Period
to 21 January 2018

The following table provides summary statistics for permanent job vacancies with a requirement for CSIRT skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited CSIRT over the 6 months to 21 January 2018 with a comparison to the same period in the previous 2 years.

Computer Security Incident Response Team (CSIRT)
UK
6 months to
21 Jan 2018
Same period 2017 Same period 2016
Rank 1092 1089 1178
Rank change year-on-year -3 +89 +100
Permanent jobs citing CSIRT 87 91 106
As % of all permanent IT jobs advertised in the UK 0.051% 0.052% 0.051%
As % of the Systems Management category 0.57% 0.61% 0.65%
Number of salaries quoted 41 77 94
UK median annual salary £60,000 £62,500 £75,000
Median salary % change year-on-year -4.00% -16.67% +25.00%
10th Percentile £33,750 £40,500 £51,250
90th Percentile £96,250 £90,000 £86,500
UK excluding London median annual salary £50,000 £62,500 £75,000
% change year-on-year -20.00% -16.67% +25.00%

CSIRT is in the Systems Management category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for systems management skills.

All Systems Management Skills
UK
Permanent vacancies with a requirement for systems management skills 15,180 14,996 16,309
As % of all permanent IT jobs advertised in the UK 8.83% 8.52% 7.83%
Number of salaries quoted 12,380 12,142 13,354
UK median annual salary £52,500 £50,000 £50,000
Median salary % change year-on-year +5.00% - +6.38%
10th Percentile £31,250 £31,250 £30,000
90th Percentile £81,250 £78,750 £75,000
UK excluding London median annual salary £46,000 £45,000 £42,750
% change year-on-year +2.22% +5.26% +4.27%

CSIRT
Job Vacancy Trend

Job postings citing CSIRT as a percentage of all IT jobs advertised.

Job vacancy trend for CSIRT in the UK

CSIRT
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CSIRT.

Salary trend for CSIRT in the UK

CSIRT
Salary Histogram

The salary distribution of IT jobs citing CSIRT over the 6 months to 21 January 2018.

Salary histogram for CSIRT in the UK

CSIRT
Top 9 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CSIRT within the UK over the 6 months to 21 January 2018. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +19 83 £60,000 -4.00% 10
London +14 69 £57,500 -8.00% 5
UK excluding London -7 7 £50,000 -20.00% 5
South East +13 4 £50,000 +42.86% 1
North of England -2 2 £50,350 -19.44%
North West -6 1 £62,500 +26.26%
Midlands - 1 - - 3
North East - 1 £38,200 -
West Midlands - 1 - - 2

For the 6 months to 21 January 2018, IT jobs citing CSIRT also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads with a requirement for CSIRT.

1 74 (85.06%) Information Security
2 63 (72.41%) Windows
3 58 (66.67%) Cybersecurity
4 57 (65.52%) Network Security
5 54 (62.07%) SIEM
5 54 (62.07%) Firewall
6 51 (58.62%) Linux
7 44 (50.57%) GCIA
7 44 (50.57%) GCIH
8 43 (49.43%) GIAC
8 43 (49.43%) Security Operations
9 42 (48.28%) Management Information System
10 41 (47.13%) Degree
11 40 (45.98%) Computer Science
12 36 (41.38%) QRadar
12 36 (41.38%) Vulnerability Management
13 35 (40.23%) Virtual Machines
13 35 (40.23%) Oracle
14 34 (39.08%) Vulnerability Assessment
15 33 (37.93%) Nessus
16 31 (35.63%) Information Assurance
16 31 (35.63%) BeyondTrust
17 28 (32.18%) CISSP
18 27 (31.03%) CISM
19 24 (27.59%) Cyberthreat
20 20 (22.99%) Computer Security
20 20 (22.99%) C
21 18 (20.69%) Unix
21 18 (20.69%) Threat Analysis
21 18 (20.69%) Security Monitoring

CSIRT
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 1 (1.15%) Apache Spark
Cloud Services
1 4 (4.60%) Amazon AWS
2 3 (3.45%) Office 365
2 3 (3.45%) SaaS
3 1 (1.15%) Cloud Computing
3 1 (1.15%) IaaS
3 1 (1.15%) PaaS
Communications & Networking
1 57 (65.52%) Network Security
2 54 (62.07%) Firewall
3 15 (17.24%) Intrusion Detection
4 11 (12.64%) TCP/IP
5 3 (3.45%) Internet
6 2 (2.30%) NAS
6 2 (2.30%) SAN
7 1 (1.15%) HTTP
Database & Business Intelligence
1 8 (9.20%) Big Data
2 1 (1.15%) Hadoop
2 1 (1.15%) Oracle Reports
Development Applications
1 1 (1.15%) Metasploit
General
1 12 (13.79%) Legal
2 7 (8.05%) Finance
2 7 (8.05%) Military
3 4 (4.60%) Telecoms
4 3 (3.45%) Law
5 1 (1.15%) Retail
Job Titles
1 44 (50.57%) Analyst
2 32 (36.78%) Security Analyst
3 24 (27.59%) Incident Analyst
4 19 (21.84%) Senior Analyst
5 16 (18.39%) Senior Incident Analyst
6 12 (13.79%) Security Incident Analyst
7 11 (12.64%) Consultant
8 8 (9.20%) Architect
8 8 (9.20%) Cybersecurity Architect
8 8 (9.20%) Security Architect
8 8 (9.20%) Security Manager
8 8 (9.20%) Security Solutions Architect
8 8 (9.20%) SOC Analyst
8 8 (9.20%) Solutions Architect
9 7 (8.05%) Incident Handler
9 7 (8.05%) Junior
9 7 (8.05%) Senior Security Analyst
10 6 (6.90%) Incident Manager
10 6 (6.90%) Security Consultant
11 5 (5.75%) Junior Analyst
Libraries, Frameworks & Software Standards
1 1 (1.15%) Middleware
Miscellaneous
1 42 (48.28%) Management Information System
2 40 (45.98%) Computer Science
3 24 (27.59%) Cyberthreat
4 15 (17.24%) Cyberattack
5 12 (13.79%) Security Operations Centre
6 9 (10.34%) Analytical Skills
7 7 (8.05%) Distributed Denial-of-Service
8 3 (3.45%) PKI
9 2 (2.30%) Fintech
9 2 (2.30%) Hedge funds
10 1 (1.15%) Enterprise Software
10 1 (1.15%) Freedom of Information
10 1 (1.15%) NHS
Operating Systems
1 63 (72.41%) Windows
2 51 (58.62%) Linux
3 18 (20.69%) Unix
4 7 (8.05%) VMS
5 1 (1.15%) Kali Linux
Processes & Methodologies
1 74 (85.06%) Information Security
2 58 (66.67%) Cybersecurity
3 54 (62.07%) SIEM
4 43 (49.43%) Security Operations
5 36 (41.38%) Vulnerability Management
6 34 (39.08%) Vulnerability Assessment
7 31 (35.63%) Information Assurance
8 20 (22.99%) Computer Security
9 18 (20.69%) Security Monitoring
9 18 (20.69%) Threat Analysis
10 15 (17.24%) Malware Analysis
10 15 (17.24%) Remediation Plan
11 14 (16.09%) Reverse Engineering
11 14 (16.09%) Threat Intelligence
12 13 (14.94%) E-Discovery
13 12 (13.79%) Computer Forensics
13 12 (13.79%) Cyber Threat Intelligence
13 12 (13.79%) Forensic Analysis
13 12 (13.79%) Threat Detection
14 10 (11.49%) Continuous Improvement
Programming Languages
1 20 (22.99%) C
2 10 (11.49%) SQL
3 1 (1.15%) C#
3 1 (1.15%) C++
3 1 (1.15%) Java
3 1 (1.15%) PHP
Qualifications
1 44 (50.57%) GCIA
1 44 (50.57%) GCIH
2 43 (49.43%) GIAC
3 41 (47.13%) Degree
4 28 (32.18%) CISSP
5 27 (31.03%) CISM
6 14 (16.09%) SANS
7 13 (14.94%) CISA
8 12 (13.79%) Network+ Certification
8 12 (13.79%) Novell Certification
9 6 (6.90%) CEH
9 6 (6.90%) CREST Certified
10 3 (3.45%) Computer Science Degree
11 2 (2.30%) DV Cleared
11 2 (2.30%) Security Cleared
12 1 (1.15%) GPEN
12 1 (1.15%) GREM
12 1 (1.15%) ISEB
12 1 (1.15%) ISEB Practitioner
12 1 (1.15%) SC Cleared
Quality Assurance & Compliance
1 8 (9.20%) ISO/IEC 27001
1 8 (9.20%) PMO
2 5 (5.75%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
3 3 (3.45%) COBIT
3 3 (3.45%) GPG13
3 3 (3.45%) PCI DSS
4 2 (2.30%) BS7799
4 2 (2.30%) GDPR
4 2 (2.30%) ISO 22301
5 1 (1.15%) Cyber Essentials
System Software
1 35 (40.23%) Virtual Machines
2 4 (4.60%) Active Directory
3 3 (3.45%) VMware Infrastructure
Systems Management
1 36 (41.38%) QRadar
2 33 (37.93%) Nessus
3 16 (18.39%) Computer Emergency Response Teams
4 9 (10.34%) Host Intrusion Detection System
5 2 (2.30%) FTK
6 1 (1.15%) Nmap
Vendors
1 35 (40.23%) Oracle
2 31 (35.63%) BeyondTrust
3 9 (10.34%) Sun
4 3 (3.45%) VMware
5 1 (1.15%) Microsoft