Security Cleared
12 51 (17.89%) GIAC
13 50 (17.54%) Security Architecture
14 49 (17.19%) CEH
15 48 (16.84%) ISO/IEC 27001
16 46 (16.14%) TOGAF
17 44 (15.44%) SABSA
18 42 (14.74%) Security Testing
19 37 (12.98%) Windows
20 36 (12.63%) Python
21 34 (11.93%) Retail
21 34 (11.93%) Vulnerability Management
22 31 (10.88%) Vulnerability Scanning
22 31 (10.88%) SANS
22 31 (10.88%) Cryptography
22 31 (10.88%) CISA
22 31 (10.88%) Identity Management
23 29 (10.18%) GCFA
23 29 (10.18%) Vulnerability Assessment

CREST Certified
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 3 (1.05%) IIS
2 1 (0.35%) Apache
Cloud Services
1 2 (0.70%) Amazon AWS
1 2 (0.70%) Google Cloud Platform
1 2 (0.70%) Microsoft Azure
Communications & Networking
1 62 (21.75%) Firewall
2 29 (10.18%) Network Security
3 28 (9.82%) TCP/IP
4 25 (8.77%) Wireless
5 16 (5.61%) LAN
6 15 (5.26%) WAN
7 11 (3.86%) Intrusion Detection
8 9 (3.16%) Wireshark
9 7 (2.46%) HTTP
9 7 (2.46%) Internet
10 6 (2.11%) PPP
11 5 (1.75%) IPsec
12 4 (1.40%) VPN
13 3 (1.05%) Bluetooth
13 3 (1.05%) Cisco ASA
13 3 (1.05%) Cisco ISE
13 3 (1.05%) Cisco Wireless
13 3 (1.05%) NFC
13 3 (1.05%) OpenVPN
13 3 (1.05%) Sourcefire
Database & Business Intelligence
1 1 (0.35%) MySQL
1 1 (0.35%) SQL Server
Development Applications
1 28 (9.82%) Metasploit
2 18 (6.32%) Burp Suite
3 4 (1.40%) AppScan
4 2 (0.70%) SoapUI
4 2 (0.70%) SonarQube
4 2 (0.70%) WebScarab
General
1 78 (27.37%) Finance
2 34 (11.93%) Retail
3 10 (3.51%) Publishing
4 8 (2.81%) Advertising
5 6 (2.11%) Arabic Language
5 6 (2.11%) Cantonese Language
5 6 (2.11%) German Language
5 6 (2.11%) Mandarin Language
5 6 (2.11%) Spanish Language
6 5 (1.75%) Banking
6 5 (1.75%) Telecoms
7 3 (1.05%) French Language
7 3 (1.05%) Legal
8 2 (0.70%) Law
8 2 (0.70%) Marketing
9 1 (0.35%) Games
Job Titles
1 111 (38.95%) Tester
2 110 (38.60%) Penetration Tester
3 57 (20.00%) Consultant
4 47 (16.49%) Security Consultant
5 29 (10.18%) Architect
5 29 (10.18%) Security Architect
6 25 (8.77%) Analyst
7 21 (7.37%) Security Specialist
8 19 (6.67%) Cybersecurity Consultant
9 15 (5.26%) Senior Consultant
9 15 (5.26%) Team Leader
10 14 (4.91%) Senior Penetration Tester
10 14 (4.91%) Senior Tester
11 13 (4.56%) Security Analyst
12 12 (4.21%) Security Penetration Tester
12 12 (4.21%) Security Tester
13 11 (3.86%) Security Engineer
13 11 (3.86%) Senior Security Consultant
14 9 (3.16%) SOC Analyst
15 8 (2.81%) Applications Specialist
Libraries, Frameworks & Software Standards
1 12 (4.21%) .NET
2 6 (2.11%) ASP.NET
3 4 (1.40%) HTML
4 2 (0.70%) Ajax
4 2 (0.70%) JSON
4 2 (0.70%) RESTful
4 2 (0.70%) Web Services
4 2 (0.70%) XML
5 1 (0.35%) CakePHP
5 1 (0.35%) LAMP
Miscellaneous
1 23 (8.07%) Management Information System
1 23 (8.07%) Mobile App
2 20 (7.02%) Analytical Skills
2 20 (7.02%) Fintech
3 19 (6.67%) Computer Science
4 17 (5.96%) PKI
4 17 (5.96%) Self-Motivation
5 11 (3.86%) Security Operations Centre
6 8 (2.81%) Cyber Defence
7 7 (2.46%) CESG
7 7 (2.46%) Cyberattack
7 7 (2.46%) Cyberthreat
7 7 (2.46%) Embedded Systems
8 6 (2.11%) Data Protection Act
9 5 (1.75%) NHS
10 3 (1.05%) Cyber Kill Chain
10 3 (1.05%) Linux Command Line
11 2 (0.70%) Cloud Native
11 2 (0.70%) Mobile Payment
11 2 (0.70%) Private Cloud
Operating Systems
1 37 (12.98%) Windows
2 27 (9.47%) Unix
3 24 (8.42%) Linux
4 20 (7.02%) Android
5 17 (5.96%) Apple iOS
6 10 (3.51%) Kali Linux
7 5 (1.75%) Mac OS X
7 5 (1.75%) Windows Mobile
8 4 (1.40%) Red Hat Enterprise Linux
9 3 (1.05%) CentOS
9 3 (1.05%) Debian
9 3 (1.05%) Ubuntu
Processes & Methodologies
1 169 (59.30%) Penetration Testing
2 137 (48.07%) Cybersecurity
3 94 (32.98%) Information Security
4 59 (20.70%) SIEM
5 58 (20.35%) Ethical Hacking
6 50 (17.54%) Security Architecture
7 46 (16.14%) TOGAF
8 44 (15.44%) SABSA
9 42 (14.74%) Security Testing
10 34 (11.93%) Vulnerability Management
11 31 (10.88%) Cryptography
11 31 (10.88%) Identity Management
11 31 (10.88%) Vulnerability Scanning
12 29 (10.18%) Vulnerability Assessment
13 27 (9.47%) Stakeholder Engagement
14 25 (8.77%) OWASP
14 25 (8.77%) Risk Management
15 24 (8.42%) Mentoring
16 23 (8.07%) Security Monitoring
17 22 (7.72%) Problem-Solving
Programming Languages
1 36 (12.63%) Python
2 19 (6.67%) Bash Shell
2 19 (6.67%) Java
3 17 (5.96%) Ruby
4 15 (5.26%) C++
4 15 (5.26%) PHP
5 10 (3.51%) Perl
5 10 (3.51%) SQL
6 9 (3.16%) C#
6 9 (3.16%) PowerShell
7 6 (2.11%) C
8 3 (1.05%) Objective-C
9 2 (0.70%) Assembly Language
9 2 (0.70%) JavaScript
9 2 (0.70%) Shell Script
9 2 (0.70%) VB.NET
Qualifications
1 102 (35.79%) OSCP
2 99 (34.74%) CISSP
3 61 (21.40%) CISM
4 59 (20.70%) Degree
5 54 (18.95%) Security Cleared
6 51 (17.89%) GIAC
7 49 (17.19%) CEH
8 31 (10.88%) CISA
8 31 (10.88%) SANS
9 29 (10.18%) CHECK Team Member
9 29 (10.18%) GCFA
10 26 (9.12%) GCFE
11 23 (8.07%) TOGAF Certification
12 22 (7.72%) CHECK Team Leader
13 19 (6.67%) GREM
14 18 (6.32%) CESG Certified Professional
14 18 (6.32%) SC Cleared
15 16 (5.61%) OSCE
16 14 (4.91%) Tigerscheme
17 11 (3.86%) GPEN
Quality Assurance & Compliance
1 48 (16.84%) ISO/IEC 27001
2 29 (10.18%) PCI DSS
3 23 (8.07%) HMG Security Policy Framework
4 18 (6.32%) GDPR
5 6 (2.11%) Cyber Essentials
6 4 (1.40%) SLA
7 3 (1.05%) NIST 800
7 3 (1.05%) QA
8 2 (0.70%) ISAE 3402
8 2 (0.70%) ISO 22301
8 2 (0.70%) ISO 31000
8 2 (0.70%) ISO 9001
8 2 (0.70%) ISO/IEC 27005
8 2 (0.70%) Sarbanes-Oxley
System Software
1 3 (1.05%) pfSense
1 3 (1.05%) Snort
2 2 (0.70%) Active Directory
2 2 (0.70%) Docker
3 1 (0.35%) Firmware
3 1 (0.35%) VirtualBox
3 1 (0.35%) VMware Infrastructure
Systems Management
1 20 (7.02%) Nessus
2 17 (5.96%) EnCase
3 6 (2.11%) Core Impact
4 4 (1.40%) OpenVAS
5 3 (1.05%) FortiGate
5 3 (1.05%) Nmap
5 3 (1.05%) OSSEC
6 2 (0.70%) Kubernetes
6 2 (0.70%) Trend Micro Deep Security
6 2 (0.70%) WebInspect
7 1 (0.35%) Computer Emergency Response Teams
7 1 (0.35%) CSIRT
7 1 (0.35%) QRadar
7 1 (0.35%) Single Sign-On
7 1 (0.35%) WMI
Vendors
1 19 (6.67%) Microsoft
2 10 (3.51%) Splunk
3 5 (1.75%) Cisco
3 5 (1.75%) HP
3 5 (1.75%) McAfee
4 4 (1.40%) F5
4 4 (1.40%) IBM
4 4 (1.40%) LogRhythm
4 4 (1.40%) Palo Alto
4 4 (1.40%) Qualys
5 3 (1.05%) AlienVault
5 3 (1.05%) ArcSight
5 3 (1.05%) Aruba
5 3 (1.05%) Extreme Networks
5 3 (1.05%) ForeScout
5 3 (1.05%) Fortinet
5 3 (1.05%) Okta
5 3 (1.05%) ServiceNow
5 3 (1.05%) SonicWALL
5 3 (1.05%) WatchGuard