CRISC jobs, average salaries and co-occurring skill trends

The following table provides summary statistics for permanent job vacancies with a requirement for CRISC qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 30 October 2020 with a comparison to the same period in the previous 2 years.

ISACA Certified in Risk and Information Systems Control (CRISC) UK
Location	6 months to 30 Oct 2020	Same period 2019	Same period 2018
Rank	598	824	869
Rank change year-on-year	+226	+45	+27
Permanent jobs citing CRISC	93	241	313
As % of all permanent jobs advertised in the UK	0.19%	0.18%	0.19%
As % of the Qualifications category	0.88%	0.77%	0.80%
Number of salaries quoted	87	191	244
Median annual salary	£60,000	£65,000	£75,000
Median salary % change year-on-year	-7.69%	-13.33%	+25.00%
10th Percentile	£36,750	£41,250	£49,193
90th Percentile	£91,750	£103,750	£97,500
UK excluding London median annual salary	£55,000	£60,000	£65,000
% change year-on-year	-8.33%	-7.69%	+23.81%

CRISC is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications UK
Permanent vacancies requiring academic qualifications or professional certifications	10,583	31,370	39,020
As % of all permanent IT jobs advertised in the UK	21.18%	22.89%	23.72%
Number of salaries quoted	7,944	23,057	28,848
Median annual salary	£55,000	£50,000	£50,000
Median salary % change year-on-year	+10.00%	-	+5.26%
10th Percentile	£31,250	£27,000	£26,250
90th Percentile	£87,500	£82,500	£81,250
UK excluding London median annual salary	£50,000	£45,000	£45,000
% change year-on-year	+11.11%	-	+5.88%

CRISC
Job Vacancy Trend

Job postings citing CRISC as a proportion of all IT jobs advertised.

CRISC
Salary Trend

3-month moving average salary quoted in jobs citing CRISC.

CRISC
Salary Histogram

Salary distribution for jobs citing CRISC over the 6 months to 30 October 2020.

CRISC
Top 14 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CRISC within the UK over the 6 months to 30 October 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location	Rank Change on Same Period Last Year	Matching Permanent IT Job Ads	Median Salary Past 6 Months	Median Salary % Change on Same Period Last Year	Live Job Vacancies
England	+220	84	£61,250	-5.77%	31
UK excluding London	+245	47	£55,000	-8.33%	21
London	+215	44	£65,000	-5.45%	10
North of England	+145	12	£55,000	+4.31%	8
South East	+178	11	£35,000	-44.00%	8
Work from Home	-	10	£57,500	-	1
Yorkshire	+120	9	£60,000	-30.43%	5
Midlands	+87	9	£70,000	+55.56%	1
South West	+129	8	£65,000	+18.18%	3
Scotland	+92	6	£47,538	-61.97%
East Midlands	+76	6	£71,250	-5.00%
North West	+112	3	£45,000	-18.18%	2
West Midlands	+88	3	£48,500	+7.78%	1
Wales	+52	1	£62,500	+66.67%

CRISC
Top 30 Co-occurring IT Skills

For the 6 months to 30 October 2020, IT jobs citing CRISC also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CRISC.

1	85 (91.40%)	CISSP
2	72 (77.42%)	Information Security
3	69 (74.19%)	CISM
4	63 (67.74%)	CISA
5	60 (64.52%)	ISO/IEC 27001
6	56 (60.22%)	Risk Management
7	49 (52.69%)	Cybersecurity
8	36 (38.71%)	Finance
9	30 (32.26%)	Management Information System
9	30 (32.26%)	Degree
10	27 (29.03%)	NIST
11	22 (23.66%)	Data Protection
12	21 (22.58%)	ISO 27001 Lead Auditor
13	20 (21.51%)	Microsoft
14	19 (20.43%)	Legal

14	19 (20.43%)	Remediation Plan
15	18 (19.35%)	Analytical Skills
16	17 (18.28%)	Risk Assessment
17	15 (16.13%)	AWS
18	14 (15.05%)	GDPR
18	14 (15.05%)	Penetration Testing
18	14 (15.05%)	Firewall
18	14 (15.05%)	Windows
19	13 (13.98%)	Azure
19	13 (13.98%)	SIEM
20	12 (12.90%)	PCI DSS
20	12 (12.90%)	Law
20	12 (12.90%)	Stakeholder Management
21	11 (11.83%)	Cisco Certification
21	11 (11.83%)	SC Cleared

CRISC
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
Applications
Cloud Services
Communications & Networking
Database & Business Intelligence
Development Applications
General
Job Titles
Libraries, Frameworks & Software Standards
Miscellaneous
Operating Systems
Processes & Methodologies
Programming Languages
Qualifications
Quality Assurance & Compliance
System Software
Systems Management
Vendors

Application Platforms
1	1 (1.08%)	Apache

Applications
1	6 (6.45%)	Microsoft Excel
2	3 (3.23%)	Microsoft Office
3	1 (1.08%)	Microsoft PowerPoint

Cloud Services
1	15 (16.13%)	AWS
2	13 (13.98%)	Azure
3	3 (3.23%)	Mimecast
4	1 (1.08%)	GCP
4	1 (1.08%)	Office 365
4	1 (1.08%)	OpenShift
4	1 (1.08%)	SaaS

Communications & Networking
1	14 (15.05%)	Firewall
2	7 (7.53%)	Intrusion Detection
3	6 (6.45%)	Cisco IPT
4	3 (3.23%)	DNS
4	3 (3.23%)	HTTP
4	3 (3.23%)	VPN
5	1 (1.08%)	Internet
5	1 (1.08%)	Network Security

Database & Business Intelligence
1	1 (1.08%)	MySQL
1	1 (1.08%)	PostgreSQL
1	1 (1.08%)	Redis

Development Applications
1	1 (1.08%)	GitLab

General
1	36 (38.71%)	Finance
2	19 (20.43%)	Legal
3	12 (12.90%)	Law
4	10 (10.75%)	Banking
5	5 (5.38%)	Public Sector
6	2 (2.15%)	Financial Institution

Job Titles
1	22 (23.66%)	Security Officer
2	19 (20.43%)	Analyst
3	16 (17.20%)	Information Officer
3	16 (17.20%)	Information Security Officer
4	12 (12.90%)	Security Analyst
5	10 (10.75%)	Risk Analyst
6	9 (9.68%)	Consultant
6	9 (9.68%)	Risk Officer
6	9 (9.68%)	Security Consultant
6	9 (9.68%)	Security Manager
7	7 (7.53%)	Architect
7	7 (7.53%)	Security Architect
7	7 (7.53%)	Security Risk Analyst
8	6 (6.45%)	Governance Analyst
8	6 (6.45%)	Information Analyst
8	6 (6.45%)	Information Assurance Consultant
8	6 (6.45%)	Information Security Analyst
8	6 (6.45%)	Information Security Consultant
8	6 (6.45%)	IT Manager
8	6 (6.45%)	Risk Consultant

Libraries, Frameworks & Software Standards
1	1 (1.08%)	LAMP
1	1 (1.08%)	LAPP Stack
1	1 (1.08%)	Middleware
1	1 (1.08%)	Node.js
1	1 (1.08%)	Ruby on Rails

Miscellaneous
1	30 (32.26%)	Management Information System
2	18 (19.35%)	Analytical Skills
3	7 (7.53%)	Public Cloud
4	5 (5.38%)	Data Protection Act
5	3 (3.23%)	Blog
5	3 (3.23%)	Cloud Native
5	3 (3.23%)	Self-Motivation
6	2 (2.15%)	Cyberthreat
7	1 (1.08%)	Distributed Denial-of-Service
7	1 (1.08%)	Driving Licence
7	1 (1.08%)	Greenfield Project
7	1 (1.08%)	Video Conferencing

Operating Systems
1	14 (15.05%)	Windows
2	5 (5.38%)	Linux
3	4 (4.30%)	Mac OS
4	3 (3.23%)	Mac OS X
4	3 (3.23%)	Ubuntu
4	3 (3.23%)	Windows Server
5	1 (1.08%)	AIX
5	1 (1.08%)	Unix

Processes & Methodologies
1	72 (77.42%)	Information Security
2	56 (60.22%)	Risk Management
3	49 (52.69%)	Cybersecurity
4	22 (23.66%)	Data Protection
5	19 (20.43%)	Remediation Plan
6	17 (18.28%)	Risk Assessment
7	14 (15.05%)	Penetration Testing
8	13 (13.98%)	SIEM
9	12 (12.90%)	Stakeholder Management
10	10 (10.75%)	Data Security
10	10 (10.75%)	Threat Intelligence
11	9 (9.68%)	Computer Science
11	9 (9.68%)	Data Privacy
11	9 (9.68%)	IT Audit
12	8 (8.60%)	Agile Software Development
12	8 (8.60%)	Problem-Solving
13	7 (7.53%)	Security Management
13	7 (7.53%)	Security Operations
13	7 (7.53%)	Vulnerability Management
14	6 (6.45%)	Analytics

Programming Languages
1	8 (8.60%)	PowerShell
2	7 (7.53%)	Python
3	4 (4.30%)	Bash Shell
3	4 (4.30%)	Go
3	4 (4.30%)	SQL
4	3 (3.23%)	C
4	3 (3.23%)	R
5	1 (1.08%)	Java
5	1 (1.08%)	JavaScript
5	1 (1.08%)	PHP
5	1 (1.08%)	Ruby

Qualifications
1	85 (91.40%)	CISSP
2	69 (74.19%)	CISM
3	63 (67.74%)	CISA
4	30 (32.26%)	Degree
5	21 (22.58%)	ISO 27001 Lead Auditor
6	11 (11.83%)	(ISC)2 CCSP
6	11 (11.83%)	CESG Certified Professional
6	11 (11.83%)	Cisco Certification
6	11 (11.83%)	SC Cleared
6	11 (11.83%)	Security Cleared
7	7 (7.53%)	GIAC
8	6 (6.45%)	CompTIA Security+
9	5 (5.38%)	CGEIT
9	5 (5.38%)	DV Cleared
9	5 (5.38%)	SANS
10	4 (4.30%)	Computer Science Degree
10	4 (4.30%)	GCIH
10	4 (4.30%)	GSEC
10	4 (4.30%)	Master's Degree
11	3 (3.23%)	GCFE

Quality Assurance & Compliance
1	60 (64.52%)	ISO/IEC 27001
2	27 (29.03%)	NIST
3	14 (15.05%)	GDPR
4	12 (12.90%)	PCI DSS
5	10 (10.75%)	Cyber Essentials
6	9 (9.68%)	ISO/IEC 27002 (supersedes ISO/IEC 17799)
7	8 (8.60%)	COBIT
7	8 (8.60%)	NCSC
8	6 (6.45%)	ISO/IEC 27005
9	5 (5.38%)	HMG Security Policy Framework
10	4 (4.30%)	Sarbanes-Oxley
11	2 (2.15%)	ISO 22301
11	2 (2.15%)	JSP 440
11	2 (2.15%)	RMADS
11	2 (2.15%)	SLA
12	1 (1.08%)	ISO 9001
12	1 (1.08%)	NIST 800

System Software
1	4 (4.30%)	Active Directory
2	1 (1.08%)	Docker
2	1 (1.08%)	VMware Infrastructure

Systems Management
1	3 (3.23%)	QRadar
2	1 (1.08%)	Ansible
2	1 (1.08%)	CASB
2	1 (1.08%)	HAProxy
2	1 (1.08%)	Kubernetes
2	1 (1.08%)	Nessus
2	1 (1.08%)	Opscode Chef
2	1 (1.08%)	Puppet
2	1 (1.08%)	SCCM

Vendors
1	20 (21.51%)	Microsoft
2	3 (3.23%)	Darktrace
2	3 (3.23%)	Red Hat
3	1 (1.08%)	Cisco
3	1 (1.08%)	Fortinet
3	1 (1.08%)	Splunk
3	1 (1.08%)	Tripwire
3	1 (1.08%)	VMware

31 CRISC job vacancies Nationwide

CRISCJob Vacancy Trend

CRISCSalary Trend

CRISCSalary Histogram

CRISCTop 14 Job Locations

CRISCTop 30 Co-occurring IT Skills