Period
to 17 January 2021

The following table provides summary statistics for permanent job vacancies with a requirement for CRISC qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 17 January 2021 with a comparison to the same period in the previous 2 years.

ISACA Certified in Risk and Information Systems Control (CRISC)
UK
6 months to
17 Jan 2021
Same period 2020 Same period 2019
Rank 651 780 796
Rank change year-on-year +129 +16 +91
Permanent jobs citing CRISC 105 238 333
As % of all permanent jobs advertised in the UK 0.17% 0.19% 0.22%
As % of the Qualifications category 0.84% 0.86% 0.91%
Number of salaries quoted 91 207 245
Median annual salary £65,000 £65,000 £70,000
Median salary % change year-on-year - -7.14% +7.69%
10th Percentile £37,500 £42,500 £47,500
90th Percentile £88,750 £113,500 £97,700
UK excluding London median annual salary £63,750 £60,500 £65,000
% change year-on-year +5.37% -6.92% +28.08%

CRISC is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 12,497 27,712 36,532
As % of all permanent IT jobs advertised in the UK 20.19% 21.97% 24.17%
Number of salaries quoted 9,172 20,879 27,097
Median annual salary £55,000 £50,000 £50,000
Median salary % change year-on-year +10.00% - +5.26%
10th Percentile £31,250 £27,500 £26,250
90th Percentile £85,000 £82,500 £81,250
UK excluding London median annual salary £49,500 £45,000 £45,000
% change year-on-year +10.00% - +5.88%

CRISC
Job Vacancy Trend

Job postings citing CRISC as a proportion of all IT jobs advertised.

Job vacancy trend for CRISC in the UK

CRISC
Salary Trend

3-month moving average salary quoted in jobs citing CRISC.

Salary trend for CRISC in the UK

CRISC
Salary Histogram

Salary distribution for jobs citing CRISC over the 6 months to 17 January 2021.

Salary histogram for CRISC in the UK

CRISC
Top 14 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CRISC within the UK over the 6 months to 17 January 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +145 97 £67,500 +3.85% 21
UK excluding London +148 63 £63,750 +5.37% 14
London +143 41 £72,500 -3.33% 9
North of England +88 21 £60,000 -7.69% 4
South East +125 16 £42,500 -33.07% 6
Yorkshire +45 16 £60,000 -30.43%
Work from Home -47 13 £75,000 -14.29% 1
South West +78 12 £65,000 +18.18%
Midlands +67 9 £72,000 +30.91%
East Midlands +67 6 £71,250 -8.06%
North West +80 5 £67,500 +1.89% 4
Wales +52 3 £62,500 +16.28%
West Midlands +51 3 £72,000 +30.91%
Scotland +49 3 £47,900 -52.10% 2

For the 6 months to 17 January 2021, IT jobs citing CRISC also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CRISC.

1 90 (85.71%) CISSP
2 80 (76.19%) Information Security
3 67 (63.81%) CISM
4 66 (62.86%) Risk Management
5 61 (58.10%) ISO/IEC 27001
6 53 (50.48%) CISA
7 51 (48.57%) Cybersecurity
8 42 (40.00%) Finance
9 24 (22.86%) NIST
10 23 (21.90%) Analytical Skills
10 23 (21.90%) Degree
11 20 (19.05%) Risk Assessment
12 17 (16.19%) Penetration Testing
12 17 (16.19%) Data Privacy
13 16 (15.24%) Stakeholder Management
13 16 (15.24%) Management Information System
13 16 (15.24%) Microsoft
13 16 (15.24%) Windows
14 13 (12.38%) Remediation Plan
14 13 (12.38%) ISO 27001 Lead Auditor
15 12 (11.43%) Problem-Solving
15 12 (11.43%) SC Cleared
15 12 (11.43%) Security Cleared
16 11 (10.48%) Security Operations
16 11 (10.48%) CESG Certified Professional
17 10 (9.52%) Threat Intelligence
17 10 (9.52%) NCSC
17 10 (9.52%) Data Protection
17 10 (9.52%) SIEM
17 10 (9.52%) Security Management

CRISC
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 1 (0.95%) Apache
Applications
1 2 (1.90%) Microsoft Office
2 1 (0.95%) Microsoft Excel
Cloud Services
1 9 (8.57%) AWS
2 7 (6.67%) Azure
3 4 (3.81%) Mimecast
4 1 (0.95%) Cloud Computing
4 1 (0.95%) GCP
4 1 (0.95%) Office 365
4 1 (0.95%) OpenShift
4 1 (0.95%) SaaS
Communications & Networking
1 9 (8.57%) Cisco IPT
1 9 (8.57%) Intrusion Detection
2 7 (6.67%) Firewall
3 6 (5.71%) Network Security
4 3 (2.86%) DNS
4 3 (2.86%) HTTP
4 3 (2.86%) SAN
4 3 (2.86%) VPN
5 1 (0.95%) Internet
5 1 (0.95%) TCP/IP
Database & Business Intelligence
1 1 (0.95%) MySQL
1 1 (0.95%) PostgreSQL
1 1 (0.95%) Redis
Development Applications
1 1 (0.95%) GitLab
General
1 42 (40.00%) Finance
2 8 (7.62%) Banking
3 6 (5.71%) Financial Institution
3 6 (5.71%) Public Sector
4 5 (4.76%) Law
5 4 (3.81%) Legal
6 1 (0.95%) Investment Banking
6 1 (0.95%) Retail Banking
6 1 (0.95%) Telecoms
Job Titles
1 25 (23.81%) Security Officer
2 19 (18.10%) Analyst
3 17 (16.19%) Information Officer
3 17 (16.19%) Information Security Officer
4 15 (14.29%) Risk Officer
5 10 (9.52%) IT Analyst
5 10 (9.52%) IT Risk Analyst
5 10 (9.52%) Risk Analyst
5 10 (9.52%) Security Engineer
6 8 (7.62%) Architect
6 8 (7.62%) Head of Information
6 8 (7.62%) Head of Information Security
6 8 (7.62%) Head of Security
6 8 (7.62%) Security Architect
7 7 (6.67%) Security Specialist
8 6 (5.71%) ICT Specialist
8 6 (5.71%) Information Security Specialist
8 6 (5.71%) Information Specialist
8 6 (5.71%) Security Analyst
9 5 (4.76%) Financial Analyst
Libraries, Frameworks & Software Standards
1 1 (0.95%) LAMP
1 1 (0.95%) LAPP Stack
1 1 (0.95%) Middleware
1 1 (0.95%) Node.js
1 1 (0.95%) Ruby on Rails
Miscellaneous
1 23 (21.90%) Analytical Skills
2 16 (15.24%) Management Information System
3 7 (6.67%) Self-Motivation
4 5 (4.76%) Public Cloud
5 3 (2.86%) Blog
5 3 (2.86%) Cloud Native
6 1 (0.95%) Data Protection Act
6 1 (0.95%) Distributed Denial-of-Service
6 1 (0.95%) Driving Licence
6 1 (0.95%) Greenfield Project
6 1 (0.95%) Hedge funds
Operating Systems
1 16 (15.24%) Windows
2 6 (5.71%) Mac OS
3 5 (4.76%) Linux
4 3 (2.86%) Mac OS X
4 3 (2.86%) Ubuntu
4 3 (2.86%) Windows Server
5 1 (0.95%) AIX
5 1 (0.95%) Unix
Processes & Methodologies
1 80 (76.19%) Information Security
2 66 (62.86%) Risk Management
3 51 (48.57%) Cybersecurity
4 20 (19.05%) Risk Assessment
5 17 (16.19%) Data Privacy
5 17 (16.19%) Penetration Testing
6 16 (15.24%) Stakeholder Management
7 13 (12.38%) Remediation Plan
8 12 (11.43%) Problem-Solving
9 11 (10.48%) Security Operations
10 10 (9.52%) Data Protection
10 10 (9.52%) Migration
10 10 (9.52%) Risk Analysis
10 10 (9.52%) Security Management
10 10 (9.52%) SIEM
10 10 (9.52%) Threat Intelligence
11 9 (8.57%) Agile Software Development
11 9 (8.57%) Continuous Improvement
11 9 (8.57%) Validation
11 9 (8.57%) Vulnerability Management
Programming Languages
1 7 (6.67%) Python
2 4 (3.81%) Bash Shell
2 4 (3.81%) C
2 4 (3.81%) Go
2 4 (3.81%) PowerShell
3 3 (2.86%) R
4 1 (0.95%) Java
4 1 (0.95%) JavaScript
4 1 (0.95%) PHP
4 1 (0.95%) Ruby
Qualifications
1 90 (85.71%) CISSP
2 67 (63.81%) CISM
3 53 (50.48%) CISA
4 23 (21.90%) Degree
5 13 (12.38%) ISO 27001 Lead Auditor
6 12 (11.43%) SC Cleared
6 12 (11.43%) Security Cleared
7 11 (10.48%) CESG Certified Professional
8 9 (8.57%) CGEIT
9 8 (7.62%) SANS
10 6 (5.71%) DV Cleared
10 6 (5.71%) GIAC
11 4 (3.81%) GCIH
11 4 (3.81%) GSEC
11 4 (3.81%) ISO 27001 Lead Implementer
12 3 (2.86%) GCFE
13 2 (1.90%) (ISC)2 CCSP
13 2 (1.90%) CCSP
13 2 (1.90%) Cisco Certification
13 2 (1.90%) PCI QSA
Quality Assurance & Compliance
1 61 (58.10%) ISO/IEC 27001
2 24 (22.86%) NIST
3 10 (9.52%) NCSC
4 8 (7.62%) COBIT
4 8 (7.62%) Cyber Essentials
4 8 (7.62%) GDPR
4 8 (7.62%) ISO/IEC 27005
5 6 (5.71%) HMG Security Policy Framework
6 5 (4.76%) PCI DSS
7 4 (3.81%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
7 4 (3.81%) Sarbanes-Oxley
8 1 (0.95%) ISO 9001
8 1 (0.95%) NIST 800
System Software
1 4 (3.81%) Active Directory
2 1 (0.95%) Docker
2 1 (0.95%) VMware Infrastructure
Systems Management
1 4 (3.81%) QRadar
2 1 (0.95%) Ansible
2 1 (0.95%) CASB
2 1 (0.95%) HAProxy
2 1 (0.95%) Kubernetes
2 1 (0.95%) Nessus
2 1 (0.95%) Opscode Chef
2 1 (0.95%) Puppet
2 1 (0.95%) SCCM
Vendors
1 16 (15.24%) Microsoft
2 4 (3.81%) Darktrace
3 3 (2.86%) Red Hat
4 2 (1.90%) Cisco
5 1 (0.95%) Fortinet
5 1 (0.95%) Splunk
5 1 (0.95%) Tripwire
5 1 (0.95%) VMware