Period
to 23 October 2017

The following table provides summary statistics for permanent job vacancies with a requirement for CSIRT skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited CSIRT over the 6 months to 23 October 2017 with a comparison to the same period in the previous 2 years.

Computer Security Incident Response Team (CSIRT)
UK
6 months to
23 Oct 2017
Same period 2016 Same period 2015
Rank 1103 1120 1232
Rank change year-on-year +17 +112 +65
Permanent jobs citing CSIRT 78 104 84
As % of all permanent IT jobs advertised in the UK 0.044% 0.055% 0.038%
As % of the Systems Management category 0.50% 0.63% 0.50%
Number of salaries quoted 54 93 65
UK median annual salary £53,000 £62,500 £67,000
Median salary % change year-on-year -15.20% -6.72% +11.67%
10th Percentile £32,500 £43,000 £51,250
90th Percentile £80,000 £85,000 £88,750
UK excluding London median annual salary £53,000 £62,500 £61,250
% change year-on-year -15.20% +2.04% +2.08%

CSIRT is in the Systems Management category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for systems management skills.

All Systems Management Skills
UK
Permanent vacancies with a requirement for systems management skills 15532 16422 16769
As % of all permanent IT jobs advertised in the UK 8.85% 8.66% 7.67%
Number of salaries quoted 12695 13267 13573
UK median annual salary £52,500 £50,000 £48,000
Median salary % change year-on-year +5.00% +4.17% +3.23%
10th Percentile £31,250 £31,250 £29,750
90th Percentile £81,250 £77,500 £73,750
UK excluding London median annual salary £45,000 £45,000 £42,500
% change year-on-year - +5.88% +6.25%

CSIRT
Job Vacancy Trend

Job postings citing CSIRT as a percentage of all IT jobs advertised.

Job vacancy trend for CSIRT in the UK

CSIRT
Salary Trend

This chart provides the 3-month moving average for salaries quoted in permanent IT jobs citing CSIRT.

Salary trend for CSIRT in the UK

CSIRT
Salary Histogram

The salary distribution of IT jobs citing CSIRT over the 6 months to 23 October 2017.

Salary histogram for CSIRT in the UK

CSIRT
Top 6 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CSIRT within the UK over the 6 months to 23 October 2017. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +55 75 £53,000 -15.20% 1
London -3 64 £55,000 -8.33%
UK excluding London +34 11 £53,000 -15.20% 1
South East +61 8 £53,000 +112.00% 1
Scotland -8 2 - -
East of England +2 1 £35,000 -22.22%

For the 6 months to 23 October 2017, IT jobs citing CSIRT also mentioned the following skills in order of popularity. The figures indicate the number co-occurrences and its proportion to all job ads with a requirement for CSIRT.

1 62 (79.49%) Information Security
2 51 (65.38%) Windows
3 47 (60.26%) SIEM
4 44 (56.41%) Cybersecurity
5 41 (52.56%) Firewall
6 40 (51.28%) Network Security
7 36 (46.15%) Linux
8 35 (44.87%) GCIH
8 35 (44.87%) Degree
9 33 (42.31%) Management Information System
9 33 (42.31%) Security Operations
10 31 (39.74%) Computer Science
11 29 (37.18%) GCIA
12 28 (35.90%) Vulnerability Assessment
13 27 (34.62%) GIAC
13 27 (34.62%) CISSP
14 26 (33.33%) CISM
14 26 (33.33%) Computer Security
15 25 (32.05%) Vulnerability Management
16 24 (30.77%) QRadar
17 23 (29.49%) Cyberthreat
17 23 (29.49%) Virtual Machines
17 23 (29.49%) Oracle
18 20 (25.64%) Information Assurance
18 20 (25.64%) Nessus
19 19 (24.36%) BeyondTrust
20 18 (23.08%) Security Monitoring
21 17 (21.79%) Cyber Attack
21 17 (21.79%) Unix
22 16 (20.51%) Threat Analysis

CSIRT
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 1 (1.28%) Apache Spark
1 1 (1.28%) IIS
1 1 (1.28%) SharePoint
Cloud Services
1 9 (11.54%) Amazon AWS
2 7 (8.97%) Office 365
3 2 (2.56%) IaaS
3 2 (2.56%) PaaS
3 2 (2.56%) SaaS
4 1 (1.28%) Cloud Computing
Communications & Networking
1 41 (52.56%) Firewall
2 40 (51.28%) Network Security
3 14 (17.95%) Intrusion Detection
4 13 (16.67%) TCP/IP
5 7 (8.97%) Internet
6 1 (1.28%) HTTP
6 1 (1.28%) tcpdump
6 1 (1.28%) Wireshark
Database & Business Intelligence
1 3 (3.85%) Big Data
2 1 (1.28%) Hadoop
2 1 (1.28%) Oracle Reports
2 1 (1.28%) Relational Database
Development Applications
1 1 (1.28%) Metasploit
General
1 13 (16.67%) Finance
2 7 (8.97%) Telecoms
3 5 (6.41%) Legal
4 2 (2.56%) Military
5 1 (1.28%) Banking
5 1 (1.28%) Financial Institution
Job Titles
1 41 (52.56%) Analyst
2 27 (34.62%) Security Analyst
3 12 (15.38%) Incident Analyst
4 11 (14.10%) Consultant
4 11 (14.10%) Senior Analyst
5 10 (12.82%) Security Engineer
6 9 (11.54%) Junior
7 8 (10.26%) Security Consultant
7 8 (10.26%) Senior Incident Analyst
7 8 (10.26%) SOC Analyst
8 7 (8.97%) Information Security Engineer
8 7 (8.97%) Junior Analyst
8 7 (8.97%) Security Incident Consultant
9 5 (6.41%) Cybersecurity Analyst
9 5 (6.41%) Junior Security Analyst
10 4 (5.13%) Principal Security Analyst
10 4 (5.13%) Team Leader
11 3 (3.85%) Security Architect
11 3 (3.85%) Security Specialist
11 3 (3.85%) Senior Security Analyst
Miscellaneous
1 33 (42.31%) Management Information System
2 31 (39.74%) Computer Science
3 23 (29.49%) Cyberthreat
4 17 (21.79%) Cyber Attack
5 11 (14.10%) Analytical Skills
6 7 (8.97%) Distributed Denial-of-Service
6 7 (8.97%) PKI
7 4 (5.13%) Security Operations Centre
7 4 (5.13%) Virtual Team
8 1 (1.28%) Enterprise Software
8 1 (1.28%) Public Cloud
Operating Systems
1 51 (65.38%) Windows
2 36 (46.15%) Linux
3 17 (21.79%) Unix
4 2 (2.56%) VMS
Processes & Methodologies
1 62 (79.49%) Information Security
2 47 (60.26%) SIEM
3 44 (56.41%) Cybersecurity
4 33 (42.31%) Security Operations
5 28 (35.90%) Vulnerability Assessment
6 26 (33.33%) Computer Security
7 25 (32.05%) Vulnerability Management
8 20 (25.64%) Information Assurance
9 18 (23.08%) Security Monitoring
10 16 (20.51%) Malware Analysis
10 16 (20.51%) Threat Analysis
11 13 (16.67%) Reverse Engineering
11 13 (16.67%) Threat Intelligence
12 12 (15.38%) Forensic Analysis
12 12 (15.38%) Remediation Plan
13 11 (14.10%) Cyber Threat Intelligence
14 9 (11.54%) E-Discovery
15 8 (10.26%) Security Testing
15 8 (10.26%) Stakeholder Engagement
15 8 (10.26%) Threat Detection
Programming Languages
1 5 (6.41%) SQL
2 2 (2.56%) C
Qualifications
1 35 (44.87%) Degree
1 35 (44.87%) GCIH
2 29 (37.18%) GCIA
3 27 (34.62%) CISSP
3 27 (34.62%) GIAC
4 26 (33.33%) CISM
5 13 (16.67%) CISA
6 11 (14.10%) Computer Science Degree
7 10 (12.82%) CEH
8 9 (11.54%) SANS
9 8 (10.26%) CREST Certified
9 8 (10.26%) Network+ Certification
9 8 (10.26%) Novell Certification
10 5 (6.41%) GCFA
11 3 (3.85%) DV Cleared
11 3 (3.85%) Security Cleared
12 1 (1.28%) GCED
12 1 (1.28%) GPEN
12 1 (1.28%) GREM
12 1 (1.28%) ISACA
Quality Assurance & Compliance
1 6 (7.69%) ISO/IEC 27001
2 3 (3.85%) PMO
3 1 (1.28%) GDPR
3 1 (1.28%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
3 1 (1.28%) NIST 800
System Software
1 23 (29.49%) Virtual Machines
2 8 (10.26%) Active Directory
Systems Management
1 24 (30.77%) QRadar
2 20 (25.64%) Nessus
3 15 (19.23%) Computer Emergency Response Teams
4 7 (8.97%) Host Intrusion Detection System
5 2 (2.56%) FTK
5 2 (2.56%) Network Intrusion Detection System
6 1 (1.28%) Nmap
Vendors
1 23 (29.49%) Oracle
2 19 (24.36%) BeyondTrust
3 5 (6.41%) Sun
4 2 (2.56%) Splunk
5 1 (1.28%) Citrix
5 1 (1.28%) Microsoft