Period
to 25 September 2018

The following table provides summary statistics for permanent job vacancies with a requirement for CSIRT skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited CSIRT over the 6 months to 25 September 2018 with a comparison to the same period in the previous 2 years.

Computer Security Incident Response Team (CSIRT)
UK
6 months to
25 Sep 2018
Same period 2017 Same period 2016
Rank 1120 1124 1159
Rank change year-on-year +4 +35 +76
Permanent jobs citing CSIRT 39 69 95
As % of all permanent IT jobs advertised in the UK 0.023% 0.039% 0.050%
As % of the Systems Management category 0.22% 0.44% 0.56%
Number of salaries quoted 29 47 85
UK median annual salary £52,500 £52,500 £62,500
Median salary % change year-on-year - -16.00% -
10th Percentile £42,375 £32,500 £45,000
90th Percentile £81,250 £80,000 £88,000
UK excluding London median annual salary £49,750 £53,000 £62,500
% change year-on-year -6.13% -15.20% +4.17%

CSIRT is in the Systems Management category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for systems management skills.

All Systems Management Skills
UK
Permanent vacancies with a requirement for systems management skills 17,518 15,768 17,071
As % of all permanent IT jobs advertised in the UK 10.46% 8.94% 8.92%
Number of salaries quoted 13,986 12,814 13,888
UK median annual salary £55,000 £52,500 £50,000
Median salary % change year-on-year +4.76% +5.00% +5.26%
10th Percentile £31,750 £31,000 £31,250
90th Percentile £85,000 £82,500 £77,500
UK excluding London median annual salary £47,500 £45,000 £45,000
% change year-on-year +5.56% - +5.88%

CSIRT
Job Vacancy Trend

Job postings citing CSIRT as a percentage of all IT jobs advertised.

Job vacancy trend for CSIRT in the UK

CSIRT
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CSIRT.

Salary trend for CSIRT in the UK

CSIRT
Salary Histogram

The salary distribution of IT jobs citing CSIRT over the 6 months to 25 September 2018.

Salary histogram for CSIRT in the UK

CSIRT
Top 9 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CSIRT within the UK over the 6 months to 25 September 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -5 38 £51,250 -2.38% 6
UK excluding London +42 21 £49,750 -6.13% 2
London -2 18 £70,000 +36.59% 4
East of England +40 11 £49,500 +41.43% 1
South West - 4 £55,000 -
South East +3 3 £60,000 +13.21% 1
Yorkshire - 2 £65,000 -
North of England - 2 £65,000 -
Scotland -11 1 £75,000 -

For the 6 months to 25 September 2018, IT jobs citing CSIRT also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CSIRT.

1 28 (71.79%) Firewall
2 24 (61.54%) Cybersecurity
3 21 (53.85%) Malware Analysis
4 19 (48.72%) SIEM
5 18 (46.15%) TCP/IP
6 17 (43.59%) Security Operations
7 16 (41.03%) DNS
7 16 (41.03%) HTTP
7 16 (41.03%) GCIA
7 16 (41.03%) CEH
8 15 (38.46%) Python
9 14 (35.90%) Management Information System
9 14 (35.90%) Degree
10 13 (33.33%) Incident Management
10 13 (33.33%) VPN
10 13 (33.33%) ITIL
10 13 (33.33%) Windows
10 13 (33.33%) SSL
10 13 (33.33%) QRadar
11 12 (30.77%) MPLS
11 12 (30.77%) Change Management
11 12 (30.77%) Information Security
11 12 (30.77%) PowerShell
11 12 (30.77%) Security Architecture
12 11 (28.21%) Problem Management
12 11 (28.21%) GCIH
12 11 (28.21%) Cisco Certification
12 11 (28.21%) CCNA
12 11 (28.21%) JavaScript
12 11 (28.21%) CompTIA Security+

CSIRT
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Cloud Services
1 1 (2.56%) Amazon AWS
1 1 (2.56%) AWS Lambda
1 1 (2.56%) Serverless
Communications & Networking
1 28 (71.79%) Firewall
2 18 (46.15%) TCP/IP
3 16 (41.03%) DNS
3 16 (41.03%) HTTP
4 13 (33.33%) SSL
4 13 (33.33%) VPN
5 12 (30.77%) MPLS
6 5 (12.82%) FTP
6 5 (12.82%) Network Security
7 4 (10.26%) Cisco ASA
7 4 (10.26%) F5 BIG-IP GTM
7 4 (10.26%) F5 BIG-IP LTM
7 4 (10.26%) SMTP
7 4 (10.26%) Sourcefire
8 2 (5.13%) Intrusion Detection
9 1 (2.56%) IPsec
9 1 (2.56%) SAN
Database & Business Intelligence
1 1 (2.56%) Maltego
General
1 7 (17.95%) Finance
2 4 (10.26%) Legal
3 1 (2.56%) Financial Institution
Job Titles
1 13 (33.33%) Analyst
2 9 (23.08%) Security Engineer
3 7 (17.95%) Security Analyst
3 7 (17.95%) SOC Analyst
4 4 (10.26%) Cybersecurity Analyst
4 4 (10.26%) Security Support Engineer
4 4 (10.26%) Senior Analyst
4 4 (10.26%) Senior Cybersecurity Analyst
4 4 (10.26%) Senior Security Analyst
4 4 (10.26%) Support Engineer
5 2 (5.13%) CISSP Specialist
5 2 (5.13%) Consultant
5 2 (5.13%) Data Manager
5 2 (5.13%) Information Security Specialist
5 2 (5.13%) Information Specialist
5 2 (5.13%) Security Manager
5 2 (5.13%) Security Specialist
5 2 (5.13%) Senior Consultant
5 2 (5.13%) SIEM Engineer
5 2 (5.13%) Team Leader
Libraries, Frameworks & Software Standards
1 3 (7.69%) Regular Expression
2 1 (2.56%) Elastic Stack
Miscellaneous
1 14 (35.90%) Management Information System
2 9 (23.08%) Security Operations Centre
3 5 (12.82%) Analytical Skills
4 4 (10.26%) Cyber Kill Chain
5 2 (5.13%) Cyberattack
5 2 (5.13%) Data Protection Act
6 1 (2.56%) Cyber Defence
6 1 (2.56%) Freedom of Information
6 1 (2.56%) Freedom of Information Act
Operating Systems
1 13 (33.33%) Windows
2 9 (23.08%) Linux
3 5 (12.82%) Red Hat Enterprise Linux
3 5 (12.82%) Windows Server
4 2 (5.13%) Unix
5 1 (2.56%) Mac OS
Processes & Methodologies
1 24 (61.54%) Cybersecurity
2 21 (53.85%) Malware Analysis
3 19 (48.72%) SIEM
4 17 (43.59%) Security Operations
5 13 (33.33%) Incident Management
5 13 (33.33%) ITIL
6 12 (30.77%) Change Management
6 12 (30.77%) Information Security
6 12 (30.77%) Security Architecture
7 11 (28.21%) Problem Management
8 10 (25.64%) Use Case
9 9 (23.08%) Vulnerability Management
10 8 (20.51%) Computer Security
11 7 (17.95%) Continuous Improvement
11 7 (17.95%) Problem-Solving
11 7 (17.95%) Threat Intelligence
11 7 (17.95%) Vulnerability Assessment
12 6 (15.38%) Critical Thinking
12 6 (15.38%) Cyber Threat Intelligence
12 6 (15.38%) Forensic Analysis
Programming Languages
1 15 (38.46%) Python
2 12 (30.77%) PowerShell
3 11 (28.21%) JavaScript
4 9 (23.08%) Perl
5 5 (12.82%) VBA
6 4 (10.26%) Bash Shell
7 2 (5.13%) SQL
Qualifications
1 16 (41.03%) CEH
1 16 (41.03%) GCIA
2 14 (35.90%) Degree
3 11 (28.21%) CCNA
3 11 (28.21%) Cisco Certification
3 11 (28.21%) CompTIA Security+
3 11 (28.21%) GCIH
4 9 (23.08%) CISSP
5 6 (15.38%) GCFA
6 4 (10.26%) CISA
6 4 (10.26%) CISM
6 4 (10.26%) GIAC
6 4 (10.26%) SANS
7 3 (7.69%) GREM
8 2 (5.13%) CFCE
8 2 (5.13%) CHFI
8 2 (5.13%) CRISC
8 2 (5.13%) GCFE
9 1 (2.56%) CREST Certified
9 1 (2.56%) EC-Council LPT
Quality Assurance & Compliance
1 6 (15.38%) SLA
2 4 (10.26%) GDPR
2 4 (10.26%) ISO/IEC 27001
2 4 (10.26%) NIST 800
3 2 (5.13%) PCI DSS
System Software
1 4 (10.26%) ProxySG
2 1 (2.56%) Active Directory
2 1 (2.56%) Docker
Systems Management
1 13 (33.33%) QRadar
2 6 (15.38%) Computer Emergency Response Teams
3 2 (5.13%) Host Intrusion Detection System
4 1 (2.56%) CASB
4 1 (2.56%) Computer Incident Response Team
4 1 (2.56%) Kubernetes
Vendors
1 6 (15.38%) Cisco
2 5 (12.82%) Forcepoint
3 4 (10.26%) Blue Coat
3 4 (10.26%) F5
3 4 (10.26%) Juniper
4 2 (5.13%) LogRhythm
4 2 (5.13%) Palo Alto
4 2 (5.13%) Sun
5 1 (2.56%) IBM
5 1 (2.56%) Microsoft
5 1 (2.56%) Qualys
5 1 (2.56%) Splunk