Period
to 28 January 2021

The following table provides summary statistics for permanent job vacancies with a requirement for CSIRT skills. Included is a benchmarking guide to the salaries offered in vacancies that have cited CSIRT over the 6 months to 28 January 2021 with a comparison to the same period in the previous 2 years.

Computer Security Incident Response Team (CSIRT)
UK
6 months to
28 Jan 2021
Same period 2020 Same period 2019
Rank 735 986 1057
Rank change year-on-year +251 +71 +60
Permanent jobs citing CSIRT 37 43 61
As % of all permanent jobs advertised in the UK 0.056% 0.034% 0.040%
As % of the Systems Management category 0.35% 0.27% 0.36%
Number of salaries quoted 24 32 29
Median annual salary £76,250 £60,000 £60,000
Median salary % change year-on-year +27.08% - -14.29%
10th Percentile £62,500 £32,404 £46,419
90th Percentile £100,000 £85,000 £86,750
UK excluding London median annual salary £72,000 £56,250 £50,000
% change year-on-year +28.00% +12.50% -

CSIRT is in the Systems Management category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for systems management skills.

All Systems Management Skills
UK
Permanent vacancies with a requirement for systems management skills 10,713 16,065 17,137
As % of all permanent IT jobs advertised in the UK 16.35% 12.79% 11.34%
Number of salaries quoted 8,802 12,425 13,557
Median annual salary £62,500 £60,000 £57,500
Median salary % change year-on-year +4.17% +4.35% +9.52%
10th Percentile £37,500 £32,500 £32,500
90th Percentile £93,750 £93,750 £87,500
UK excluding London median annual salary £52,500 £50,000 £50,000
% change year-on-year +5.00% - +8.70%

CSIRT
Job Vacancy Trend

Job postings citing CSIRT as a proportion of all IT jobs advertised.

Job vacancy trend for CSIRT in the UK

CSIRT
Salary Trend

3-month moving average salary quoted in jobs citing CSIRT.

Salary trend for CSIRT in the UK

CSIRT
Salary Histogram

Salary distribution for jobs citing CSIRT over the 6 months to 28 January 2021.

Salary histogram for CSIRT in the UK

CSIRT
Top 8 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CSIRT within the UK over the 6 months to 28 January 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England +245 37 £76,250 +27.08% 5
London +223 24 £90,000 +35.85% 2
UK excluding London +175 12 £72,000 +28.00% 3
Midlands +72 6 £72,000 +20.00% 1
West Midlands +58 6 £72,000 +37.14% 1
South East - 4 - - 2
South West +59 2 £68,750 +40.66%
Work from Home - 2 - - 2

For the 6 months to 28 January 2021, IT jobs citing CSIRT also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CSIRT.

1 37 (100.00%) Cybersecurity
2 21 (56.76%) Firewall
3 20 (54.05%) Azure
4 18 (48.65%) DevOps
5 17 (45.95%) Network Security
6 16 (43.24%) Information Security
7 15 (40.54%) Intrusion Detection
7 15 (40.54%) CISSP
7 15 (40.54%) Computer Science
8 14 (37.84%) Computer Security
8 14 (37.84%) AWS
8 14 (37.84%) Cisco Certification
8 14 (37.84%) CCSP
8 14 (37.84%) (ISC)2 CCSP
8 14 (37.84%) Blue Team
9 13 (35.14%) Task Automation
9 13 (35.14%) Runbook
9 13 (35.14%) Windows
9 13 (35.14%) Penetration Testing
9 13 (35.14%) Management Information System
9 13 (35.14%) Security Architecture
9 13 (35.14%) OWASP
9 13 (35.14%) Kalman Filter
9 13 (35.14%) Network Monitoring
10 12 (32.43%) Linux
11 11 (29.73%) Unix
11 11 (29.73%) Threat Intelligence
11 11 (29.73%) Cyber Threat Intelligence
11 11 (29.73%) Problem-Solving
12 10 (27.03%) Security Operations

CSIRT
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Applications
1 2 (5.41%) Microsoft PowerPoint
Cloud Services
1 20 (54.05%) Azure
2 14 (37.84%) AWS
3 9 (24.32%) GCP
Communications & Networking
1 21 (56.76%) Firewall
2 17 (45.95%) Network Security
3 15 (40.54%) Intrusion Detection
4 5 (13.51%) LAN
4 5 (13.51%) SSL
4 5 (13.51%) VPN
4 5 (13.51%) WAN
4 5 (13.51%) Wireshark
5 2 (5.41%) BGP
5 2 (5.41%) TCP/IP
6 1 (2.70%) DNS
General
1 7 (18.92%) Banking
2 6 (16.22%) Publishing
3 5 (13.51%) Investment Banking
4 2 (5.41%) Finance
4 2 (5.41%) French Language
4 2 (5.41%) German Language
4 2 (5.41%) Italian Language
5 1 (2.70%) Aerospace
5 1 (2.70%) Public Sector
Job Titles
1 12 (32.43%) Security Engineer
2 9 (24.32%) Analyst
3 8 (21.62%) Security Analyst
4 6 (16.22%) Azure Engineer
4 6 (16.22%) Cloud Engineer
4 6 (16.22%) Cybersecurity Engineer
4 6 (16.22%) Linux Engineer
4 6 (16.22%) PowerShell Engineer
4 6 (16.22%) Python Engineer
4 6 (16.22%) Site Engineer
4 6 (16.22%) Site Reliability Engineer
4 6 (16.22%) Unix Engineer
4 6 (16.22%) Unix Linux Engineer
4 6 (16.22%) Windows Engineer
5 5 (13.51%) Information Analyst
5 5 (13.51%) Information Risk Analyst
5 5 (13.51%) Information Security Analyst
5 5 (13.51%) Risk Analyst
5 5 (13.51%) Security Risk Analyst
6 4 (10.81%) Senior Security Engineer
Libraries, Frameworks & Software Standards
1 5 (13.51%) YAML
2 3 (8.11%) Web Services
Miscellaneous
1 13 (35.14%) Management Information System
2 8 (21.62%) Analytical Skills
2 8 (21.62%) Cyberthreat
3 6 (16.22%) Cyber Kill Chain
4 5 (13.51%) Cyberattack
4 5 (13.51%) Robotics
4 5 (13.51%) Security Operations Centre
5 3 (8.11%) Cyber Defence
6 2 (5.41%) Distributed Denial-of-Service
6 2 (5.41%) Self-Motivation
6 2 (5.41%) Virtual Team
7 1 (2.70%) Cloud Native
7 1 (2.70%) Greenfield Project
7 1 (2.70%) PKI
7 1 (2.70%) Reinsurance
Operating Systems
1 13 (35.14%) Windows
2 12 (32.43%) Linux
3 11 (29.73%) Unix
4 5 (13.51%) Solaris
4 5 (13.51%) Windows Server
4 5 (13.51%) Windows XP
Processes & Methodologies
1 37 (100.00%) Cybersecurity
2 18 (48.65%) DevOps
3 16 (43.24%) Information Security
4 15 (40.54%) Computer Science
5 14 (37.84%) Blue Team
5 14 (37.84%) Computer Security
6 13 (35.14%) Kalman Filter
6 13 (35.14%) Network Monitoring
6 13 (35.14%) OWASP
6 13 (35.14%) Penetration Testing
6 13 (35.14%) Runbook
6 13 (35.14%) Security Architecture
6 13 (35.14%) Task Automation
7 11 (29.73%) Cyber Threat Intelligence
7 11 (29.73%) Problem-Solving
7 11 (29.73%) Threat Intelligence
8 10 (27.03%) Ethical Hacking
8 10 (27.03%) Security Operations
9 8 (21.62%) Use Case
10 7 (18.92%) SIEM
Programming Languages
1 9 (24.32%) Python
2 6 (16.22%) Java
2 6 (16.22%) Perl
2 6 (16.22%) PowerShell
3 3 (8.11%) Bash Shell
3 3 (8.11%) SQL
Qualifications
1 15 (40.54%) CISSP
2 14 (37.84%) (ISC)2 CCSP
2 14 (37.84%) CCSP
2 14 (37.84%) Cisco Certification
3 10 (27.03%) CEH
3 10 (27.03%) OSCP
4 9 (24.32%) GPEN
4 9 (24.32%) OSCE
5 6 (16.22%) CREST Certified
5 6 (16.22%) Degree
5 6 (16.22%) GCFA
5 6 (16.22%) GCIA
5 6 (16.22%) GCIH
6 5 (13.51%) CISM
7 2 (5.41%) GIAC
7 2 (5.41%) SANS
7 2 (5.41%) Security Cleared
8 1 (2.70%) CFCE
8 1 (2.70%) GCED
8 1 (2.70%) GREM
Quality Assurance & Compliance
1 5 (13.51%) COBIT
1 5 (13.51%) NIST
2 2 (5.41%) Cyber Essentials
2 2 (5.41%) GDPR
2 2 (5.41%) HMG Security Policy Framework
2 2 (5.41%) ISO/IEC 20000
3 1 (2.70%) ISO/IEC 27001
System Software
1 9 (24.32%) Docker
2 6 (16.22%) Active Directory
3 1 (2.70%) VMware Infrastructure
Systems Management
1 9 (24.32%) Kubernetes
1 9 (24.32%) Terraform
2 2 (5.41%) Computer Emergency Response Teams
3 1 (2.70%) Computer Incident Response Team
Vendors
1 6 (16.22%) Microsoft
1 6 (16.22%) TOWER Software
1 6 (16.22%) VMware
2 5 (13.51%) Cisco
3 1 (2.70%) Carbon Black
3 1 (2.70%) Splunk
3 1 (2.70%) Trend Micro