Period
to 20 April 2018

The following table provides summary statistics for permanent job vacancies with a requirement for CREST Certified qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 20 April 2018 with a comparison to the same period in the previous 2 years.

CREST Certification
UK
6 months to
20 Apr 2018
Same period 2017 Same period 2016
Rank 941 915 897
Rank change year-on-year -26 -18 +208
Permanent jobs citing CREST Certified 263 256 400
As % of all permanent IT jobs advertised in the UK 0.15% 0.15% 0.20%
As % of the Qualifications category 0.63% 0.59% 0.70%
Number of salaries quoted 208 163 285
UK median annual salary £60,000 £57,500 £60,000
Median salary % change year-on-year +4.35% -4.17% +9.09%
10th Percentile £41,250 £33,750 £33,750
90th Percentile £94,125 £90,000 £85,000
UK excluding London median annual salary £55,000 £44,516 £57,500
% change year-on-year +23.55% -22.58% +4.55%

CREST Certified is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 41,655 43,483 57,053
As % of all permanent IT jobs advertised in the UK 23.47% 25.20% 27.88%
Number of salaries quoted 31,865 34,274 45,773
UK median annual salary £47,500 £45,000 £45,000
Median salary % change year-on-year +5.56% - -
10th Percentile £26,250 £26,250 £26,250
90th Percentile £80,000 £76,250 £75,000
UK excluding London median annual salary £44,000 £42,000 £42,500
% change year-on-year +4.76% -1.18% +6.25%

CREST Certified
Job Vacancy Trend

Job postings citing CREST Certified as a percentage of all IT jobs advertised.

Job vacancy trend for CREST Certified in the UK

CREST Certified
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CREST Certified.

Salary trend for CREST Certified in the UK

CREST Certified
Salary Histogram

The salary distribution of IT jobs citing CREST Certified over the 6 months to 20 April 2018.

Salary histogram for CREST Certified in the UK

CREST Certified
Top 14 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CREST Certified within the UK over the 6 months to 20 April 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +3 250 £60,000 - 24
London +7 143 £65,000 - 14
UK excluding London -39 106 £55,000 +23.55% 11
North of England +4 31 £53,500 -6.96% 2
South East -1 28 £65,000 +22.64% 3
East of England +21 25 £50,000 +42.86% 3
North West +8 23 £53,500 -23.57% 1
Midlands -19 9 £60,000 +20.00% 2
Yorkshire +10 8 £65,000 +38.25% 1
West Midlands -26 7 £62,500 +25.00% 2
South West -33 7 £67,500 +58.82%
Wales - 4 - -
Scotland -50 2 £62,500 +66.67%
East Midlands +1 1 - -

For the 6 months to 20 April 2018, IT jobs citing CREST Certified also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CREST Certified.

1 184 (69.96%) Penetration Testing
2 107 (40.68%) Information Security
3 106 (40.30%) OSCP
4 85 (32.32%) Cybersecurity
5 71 (27.00%) Finance
6 70 (26.62%) CISSP
7 62 (23.57%) Security Cleared
8 60 (22.81%) Windows
8 60 (22.81%) SIEM
9 56 (21.29%) Firewall
10 49 (18.63%) Linux
11 48 (18.25%) Unix
12 47 (17.87%) GIAC
13 44 (16.73%) Wireless
13 44 (16.73%) SANS
14 43 (16.35%) Vulnerability Management
15 42 (15.97%) ISO/IEC 27001
16 41 (15.59%) Ethical Hacking
16 41 (15.59%) TCP/IP
17 40 (15.21%) Degree
18 38 (14.45%) Network Security
19 37 (14.07%) Android
19 37 (14.07%) Python
20 36 (13.69%) Security Architecture
21 34 (12.93%) Apple iOS
22 33 (12.55%) Security Testing
22 33 (12.55%) SC Cleared
22 33 (12.55%) CEH
22 33 (12.55%) GCFA
23 31 (11.79%) Nessus

CREST Certified
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 3 (1.14%) IIS
2 1 (0.38%) Apache
Cloud Services
1 5 (1.90%) Amazon AWS
2 4 (1.52%) Google Cloud Platform
2 4 (1.52%) Microsoft Azure
Communications & Networking
1 56 (21.29%) Firewall
2 44 (16.73%) Wireless
3 41 (15.59%) TCP/IP
4 38 (14.45%) Network Security
5 12 (4.56%) HTTP
6 10 (3.80%) Internet
7 9 (3.42%) Sourcefire
8 8 (3.04%) IPsec
8 8 (3.04%) VPN
9 7 (2.66%) Cisco ASA
10 6 (2.28%) Bluetooth
10 6 (2.28%) Cisco ISE
10 6 (2.28%) Cisco Wireless
10 6 (2.28%) NFC
10 6 (2.28%) OpenVPN
10 6 (2.28%) PPP
11 4 (1.52%) DNS
11 4 (1.52%) Intrusion Detection
11 4 (1.52%) LAN
11 4 (1.52%) SMTP
Database & Business Intelligence
1 2 (0.76%) SQL Server
2 1 (0.38%) MySQL
Development Applications
1 23 (8.75%) Burp Suite
2 22 (8.37%) Metasploit
3 3 (1.14%) AppScan
4 2 (0.76%) WebScarab
5 1 (0.38%) SoapUI
5 1 (0.38%) SonarQube
General
1 71 (27.00%) Finance
2 15 (5.70%) Retail
3 8 (3.04%) Advertising
3 8 (3.04%) Banking
3 8 (3.04%) Publishing
4 7 (2.66%) Telecoms
5 4 (1.52%) Arabic Language
5 4 (1.52%) Cantonese Language
5 4 (1.52%) German Language
5 4 (1.52%) Legal
5 4 (1.52%) Mandarin Language
5 4 (1.52%) Spanish Language
6 3 (1.14%) Marketing
7 2 (0.76%) Electronics
7 2 (0.76%) Financial Institution
7 2 (0.76%) Games
7 2 (0.76%) Investment Banking
7 2 (0.76%) Manufacturing
8 1 (0.38%) Law
Job Titles
1 111 (42.21%) Penetration Tester
1 111 (42.21%) Tester
2 63 (23.95%) Consultant
3 50 (19.01%) Security Consultant
4 31 (11.79%) Analyst
5 22 (8.37%) Security Penetration Tester
5 22 (8.37%) Security Tester
6 21 (7.98%) Security Analyst
7 17 (6.46%) Senior Penetration Tester
7 17 (6.46%) Senior Tester
8 16 (6.08%) Senior Consultant
9 15 (5.70%) Senior Security Consultant
10 14 (5.32%) Forensic Investigator
10 14 (5.32%) Lead Tester
10 14 (5.32%) Team Leader
11 13 (4.94%) Cybersecurity Consultant
11 13 (4.94%) Security Specialist
12 12 (4.56%) Lead Security Consultant
12 12 (4.56%) Security Engineer
13 8 (3.04%) Ethical Hacker
Libraries, Frameworks & Software Standards
1 18 (6.84%) .NET
2 7 (2.66%) ASP.NET
3 4 (1.52%) RESTful
4 3 (1.14%) HTML
5 2 (0.76%) LDAP
5 2 (0.76%) Middleware
6 1 (0.38%) Ajax
6 1 (0.38%) CakePHP
6 1 (0.38%) Elastic Stack
6 1 (0.38%) JSON
6 1 (0.38%) LAMP
6 1 (0.38%) XML
Miscellaneous
1 21 (7.98%) Mobile App
2 20 (7.60%) Management Information System
3 17 (6.46%) Computer Science
4 14 (5.32%) Self-Motivation
5 13 (4.94%) Fintech
5 13 (4.94%) Security Operations Centre
6 12 (4.56%) Data Protection Act
7 11 (4.18%) PKI
8 10 (3.80%) Cyberthreat
9 9 (3.42%) Cyberattack
10 8 (3.04%) NHS
11 7 (2.66%) Analytical Skills
11 7 (2.66%) Cyber Defence
12 6 (2.28%) CESG
12 6 (2.28%) Linux Command Line
13 5 (1.90%) Embedded Systems
14 4 (1.52%) Cloud Native
14 4 (1.52%) Distributed Denial-of-Service
15 3 (1.14%) Data Centre
15 3 (1.14%) Virtual Team
Operating Systems
1 60 (22.81%) Windows
2 49 (18.63%) Linux
3 48 (18.25%) Unix
4 37 (14.07%) Android
5 34 (12.93%) Apple iOS
6 23 (8.75%) Kali Linux
7 7 (2.66%) Red Hat Enterprise Linux
8 6 (2.28%) CentOS
8 6 (2.28%) Debian
8 6 (2.28%) Ubuntu
9 5 (1.90%) Mac OS X
9 5 (1.90%) Windows Mobile
Processes & Methodologies
1 184 (69.96%) Penetration Testing
2 107 (40.68%) Information Security
3 85 (32.32%) Cybersecurity
4 60 (22.81%) SIEM
5 43 (16.35%) Vulnerability Management
6 41 (15.59%) Ethical Hacking
7 36 (13.69%) Security Architecture
8 33 (12.55%) Security Testing
9 31 (11.79%) Vulnerability Scanning
10 27 (10.27%) Incident Management
10 27 (10.27%) Mentoring
11 25 (9.51%) OWASP
11 25 (9.51%) Threat Modelling
12 23 (8.75%) Presales
13 22 (8.37%) Digital Forensics
13 22 (8.37%) Reverse Engineering
14 20 (7.60%) Memory Management
14 20 (7.60%) Problem-Solving
15 19 (7.22%) Threat Intelligence
16 18 (6.84%) Social Engineering
Programming Languages
1 37 (14.07%) Python
2 25 (9.51%) Java
3 22 (8.37%) Ruby
3 22 (8.37%) SQL
4 20 (7.60%) Bash Shell
5 19 (7.22%) PHP
6 15 (5.70%) C++
7 13 (4.94%) C#
8 11 (4.18%) C
9 7 (2.66%) Perl
10 5 (1.90%) PowerShell
11 3 (1.14%) VB.NET
12 2 (0.76%) Objective-C
13 1 (0.38%) Assembly Language
13 1 (0.38%) JavaScript
13 1 (0.38%) Shell Script
Qualifications
1 106 (40.30%) OSCP
2 70 (26.62%) CISSP
3 62 (23.57%) Security Cleared
4 47 (17.87%) GIAC
5 44 (16.73%) SANS
6 40 (15.21%) Degree
7 33 (12.55%) CEH
7 33 (12.55%) GCFA
7 33 (12.55%) SC Cleared
8 30 (11.41%) GCFE
9 29 (11.03%) CISA
10 25 (9.51%) CHECK Team Member
11 22 (8.37%) CISM
12 20 (7.60%) Cisco Certification
13 19 (7.22%) CCNA
13 19 (7.22%) Tigerscheme
14 17 (6.46%) CHECK Team Leader
14 17 (6.46%) OSCE
15 16 (6.08%) GREM
16 15 (5.70%) GCIH
Quality Assurance & Compliance
1 42 (15.97%) ISO/IEC 27001
2 22 (8.37%) PCI DSS
3 15 (5.70%) GDPR
4 7 (2.66%) Cyber Essentials
5 5 (1.90%) HMG Security Policy Framework
6 4 (1.52%) QA
7 2 (0.76%) COBIT
7 2 (0.76%) GPG13
7 2 (0.76%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
7 2 (0.76%) NIST 800
8 1 (0.38%) ISAE 3402
8 1 (0.38%) ISO 22301
8 1 (0.38%) ISO 31000
8 1 (0.38%) ISO 9001
8 1 (0.38%) ISO/IEC 27005
8 1 (0.38%) Sarbanes-Oxley
8 1 (0.38%) SLA
System Software
1 11 (4.18%) Snort
2 6 (2.28%) pfSense
3 4 (1.52%) Docker
4 3 (1.14%) Active Directory
5 1 (0.38%) VirtualBox
5 1 (0.38%) VMware Infrastructure
Systems Management
1 31 (11.79%) Nessus
2 22 (8.37%) EnCase
3 12 (4.56%) Core Impact
4 7 (2.66%) OpenVAS
5 6 (2.28%) FortiGate
5 6 (2.28%) Nmap
5 6 (2.28%) OSSEC
6 4 (1.52%) Kubernetes
6 4 (1.52%) Trend Micro Deep Security
7 2 (0.76%) Computer Emergency Response Teams
7 2 (0.76%) CSIRT
8 1 (0.38%) logstash
8 1 (0.38%) QRadar
8 1 (0.38%) Single Sign-On
8 1 (0.38%) WebInspect
8 1 (0.38%) WMI
Vendors
1 26 (9.89%) Microsoft
2 10 (3.80%) Cisco
2 10 (3.80%) McAfee
3 7 (2.66%) AlienVault
3 7 (2.66%) CheckPoint
3 7 (2.66%) F5
3 7 (2.66%) HP
3 7 (2.66%) LogRhythm
3 7 (2.66%) Palo Alto
3 7 (2.66%) Splunk
4 6 (2.28%) Aruba
4 6 (2.28%) Extreme Networks
4 6 (2.28%) ForeScout
4 6 (2.28%) Fortinet
4 6 (2.28%) Juniper
4 6 (2.28%) Okta
4 6 (2.28%) Qualys
4 6 (2.28%) Red Hat
4 6 (2.28%) SonicWALL
4 6 (2.28%) WatchGuard