Period
to 23 August 2017

The following table provides summary statistics for permanent job vacancies with a requirement for CSIRT skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited CSIRT over the 6 months to 23 August 2017 with a comparison to the same period in the previous 2 years.

Computer Security Incident Response Team (CSIRT)
UK
6 months to
23 Aug 2017
Same period 2016 Same period 2015
Rank 1118 1174 1228
Rank change year-on-year +56 +54 +72
Permanent jobs citing CSIRT 76 90 55
As % of all permanent IT jobs advertised in the UK 0.043% 0.046% 0.025%
As % of the Systems Management category 0.49% 0.53% 0.33%
Number of salaries quoted 54 77 34
UK median annual salary £52,500 £62,500 £53,750
Median salary % change year-on-year -16.00% +16.28% -10.42%
10th Percentile £32,500 £45,000 £45,000
90th Percentile £80,000 £82,000 £88,750
UK excluding London median annual salary £53,000 £55,000 £52,500
% change year-on-year -3.64% +4.76% -12.50%

CSIRT is in the Systems Management category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for systems management skills.

All Systems Management Skills
UK
Permanent vacancies with a requirement for systems management skills 15380 16949 16476
As % of all permanent IT jobs advertised in the UK 8.74% 8.61% 7.61%
Number of salaries quoted 12451 13794 13165
UK median annual salary £52,500 £50,000 £47,500
Median salary % change year-on-year +5.00% +5.26% +5.56%
10th Percentile £30,500 £30,500 £29,675
90th Percentile £82,500 £76,250 £72,500
UK excluding London median annual salary £45,000 £43,000 £42,500
% change year-on-year +4.65% +1.18% +6.25%

CSIRT
Job Vacancy Trend

Job postings citing CSIRT as a percentage of all IT jobs advertised.

Job vacancy trend for CSIRT in the UK

CSIRT
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CSIRT.

Salary trend for CSIRT in the UK

CSIRT
Salary Histogram

The salary distribution of IT jobs citing CSIRT over the 6 months to 23 August 2017.

Salary histogram for CSIRT in the UK

CSIRT
Top 8 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CSIRT within the UK over the 6 months to 23 August 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +68 73 £52,500 -16.00% 2
London +34 63 £50,000 -18.37% 2
UK excluding London +56 12 £53,000 -3.64%
South East +66 8 £53,000 +112.00%
Scotland +14 2 - -
North East +19 1 £65,000 +132.14%
East of England +3 1 £35,000 -
North of England -8 1 £65,000 +4.00%

For the 6 months to 23 August 2017, IT jobs citing CSIRT also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads with a requirement for CSIRT.

1 66 (86.84%) Information Security
2 59 (77.63%) SIEM
3 41 (53.95%) Windows
4 39 (51.32%) Security Operations
5 38 (50.00%) Firewall
5 38 (50.00%) Management Information System
6 35 (46.05%) Linux
7 33 (43.42%) Degree
7 33 (43.42%) Computer Science
7 33 (43.42%) Computer Security
8 31 (40.79%) GCIH
9 30 (39.47%) CISSP
10 28 (36.84%) CISM
10 28 (36.84%) Vulnerability Assessment
11 27 (35.53%) Vulnerability Management
11 27 (35.53%) Cybersecurity
12 26 (34.21%) Network Security
13 25 (32.89%) GCIA
14 24 (31.58%) Finance
14 24 (31.58%) Cyberthreat
14 24 (31.58%) QRadar
15 22 (28.95%) Virtual Machines
15 22 (28.95%) GIAC
15 22 (28.95%) Oracle
16 19 (25.00%) Nessus
16 19 (25.00%) Information Assurance
16 19 (25.00%) Security Monitoring
17 18 (23.68%) BeyondTrust
18 16 (21.05%) Threat Analysis
19 14 (18.42%) Unix

CSIRT
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 2 (2.63%) SharePoint
2 1 (1.32%) Apache Spark
2 1 (1.32%) IIS
Cloud Services
1 9 (11.84%) Amazon AWS
2 7 (9.21%) Office 365
3 1 (1.32%) IaaS
3 1 (1.32%) PaaS
3 1 (1.32%) SaaS
Communications & Networking
1 38 (50.00%) Firewall
2 26 (34.21%) Network Security
3 12 (15.79%) TCP/IP
4 11 (14.47%) Intrusion Detection
5 7 (9.21%) Internet
6 2 (2.63%) HTTP
6 2 (2.63%) tcpdump
6 2 (2.63%) Wireshark
7 1 (1.32%) DNS
7 1 (1.32%) LAN
7 1 (1.32%) LDAP
7 1 (1.32%) WAN
Database & Business Intelligence
1 2 (2.63%) Relational Database
2 1 (1.32%) Big Data
2 1 (1.32%) Hadoop
2 1 (1.32%) Oracle Reports
Development Applications
1 1 (1.32%) Metasploit
General
1 24 (31.58%) Finance
2 8 (10.53%) Telecoms
3 4 (5.26%) Legal
4 1 (1.32%) Advertising
4 1 (1.32%) Arabic Language
4 1 (1.32%) Banking
4 1 (1.32%) Financial Institution
4 1 (1.32%) Pharmaceutical
4 1 (1.32%) Russian Language
Job Titles
1 42 (55.26%) Analyst
2 29 (38.16%) Security Analyst
3 14 (18.42%) SOC Analyst
4 12 (15.79%) Team Leader
5 10 (13.16%) Security Engineer
6 9 (11.84%) Junior
7 8 (10.53%) Cybersecurity Analyst
8 7 (9.21%) Information Security Engineer
8 7 (9.21%) Junior Analyst
9 6 (7.89%) Consultant
10 5 (6.58%) Incident Analyst
10 5 (6.58%) Junior Security Analyst
10 5 (6.58%) Security Consultant
11 4 (5.26%) Principal Security Analyst
11 4 (5.26%) Senior Analyst
12 3 (3.95%) Architect
12 3 (3.95%) Cybersecurity Consultant
12 3 (3.95%) Incident Handler
12 3 (3.95%) Security Architect
12 3 (3.95%) Senior Security Analyst
Libraries, Frameworks & Software Standards
1 1 (1.32%) Middleware
1 1 (1.32%) Regular Expression
1 1 (1.32%) REST
1 1 (1.32%) Web Services
Miscellaneous
1 38 (50.00%) Management Information System
2 33 (43.42%) Computer Science
3 24 (31.58%) Cyberthreat
4 11 (14.47%) Analytical Skills
5 10 (13.16%) Cyber Attack
6 7 (9.21%) Distributed Denial-of-Service
6 7 (9.21%) PKI
7 4 (5.26%) Virtual Team
8 2 (2.63%) Security Operations Centre
9 1 (1.32%) Cyber Defence
9 1 (1.32%) Public Cloud
Operating Systems
1 41 (53.95%) Windows
2 35 (46.05%) Linux
3 14 (18.42%) Unix
4 1 (1.32%) Windows Server
Processes & Methodologies
1 66 (86.84%) Information Security
2 59 (77.63%) SIEM
3 39 (51.32%) Security Operations
4 33 (43.42%) Computer Security
5 28 (36.84%) Vulnerability Assessment
6 27 (35.53%) Cybersecurity
6 27 (35.53%) Vulnerability Management
7 19 (25.00%) Information Assurance
7 19 (25.00%) Security Monitoring
8 16 (21.05%) Threat Analysis
9 13 (17.11%) Stakeholder Management
10 12 (15.79%) Remediation Plan
11 11 (14.47%) Process Improvement
12 9 (11.84%) Ethical Hacking
12 9 (11.84%) Incident Management
12 9 (11.84%) Security Testing
13 8 (10.53%) Forensic Analysis
13 8 (10.53%) Malware Analysis
14 7 (9.21%) DDoS Mitigation
14 7 (9.21%) Security Architecture
Programming Languages
1 9 (11.84%) SQL
2 6 (7.89%) Python
3 5 (6.58%) PowerShell
4 2 (2.63%) C
5 1 (1.32%) C#
5 1 (1.32%) C++
5 1 (1.32%) Java
5 1 (1.32%) JavaScript
5 1 (1.32%) Perl
Qualifications
1 33 (43.42%) Degree
2 31 (40.79%) GCIH
3 30 (39.47%) CISSP
4 28 (36.84%) CISM
5 25 (32.89%) GCIA
6 22 (28.95%) GIAC
7 12 (15.79%) CISA
8 11 (14.47%) CEH
8 11 (14.47%) Computer Science Degree
9 6 (7.89%) SANS
10 5 (6.58%) GCFA
11 4 (5.26%) CNA
11 4 (5.26%) Network+ Certification
11 4 (5.26%) Novell Certification
12 3 (3.95%) CREST Certified
13 2 (2.63%) DV Cleared
13 2 (2.63%) Security Cleared
14 1 (1.32%) EnCE
14 1 (1.32%) SC Cleared
14 1 (1.32%) Security+ Certification
Quality Assurance & Compliance
1 5 (6.58%) COBIT
1 5 (6.58%) ISO/IEC 27001
2 2 (2.63%) PCI DSS
3 1 (1.32%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
3 1 (1.32%) NIST 800
3 1 (1.32%) PMO
System Software
1 22 (28.95%) Virtual Machines
2 8 (10.53%) Active Directory
3 1 (1.32%) VMware Infrastructure
3 1 (1.32%) vSphere
Systems Management
1 24 (31.58%) QRadar
2 19 (25.00%) Nessus
3 7 (9.21%) Computer Emergency Response Teams
4 6 (7.89%) Host Intrusion Detection System
5 2 (2.63%) FTK
5 2 (2.63%) Network Intrusion Detection System
6 1 (1.32%) ArcSight ESM
6 1 (1.32%) Nmap
Vendors
1 22 (28.95%) Oracle
2 18 (23.68%) BeyondTrust
3 5 (6.58%) Splunk
4 4 (5.26%) Sun
5 2 (2.63%) ArcSight
5 2 (2.63%) Citrix
5 2 (2.63%) LogRhythm
6 1 (1.32%) AlienVault
6 1 (1.32%) EMC
6 1 (1.32%) McAfee
6 1 (1.32%) Microsoft
6 1 (1.32%) NetIQ
6 1 (1.32%) VMware